Back to search
Qualifications:
- Active Public Trust clearance
- B.S. Computer Science, Information Technology, or a related field
- 6+ years of Security Engineering experience
- Experience with Microsoft Sentinel and SIEM platforms
- Strong knowledge of log management, ingestion, and normalization
- Experience with KQL (Kusto Query Language)
- Familiarity with NIST SP 800-53, 800-92, 800-61
- Experience with cloud log sources (AWS, Azure)
- Understanding of security monitoring and incident response
- Relevant certifications (CISSP, GCIA, GCIH, or Microsoft Security certs)
- Preferred certifications include but are not limited to
- GCIA, GCIH, CISSP, CEH, or equivalent cybersecurity certifications
- Microsoft Sentinel or Microsoft security platform certifications
- Relevant cloud security certifications (e.g., AWS security)
- Privacy certifications (e.g., CIPP/US, CIPM) where applicable
Duties:
- Manage log ingestion, normalization, and monitoring within Microsoft Sentinel
- Ensure integrity, availability, and confidentiality of log data across environments
- Develop and maintain detection rules, correlation logic, and SIEM analytics
- Monitor ingestion pipelines and resolve gaps or failures
- Support incident response, threat hunting, and forensic investigations
- Provide log reporting, dashboards, and audit-ready documentation
- Maintain log retention policies and lifecycle management
- Coordinate with stakeholders to onboard new log sources
- Ensure compliance with NIST standards and federal requirements
Learn more about this Employer on their Career Site
