Cyber security engineer (microsoft sentinel)

Overview

Join our dynamic cybersecurity team as a Cyber Security Engineer specializing in Microsoft Sentinel, a leading cloud-native security information and event management (SIEM) platform. In this role, you will be at the forefront of safeguarding our IT infrastructure by designing, implementing, and managing advanced security solutions. Your expertise will help detect, analyze, and respond to security threats across diverse environments, ensuring the integrity and confidentiality of critical data. This position offers an exciting opportunity to leverage cutting-edge technologies, including cloud computing platforms like AWS and Azure, while adhering to industry standards such as NIST, ISO 27000 series, and FedRAMP. Your proactive approach will contribute significantly to our organization’s cybersecurity resilience and compliance.

Duties

• Develop and implement comprehensive security monitoring strategies utilizing Microsoft Sentinel to detect potential threats and vulnerabilities in real-time.

• Configure and manage SIEM tools alongside other network security solutions such as firewalls (Cisco ASA), IDS/IPS systems, VPNs, and network protocols to ensure robust threat detection.

• Conduct vulnerability assessments and vulnerability research across IT infrastructure components including LAN/WAN networks, servers (Debian, CentOS, Ubuntu), SAN storage, and cloud environments like AWS and Azure.

• Perform incident response activities by analyzing log data through tools like Splunk or Solar

Winds, coordinating incident recovery efforts, and documenting system security plans aligned with ISO 27000 standards.

• Manage identity & access management systems using LDAP, Active Directory, SSO protocols, and Cisco ISE to enforce strict authentication policies.

• Support system hardening initiatives on operating systems such as Windows, Linux (including openSUSE), macOS, and UNIX variants by applying best practices for system security plans and system administration.

• Collaborate with cross-functional teams employing Agile methodologies to enhance network architecture, implement load balancing solutions like F5 or NGINX, and support disaster recovery planning for high availability environments.

Experience

• Proven experience in cybersecurity roles with a focus on threat detection & response within enterprise environments.

• Strong knowledge of computer networking concepts including TCP/IP, routing protocols (OSPF, BGP), VLANs, DHCP, DNS, IPsec VPNs, Ethernet switching, and network architecture design.

• Hands-on expertise with SIEM platforms such as Splunk or Solar

Winds; familiarity with log analysis techniques for threat intelligence insights.

• Demonstrated ability to perform vulnerability management through vulnerability assessment tools and research methodologies aligned with industry standards like NIST or ISO 27000 series.

• Experience working with cloud computing platforms including AWS or Azure; understanding of cloud architecture principles such as IaaS/PaaS models and virtualization technologies like VMware v

Sphere or Citrix.

• Knowledge of scripting languages such as Python or Bash for automation of security tasks; familiarity with Dev

Ops practices including CI/CD pipelines using tools like Terraform or Ansible is a plus.

• Educational background in computer science or information security; relevant certifications such as CISSP, CEH, CompTIA Security+, or Microsoft Certified: Security Operations Analyst are highly desirable. Embark on a rewarding journey where your cybersecurity expertise will protect vital digital assets while advancing your career in a fast-paced tech environment!

Job Types: Full-time, Permanent

Pay: $116,042.65 - $139,750.28 per year

Benefits:

• 401(k)

• 401(k) matching

• Dental insurance

• Flexible schedule

• Health insurance

• Life insurance

• Paid time off

• Vision insurance

Work Location: Hybrid remote in Washington, DC 20426