SOC Analyst (Sentinel Expert)

We’re seeking a Microsoft Sentinel Implementation Engineer to design, deploy, and optimize Microsoft Sentinel and Defender-based SOC environments. This role supports SOC operations by enabling efficient log ingestion, developing analytic rules, and automating detections across cloud and on-prem sources.

Key Responsibilities :

6-8 years of experience in administering and optimizing Microsoft Sentinel (connectors, analytic rules, workbooks, playbooks).

Integrate and normalize log data from Defender, firewalls, M365, and third-party tools.

Build KQL queries , correlation rules, and SOAR automation (Logic Apps).

Optimize data ingestion and storage for performance and cost efficiency.

Collaborate with SOC teams to enhance detection coverage and reduce alert fatigue.

Maintain and fine-tune Microsoft Defender XDR integrations with Sentinel.

Preferred Skills & Certifications :

Strong KQL and PowerShell skills; familiarity with Azure Monitor, AMA, and security APIs.

Certifications : SC-200 , AZ-500 , or SC-100 preferred.