Who We Are
We help the world Be Everyday Ready™
Today’s threatscape is relentless. So are we. At Cyderes, we specialize in building practical IAM, exposure management, and risk programs, and stopping active threats fast with MDR that works with your existing security tools — all augmented by AI and driven by seasoned operators. Our tireless global team is laser-focused on cybersecurity, arming organizations with the people, platforms, and perspectives they need to conquer whatever tomorrow throws their way.
🏆 Great Place to Work® Certified™ | United States · Canada · United Kingdom · India
About the Job:
The Senior Security Engineer – Microsoft Sentinel & Defender XDR is a senior technical authority within Cyderes' Managed Sentinel SIEM and MDR services. You will manage and contribute in advancing detection, platform reliability, and security automation for managed clients.
Beyond daily platform operations, the Senior Security Engineer leads advanced detection engineering, Create optimization and standardisation efforts, and serve as an escalation point for complex ingestion, telemetry, and investigation challenges. This role partners with MDR, SOC, architecture, and customer team members to ensure Microsoft Sentinel and Defender XDR implementations are, cost-effective, and in consideration of real-
world threat activity.
As a trusted technical advisor, you influence platform strategy, mentor junior engineers, and help shape service evolution by identifying gaps, improving alert fidelity, and ensuring scalable automation. You will represent the Cyderes brand through technical leadership, and delivery excellence that meets client expectations.
You will be reporting to Senior Manager, Managed Platforms.
Responsibilities:
Security Platform Engineering & Administration
Be a subject matter expert (SME) for Microsoft Sentinel and Microsoft Defender XDR across managed clients
Lead the intake process and platform readiness during Eastern Standard Time business hours
Lead administration and lifecycle management of:
Microsoft Sentinel
Microsoft Defender XDR suite
Oversee and improve platform health monitoring, including:
Log ingestion pipelines and data normalisation
Data connector stability and performance
Automation strategies and SOAR workflows
Analytics rule efficiency and alert reliability
Analyse ingestion trends and lead cost optimization strategies across multi-tenant environments
Guide tenant standardisation, configuration baselines, and best practices across MSSP deployments
Be an escalation point for complex platform or telemetry issues
Log Source Onboarding & Integration
Onboard new data sources into Microsoft Sentinel following established SOPs:
Validate connectivity
Confirm correct parsing and schema normalisation
Ensure events are visible and queryable in Log Analytics
Integrate Microsoft Defender data sources:
Defender for Endpoint
Defender for Identity
Defender for Cloud Apps
Validate data integrity and entity mapping
Troubleshoot ingestion or connector issues across Azure and third-party integrations
Lead onboarding of new and complex data sources into Microsoft Sentinel
Design and evolve standard operating procedures (SOPs) for data onboarding
Ensure: Reliable connectivity
Accurate parsing and schema normalisation
Entity mapping and enrichment
End-to-end data visibility in Log Analytics
Manage integration strategy for Microsoft Defender data sources:
Defender for Endpoint
Defender for Identity
Defender for Cloud Apps
Troubleshoot and resolve advanced ingestion, schema, or connector issues across Azure and third-party platforms
Advise on architectural decisions related to telemetry quality and coverage
Detection Engineering & Use Case Development
Design advanced analytics rules, including:
Scheduled
Near-Real-Time (NRT)
Fusion and correlation-based detections
Lead development and optimization of complex KQL-based detection logic
Oversee false-positive reduction projects through structured tuning, suppression, and enrichment
Ensure MITRE ATT&CK mapping and detection coverage analysis
Improve cross-platform correlation between Microsoft Defender XDR and Sentinel• Design:
Workbooks and dashboards for operational and executive visibility
Reusable detection and threat hunting libraries
Review and provide feedback on detection logic authored by junior engineers
Automation & SOAR Engineering
Architect, maintain advanced Azure Logic App strategies
Design end-to-end automation for:
Device isolation
Account disablement or remediation
IP and domain blocking
Case and ticket orchestration
Integrate REST APIs and external systems where required
Enforce change management and version control standards
Validate automation through testing in non-production environments
Identify opportunities to reduce analyst workload through automation
Leadership, Documentation & Continuous Improvement
Be a technical mentor to Security Engineer I/II team members
Lead or contribute to:
Runbooks
SOPs
Detection documentation
Platform onboarding standards
Document complex investigations, detection logic, and platform decisions
Provide strategic tuning and architecture feedback to senior engineering and security leadership
Stay current with Microsoft security roadmap changes and new threat trends
Participate in internal training sessions and contribute to knowledge-sharing projects
Requirements
Education experience
Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or related field (or equivalent
Experience
5–8 years of experience in security engineering, SOC, or security operations roles
3+ years hands-on experience with Microsoft Sentinel
Deep experience with the Microsoft Defender XDR suite
Experience operating in MSSP or customer-facing environments
Hands-on exposure to multi-tenant security operations (Azure Lighthouse)
Demonstrated experience leading security engineering projects
Technical Skills
Working knowledge of:
o Microsoft Sentinel
o Microsoft Defender XDR
o Azure Log Analytics• Advanced Proficiency in KQL
Experience with:
o Windows & Linux logs
o Azure AD / Entra ID
o Networking fundamentals (TCP/IP, ports, firewalls, or proxies)
o Authentication and authorization models
Hands-on experience with:
o Azure Logic Apps
o REST APIs
o PowerShell or Python scripting
Experience with the MITRE ATT&CK framework
Familiarity with MDR and SOC operational workflows
Translate security telemetry into applicable detections
Certifications
SC-200 (Microsoft Security Operations Analyst)
AZ-500 (Azure Security Engineer)
SC-100 (Cybersecurity Architect)
CompTIA Security+
Relevant Microsoft Defender certifications
Soft Skills
Document investigations and platform changes thoroughly
Customer-focused mindset and risk-driven approach
Comfortable balancing hands-on engineering with strategic ownership
Principal Product Manager, Industrial AI - Platform & Ecosystemaugury · Bengaluru, India
Sales Account ExecutiveBurjline Builders · Bengaluru, India