Software Security Engineer 2

Job Description

With Azure Sentinel , Microsoft is redefining SIEM (Security Information and Event Management) for the cloud era. It leverages cutting-edge cloud technology, big data, machine learning and AI to empower Security Operations Centers to defend against increasingly sophisticated and rapidly evolving cyberthreats.Our team is growing and we re looking for a passionate Security Engineer to join us in our journey. This position is a unique opportunity to be part of a world class team, building one of the most exciting products in the cybersecurity space from the ground up.We are looking for a passionate security engineer that will be part of a new team that will focus on building, enhancing, and supporting integrations and solutions on top of the Azure Sentinel platform - at scale. Building Azure Sentinel s solutions include creating configuration-based integrations with other products to ingest data into Azure Sentinel, defining schemas, authoring new detections, building interactive dashboards, and automation workflows, that help SOC analysts identify and respond to cyber threats.If you are passionate about finding creative ways to leverage new technologies, customer obsessed and want to be part of a growing team and inspire others in this journey, then this is the role for you.We are a global team that has a strong drive for results and believes that effective collaboration is how we all achieve more. This role requires cross-team and cross-geo collaboration. The ideal candidate should have a demonstrated track record of cross-team, partner and customer engagement.As part of this role, you will

• Research, build and support integrations between Azure Sentinel and other products and solutions by leveraging and applying technologies built for Azure Sentinel.
• Build insights, detections, interactive dashboards, and automation workflows.
• Build automation tools to validate and publish solutions built by partners.
• Be responsible for building, testing and deploying E2E solutions and supporting them.
• Provide support and maintenance of the team s scenarios, including automation - while working with the support team upon customers tickets.
• Work closely with product management, partner with other engineering teams, security experts, data scientists, to collaborate and integrate with additional capabilities in Azure Sentinel.

, Basic Qualifications:

• 4+ years of experience in administration or building SIEM products like Azure Sentinel, ArcSight, Splunk or QRadar
• Experience in creating data connectors as a part of Data Ingestion domain
• 2+ years of experience in scripting Python or PowerShell
• Good cross team, cross geolocation collaboration skills

Preferred Qualifications:

• Experience in creating analytic rules, incidents, playbooks, notebooks, workbooks, threat hunting and KQL queries within Azure Sentinel or similar experience in other SIEM solutions
• Creation of data normalization and parsing capabilities within Log Analytics workspace.
• Scripting experience in PowerShell or Python or software development experience
• Intermediate knowledge of Azure Functions or AWS Lambda
• Development of SIEM and SOAR use cases
• Building content on top of Log Management/SIEM is a major advantage.
• Experience in Query language such as SQL or KQL (Kusto Query Language)
• Familiarity with GitHub, Jenkins and CI/CD pipelines
• Certifications like Microsoft Azure Security Technologies (AZ-500), Azure Security Operations Analyst (SC-200) or Developing Solutions for Microsoft Azure (AZ-204)
• Experience in Microsoft Azure technologies or other clouds
• Proven record of supporting customers, being customer obsessed and data-driven
• Ability to collaborate with different teams and disciplines.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form .Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.

Keyskills :
automation toolsuse casessqlsecurity operationslocation based marketingawse2enetworkingsiemsocfirewallidsmicrosoft azurebig datasoftware developmentpenetration testingmachine learning