Need SIEM Cyber Security Engineer - Remote jobs in United States
cer-icon
Apply on Employer Site
company-logo

Jobs via Dice ยท 15 hours ago

Need SIEM Cyber Security Engineer - Remote

positionUnited States
timeFull-time
remoteRemote
seniorityMid, Senior Level

Dice is the leading career destination for tech experts at every stage of their careers. Our client, Radiantze, is seeking a SIEM Cyber Security Engineer responsible for developing and deploying automation playbooks, analytics content, and custom data connectors while collaborating with cross-functional teams to enhance security operations.

Computer Software

Responsibilities

Designs, develops, tests, and deploys Sentinel SOAR automation playbooks using Azure Logic Apps, Azure Functions, ARM templates, and REST APIs
Creates automated workflows for alert enrichment, triage, response actions, notification processes, and case management
Integrates Sentinel with third-party systems (EDR, IAM, ticketing systems, email gateways, firewalls, etc.) to automate security operations
Develops custom UEBA detection rules, anomaly models, ML-based behavior patterns, and advanced hunting queries (KQL)
Builds and maintains analytics content, data parsers, normalization rules, and entity behavior profiles
Evaluates behavioral anomalies and collaborates with cybersecurity teams to fine-tune detection logic
Designs and implements custom data connectors, ingestion pipelines, and data transformation logic
Creates dashboards, workbooks, hunting queries, and detection-as-code assets
Performs platform tuning to improve performance, reduce noise, and align to MITRE ATT&CK and Zero Trust principles
Develops supporting code modules, scripts, microservices, and helper APIs using Python, PowerShell, .NET, or similar languages
Works with DevOps pipelines, CI/CD processes, version control, and infrastructure-as-code where applicable
Writes technical design documents, SOPs, architecture diagrams, and automation runbooks
Collaborates with DSHS, HHSC CISO Office, and cross-functional stakeholders on requirements, testing, and deployment
Provides Tier III support for Sentinel engineering issues and participates in after-action reviews when needed

Qualification

Microsoft Sentinel SOARUEBA detection rulesAzure cloud servicesProgramming languagesCI/CD pipelinesAPI integrationsAnalytical skillsTechnical documentationCollaboration skills

Required

Designs, develops, tests, and deploys Sentinel SOAR automation playbooks using Azure Logic Apps, Azure Functions, ARM templates, and REST APIs
Creates automated workflows for alert enrichment, triage, response actions, notification processes, and case management
Integrates Sentinel with third-party systems (EDR, IAM, ticketing systems, email gateways, firewalls, etc.) to automate security operations
Develops custom UEBA detection rules, anomaly models, ML-based behavior patterns, and advanced hunting queries (KQL)
Builds and maintains analytics content, data parsers, normalization rules, and entity behavior profiles
Evaluates behavioral anomalies and collaborates with cybersecurity teams to fine-tune detection logic
Designs and implements custom data connectors, ingestion pipelines, and data transformation logic
Creates dashboards, workbooks, hunting queries, and detection-as-code assets
Performs platform tuning to improve performance, reduce noise, and align to MITRE ATT&CK and Zero Trust principles
Develops supporting code modules, scripts, microservices, and helper APIs using Python, PowerShell, .NET, or similar languages
Works with DevOps pipelines, CI/CD processes, version control, and infrastructure-as-code where applicable
Writes technical design documents, SOPs, architecture diagrams, and automation runbooks
Collaborates with DSHS, HHSC CISO Office, and cross-functional stakeholders on requirements, testing, and deployment
Provides Tier III support for Sentinel engineering issues and participates in after-action reviews when needed
Knowledge of Microsoft Sentinel architecture, SOAR, and UEBA capabilities
Knowledge of Azure cloud services, Logic Apps, Azure Functions, Event Hubs, Key Vault, and Azure AD
Knowledge of security operations processes (triage, threat detection, incident response, threat modeling)
Knowledge of MITRE ATT&CK, NIST CSF, Zero Trust Architecture concepts
Knowledge of programming and scripting languages (Python, PowerShell, KQL, C#, JavaScript, or equivalent)
Knowledge of CI/CD pipelines, DevOps practices, and Git-based version control
Knowledge of API integrations and JSON/YAML structures
Skills in building Logic App workflows and custom Sentinel automation playbooks
Skills in writing complex KQL queries for analytics, hunting, and behavioral detection
Skills in developing custom connectors, data maps, and parsers
Skills in designing and optimizing UEBA detection models
Skills in debugging SOAR workflows and resolving integration issues
Skills in communicating technical information clearly to both technical and non-technical audiences
Ability to work independently and take ownership of complex development tasks
Ability to translate security requirements into scalable technical solutions
Ability to analyze threat behaviors and develop meaningful detections
Ability to work collaboratively with cybersecurity, infrastructure, and application teams
Ability to manage multiple work assignments and meet deadlines

Company

Jobs via Dice

twitter
company-logo
Welcome to Jobs via Dice, the go-to destination for discovering the tech jobs you want.
people-size0-1 employees
web-link
https://www.dice.com

Funding

Current Stage
Early Stage
Company data provided by crunchbase