Paramount Computer System
Job Summary
We are seeking an experienced Senior Security Engineer – Microsoft Sentinel with deep expertise in SIEM/SOAR deployment, migration, and advanced security engineering. The ideal candidate will play a critical role in designing, implementing, and optimizing Microsoft Sentinel solutions, including custom integrations, automation, and AI-assisted security operations.

Key Responsibilities
    • Lead end-to-end deployment and migration of SIEM solutions to Microsoft Sentinel
    • Design, implement, and optimize SIEM and SOAR architectures within Microsoft Sentinel
    • Develop complex custom detection rules using advanced KQL (Kusto Query Language)
    • Build and maintain custom SOAR automation workflows using Logic Apps
    • Develop Codeless Connector Framework (CCF) solutions for integrating custom data sources and applications
    • Integrate SAP systems with Microsoft Sentinel and design custom detection use cases
    • Leverage Microsoft Security Copilot / GitHub Copilot for AI-assisted content creation during migration and optimization
    • Implement data ingestion pipelines using tools such as Logstash, NXLog, or similar technologies
    • Integrate logs into Microsoft Sentinel Data Lake for centralized analysis
    • Develop integrations for custom applications (e.g., Oracle Fusion) using APIs and Logic Apps
    • Create and manage Azure Function Apps for advanced data integration scenarios
    • Design and implement ASIM (Advanced Security Information Model) parsers
    • Continuously improve detection coverage, automation, and response capabilities

Required Skills & Qualifications
    • Strong hands-on experience with Microsoft Sentinel SIEM and SOAR
    • Proven experience in SIEM deployment and migration to Microsoft Sentinel
    • Advanced proficiency in KQL (Kusto Query Language) for detection engineering
    • Experience in building custom connectors and ingestion pipelines
    • Expertise in Logic Apps, Azure Functions, and API integrations
    • Hands-on experience with Logstash, NXLog, or equivalent data ingestion tools
    • Experience integrating enterprise applications (SAP, Oracle Fusion, etc.) with SIEM platforms
    • Strong understanding of ASIM architecture and parser development
    • Familiarity with Microsoft Security Copilot and Generative AI capabilities
    • Experience working with Microsoft Sentinel Data Lake and data architecture

Preferred Qualifications
    • Experience with cloud security (Azure Security stack)
    • Knowledge of threat detection, incident response, and security operations
    • Relevant certifications such as:
    • Microsoft Certified: Security Operations Analyst (SC-200)
    • Microsoft Certified: Azure Security Engineer (AZ-500)
View all job openings