Senior Microsoft Sentinel Engineer

Make a difference here.

UltraViolet Cyber is a leading platform-enabled unified security operations company providing a comprehensive suite of security operations solutions. Founded and operated by security practitioners with decades of experience, the UltraViolet Cyber security-as-code platform combines technology innovation and human expertise to make advanced real-time cybersecurity accessible for all organizations by eliminating risks of separate red and blue teams.

By creating continuously optimized identification, detection, and resilience from today’s dynamic threat landscape, UltraViolet Cyber provides both managed and custom-tailored unified security operations solutions to the Fortune 500, Federal Government, and Commercial clients. UltraViolet Cyber is headquartered in McLean, Virginia, with global offices across the U.S. and in India. 

We are seeking a talented and highly motivated Microsoft Sentinel SIEM Engineer to join our Dedicated Defense group. As a key member of our team, you will be responsible for deploying and maintaining Microsoft Security technologies to enhance threat detection, response, and overall security posture. This is an exciting opportunity for an individual with expertise in major SIEM technologies, aiming to help safeguard critical systems and data from evolving cyber threats. 

What You'll Do:

• Architect, deploy, and maintain Microsoft Sentinel for SIEM use cases including log ingestion, data normalization, and incident correlation.
• Manage and optimize Microsoft Defender for Endpoint, Identity, Cloud, M65, and other Defender tools to maximize protection and visibility.
• Develop custom queries, detection rules, workbooks, and automation playbooks to improve threat detection and response efficiency.
• Lead the design and implementation of security monitoring, including data connectors, analytics rules, and incident automation.
• Collaborate with threat analysts and incident response teams to triage, investigate,and respond to security alerts and incidents.
• Provide technical guidance in security best practices, incident response procedures, and threat hunting using Microsoft security tools.
• Continuously assess the security landscape and recommend improvements to policies, tools, and configurations.
• In addition to strong technical acumen, the ideal candidate will bring excellent communication and client-facing skills to collaborate directly with customers, understand their security needs, and deliver tailored solutions that align with their risk posture and compliance requirements.

What You've Done:

• 10 years of SIEM experience in Splunk, Qradar, Microsoft, and comparable SIEMS • Hands-on experience with other SIEM platforms (Splunk, IBM QRadar, Microsoft Sentinel, etc.) and integrating them with endpoint security tools.
• Strong understanding of cybersecurity principles, threat detection, and SIEM management.
• Experience working with Sentinel One Core EDR technology • Proficiency in scripting and automation (Python, PowerShell, etc.).
• Experience with cloud security (AWS, Azure, GCP) and cloud-native SIEM solutions is a plus.
• Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent experience). 
• 10+ years of experience in cybersecurity in a SOC or security engineering capacity.
• Proven hands-on expertise with Microsoft Sentinel and Microsoft Defender suite.
• Deep knowledge of Kusto Query Language (KQL) and building custom analytics rules and workbooks in Sentinel.
• Strong experience in customer-facing roles.
• Experience with incident response, threat detection, and threat hunting techniques.
• Strong understanding of cloud security, especially in Azure environments.
• Familiarity with MITRE ATT&CK, NIST, and other security frameworks.
• Experience integrating Sentinel with third-party solutions (e.g., threat intel feeds, ticketing systems).

What We Offer:

• 401(k), including an employer match of 100% of the first 3% contributed and 50% of the next 2% contributed  
• Medical, Dental, and Vision Insurance (available on the 1st day of the month following your first day of employment)  
• Group Term Life, Short-Term Disability, Long-Term Disability  
• Voluntary Life, Hospital Indemnity, Accident, and/or Critical Illness  
• Participation in the Discretionary Time Off (DTO) Program  
• 11 Paid Holidays Annually 

We sincerely thank all applicants in advance for submitting their interest in this position. We know your time is valuable.

UltraViolet Cyber welcomes and encourages diversity in the workplace regardless of race, gender, religion, age, sexual orientation, gender identity, disability, or veteran status. 

If you want to make an impact, UltraViolet Cyber is the place for you!