SIEM Security Engineer

Job description

Job Description We are looking for a SIEM Security Engineer to join our global Security Operations team and take ownership of our Microsoft Sentinel platform, with a strong focus on log ingestion, data engineering, detection engineering, and platform optimization using Azure Data Explorer (ADX) and Cribl. This role is key to enabling scalable security monitoring, high‑fidelity detections, and efficient incident response across a complex enterprise environment. You will work closely with SOC analysts, Cloud, Endpoint, Identity, and Network teams to ensure security telemetry is reliable, normalized, enriched, and actionable. Qualifications: - Design, deploy, administer, and continuously improve Microsoft Sentinel in a multi‑subscription, enterprise Azure environment - Develop, tune, and maintain analytics rules, scheduled queries, NRT detections, workbooks, and dashboards using KQL - Optimize alert quality by reducing false positives and improving signal‑to‑noise ratio - Implement detections aligned with MITRE ATT&CK and threat intelligence use cases - Support SOC investigations by providing advanced log analysis and hunting queries - Design and maintain log ingestion pipelines using...