SOC Analyst (Sentinel Expert)

We’re seeking a Microsoft Sentinel Implementation Engineer to design, deploy, and optimize Microsoft Sentinel and Defender-based SOC environments. This role supports SOC operations by enabling efficient log ingestion, developing analytic rules, and automating detections across cloud and on-prem sources.

Key Responsibilities :

6-8 years of experience in administering and optimizing

Microsoft Sentinel

(connectors, analytic rules, workbooks, playbooks).

Integrate and normalize

log data

from Defender, firewalls, M365, and third-party tools.

Build

KQL queries , correlation rules, and

SOAR automation

(Logic Apps).

Optimize

data ingestion and storage

for performance and cost efficiency.

Collaborate with SOC teams to enhance

detection coverage

and reduce alert fatigue.

Maintain and fine-tune

Microsoft Defender XDR

integrations with Sentinel.

Preferred Skills & Certifications :

Strong KQL and PowerShell skills; familiarity with Azure Monitor, AMA, and security APIs.

Certifications : SC-200 ,

AZ-500 , or

SC-100

preferred.