Jobless Developer
Cyderes logo
Cyderes

Posted 2 months ago

Open

Security Engineer II, Managed Microsoft Sentinel

BengaluruOn-siteFull-time

AI Summary

Security Engineer II focuses on detection engineering, platform optimization, onboarding, and Defender XDR integration within Cyderes' Managed Sentinel SIEM and MDR services.

About this role

Who We Are
We help the world Be Everyday Ready
Today’s threatscape is relentless. So are we. At Cyderes, we specialize in building practical IAM, exposure management, and risk programs, and stopping active threats fast with MDR that works with your existing security tools — all augmented by AI and driven by seasoned operators. Our tireless global team is laser-focused on cybersecurity, arming organizations with the people, platforms, and perspectives they need to conquer whatever tomorrow throws their way.
🏆 Great Place to Work® Certified™ | United States · Canada · United Kingdom · India

About the Job:

The Security Engineer ll – Microsoft Sentinel & Defender XDR plays a critical engineering role within Cyderes' Managed Sentinel SIEM and MDR services.

You will go beyond basic platform administration. The Security Engineer ll is responsible for detection engineering, platform optimization, onboarding lifecycle execution, and Defender XDR integration. You will be a trusted technical resource to clients, ensuring you configure, improve, and improve their Microsoft security ecosystem against evolving threats.

You will represent and strengthen the Cyderes brand through collaboration, and delivery that meets client expectations.

You will report to Senior Manager, Managed Platforms.

Responsibilities:

  • Support intake process including coverage for Eastern Standard Time business hours
  • Administer and maintain Microsoft Sentinel and Defender XDR environments across managed clients
  • Perform health monitoring of:
  • Log ingestion pipelines
  • Data connector status
  • Automation strategies
  • Analytics rule performance
  • Monitor ingestion volumes and support cost optimization projects
  • Support tenant standardisation across multi-client MSSP environments
  • Onboard new data sources into Microsoft Sentinel following established SOPs:
  • Validate connectivity
  • Confirm correct parsing and schema normalisation
  • Ensure events are visible and queryable in Log Analytics
  • Integrate Microsoft Defender data sources:
  • Defender for Endpoint
  • Defender for Identity
  • Defender for Cloud Apps
  • Validate data integrity and entity mapping
  • Troubleshoot ingestion or connector issues across Azure and third-party integrations
  • Develop analytics rules (Scheduled, NRT, Fusion)
  • Create and tune detection logic using KQL
  • Reduce false positives through structured tuning and rule refinement
  • Map detections to MITRE ATT&CK framework
  • Improve alert fidelity and correlation between Defender XDR and Sentinel
  • Maintain dashboards, workbooks, and reporting artefacts
  • Help build reusable hunting and detection libraries
  • Monitor Sentinel and Defender XDR alerts
  • Perform Tier 2 assessment and investigation of escalated alerts
  • Provide clear documentation and escalation to MDR/SOC teams
  • Support cause investigations for platform or telemetry issues
  • Help with containment automation where applicable
  • Develop Azure Logic App guides
  • Automate response actions such as:
  • Device isolation
  • User disablement
  • IP blocking
  • Ticket creation
  • Follow change management processes for configuration updates
  • Test changes in lower environments when applicable
  • Contribute to:
  • Runbooks
  • Standard operating procedures
  • Onboarding checklists
  • Detection documentation
  • Stay current on Microsoft security roadmap changes

    • Participate in internal training and knowledge-sharing sessions

    Requirements

  • Diploma or Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or related field (or equivalent experience)
  • 3–5 years of experience in IT security, SOC, or security engineering roles
  • Minimum 2 years hands-on experience with Microsoft Sentinel
  • Experience with Microsoft Defender XDR suite
  • Experience in MSSP or customer-facing environments
  • Exposure to multi-tenant environments (Azure Lighthouse)
  • Working knowledge of: Microsoft Sentinel, Microsoft Defender XDR & Azure Log Analytics
  • Familiarity with MDR operational workflows
  • SC-200 (Microsoft Security Operations Analyst)
  • AZ-500 (Azure Security Engineer)

    • Skills

    Alert TuningAnalytics RulesAutomation Using Azure Logic AppsAzure LighthouseAzure Log AnalyticsDashboardsData ConnectorsDefender For Cloud AppsDefender For EndpointDefender For IdentityImporting Data SourcesIncident Response AutomationKQLLog Ingestion PipelinesMicrosoft Defender XDRMicrosoft SentinelMITRE ATT&CK MappingMobility Of Data SourcesMSSPSOC/MDR WorkflowsTrapdoors?Workbooks

    Explore related jobs

    More jobs at Cyderes

    Similar Alert Tuning jobs

    Jobs in Bengaluru

    Browse these categories

    Dashboards JobsJobs in BengaluruJobs in India