Senior SIEM Cyber Engineer

BS Degree and 5+ years of experience required; 7+ years of experience is highly preferred or Masters and 3+ years of experience required; 5+ years of experience highly preferred. 3 years technical within the past 5 years of experience performing hands-on engineering of SIEM. Proven experience with Azure Data Explorer and Kusto Query Language (KQL). Proficiency in using Kusto Query Language (KQL) for data querying and analysis. Strong scripting skills (e.g., PowerShell, Python) and proficiency in using JSON for automation purposes. Expertise in integrating various security tools and data sources with SIEM. Advanced understanding of cybersecurity principles and practices. Excellent problem-solving skills. Experience in Cloud Architecture (AWS, Azure) Commercial and Gov is preferred. Real-world experience and working knowledge of FEDRAMP, NIST 800-53 controls, System Security Plan (SSP), and CIS hardening baselines. Extensive infrastructure experience including solution design. Experience translating business requirements and objectives into IT strategy. Experience with one or more frameworks for best practice service delivery including ITIL v4 and TOGAF.

Lead the implementation, configuration, and ongoing management of Microsoft Sentinel SIEM. Integrate diverse data sources into Sentinel. Develop and fine-tune advanced detection rules and alerting mechanisms. Develop and maintain integration solutions using Azure Logic Apps. Design, develop, and maintain serverless applications using Azure Function Apps. Implement and manage incident response playbooks. Design and implement log management strategies. Develop and deploy complex automation playbooks. Create custom scripts (e.g., PowerShell, Python). Build and maintain data ingestion pipelines using Azure Data Explorer. Write, optimize, and manage complex Kusto queries. Design and implement efficient data models. Generate comprehensive security reports and dashboards. Ensure SIEM compliance with regulatory standards. Drive continuous improvement initiatives. Stay current with cybersecurity trends, tools, and practices. Mentor and guide junior SIEM engineers. Participate in the development of the organization's security strategy.