With Microsoft Sentinel, Microsoft is redefining SIEM (Security Information and Event Management) for the cloud era. It leverages cutting-edge cloud technology, big data, machine learning and AI to empower Security Operations Centers to defend against increasingly sophisticated and rapidly evolving cyberthreats.
Our team is growing and we’re looking for a passionate Software Security Engineer to join us in our journey. This position is a unique opportunity to be part of a world class team, building one of the most exciting products in the cybersecurity space from the ground up.
We are looking for a passionate Software Security Engineer that will be part of a new team that will focus on building, enhancing, and supporting integrations and solutions on top of the Azure Sentinel platform - at scale. Building Microsoft Sentinel’s solutions include creating configuration-based integrations with other products to ingest data into Azure Sentinel, defining schemas, authoring new detections, building interactive dashboards, and automating incident response workflows via SOAR playbooks that help SOC analysts identify and respond to cyber threats.
If you are passionate about finding creative ways to leverage new technologies, customer obsessed and want to be part of a growing team and inspire others in this journey, then this is the role for you.
We are a global team that has a strong drive for results and believes that effective collaboration is how we all achieve more. This role requires cross-team and cross-geo collaboration. The ideal candidate should have a demonstrated track record of cross-team and customer engagement.
- As a Software Security Engineer, you will be responsible for all aspects of Sentinel out of the box solutions including research, design, implementation, performance and quality.
- Design, develop, test, and deliver high quality Sentinel solutions that help Sentinel customers in quick investigation and remediation of incidents, data visualizations, threat hunting, and analytics
- Stay on top of SIEM and SOAR industry trends and contribute with new ideas to influence Microsoft Sentinel solutions and out of the box content.
- Work across teams in Microsoft Sentinel, Defender and in other geographies like Israel, United States to drive Sentinel solutions.
- Participate in periodic on-call rotations to handle service incidents, incident postmortem etc.
- BS or MS degree in Computer Science or related engineering discipline.
- 3+ years working in cyber security (SIEM/SOAR, Information Security, InfoSec, SecOps, Security Operations, SOC, analyst, researcher, etc.) with experience in automation of analysis, response, or forensics.
- 3+ years of hands-on software design, developing, deploying, and coding experience with any one of the programming languages such as Python, Go, C# or Java
- Hands on experience with many information security tools such as SIEMs, Firewalls, EDR, Sandboxes, Vulnerability Management, etc.
- Hands-on Experience in Rest API development and clear understanding with Rest API concepts
- Skilled working with Azure logic apps and experience in Azure logic app custom connector development
- Experience working with large data sets to answer complex questions, using tools like: SQL, KQL, U-SQL
- Hands-on experience building Azure-based services with Azure Resource Manager (ARM), ARM templates, ARM policy, IaaS, Logic apps, App services, KeyVault, Azure Active Directory (AAD) etc.
- Experience in developing Azure functions with python or any programming language
- Experience in Product research such as understanding product features, integrations
- Familiarity with SIEM / SOAR solutions such as Microsoft Sentinel, Splunk etc.
- Understanding Playbooks, Workbooks, Analytic rules, Notebooks, Azure Functions and KQL queries within Azure Sentinel or similar experience in other SIEM solutions will be a plus
- Familiarity with developer environment tools like Continuous Integration/Continuous Delivery (CI/CD), Azure DevOps, GitHub, and Agile Scrum
- Ability to collaborate with different teams and disciplines.
- Must be a quick learner and expectation to learn new tools and techniques every day.
- Excellent problem solving, analytical and debugging skills.
- Good written and verbal communication skills
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.
Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.