Cyderes1mo ago

Senior Security Engineer, Managed Microsoft Sentinel

India·BangaloreFull-Timemid

EngineeringSecurityOtherSecurity Engineer

5 views0 saves0 applied

Apply Now

Quick Summary

Overview

Who We Are We help the world Be Everyday Ready™ Today’s threatscape is relentless. So are we. At Cyderes, we specialize in building practical IAM, exposure management, and risk programs,

Technical Tools

azurepythoncybersecuritylinuxnetworkingrest-apis

Who We Are

We help the world Be Everyday Ready™

Today’s threatscape is relentless. So are we. At Cyderes, we specialize in building practical IAM, exposure management, and risk programs, and stopping active threats fast with MDR that works with your existing security tools — all augmented by AI and driven by seasoned operators. Our tireless global team is laser-focused on cybersecurity, arming organizations with the people, platforms, and perspectives they need to conquer whatever tomorrow throws their way.

🏆 Great Place to Work® Certified™ | United States · Canada · United Kingdom · India

About the Role

~1 min read

Be a subject matter expert (SME) for Microsoft Sentinel and Microsoft Defender XDR across managed clients

Lead the intake process and platform readiness during Eastern Standard Time business hours

Lead administration and lifecycle management of:

Microsoft Sentinel

Microsoft Defender XDR suite

Oversee and improve platform health monitoring, including:

Log ingestion pipelines and data normalisation

Data connector stability and performance

Automation strategies and SOAR workflows

Analytics rule efficiency and alert reliability

Analyse ingestion trends and lead cost optimization strategies across multi-tenant environments

Create tenant standardisation, configuration baselines, and best practices across MSSP deployments

Be an escalation point for complex platform or telemetry issues

Onboard new data sources into Microsoft Sentinel following established SOPs:

Validate connectivity

Confirm correct parsing and schema normalisation

Ensure events are visible and queryable in Log Analytics

Integrate Microsoft Defender data sources:

Defender for Endpoint

Defender for Identity

Defender for Cloud Apps

Validate data integrity and entity mapping

Troubleshoot ingestion or connector issues across Azure and third-party integrations

Lead onboarding of new and complex data sources into Microsoft Sentinel

Design and evolve standard operating procedures (SOPs) for data onboarding

Ensure:

Reliable connectivity

Accurate parsing and schema normalisation

Entity mapping and enrichment

End-to-end data visibility in Log Analytics

Oversee integration strategy for Microsoft Defender data sources:

Defender for Endpoint

Defender for Identity

Defender for Cloud Apps

Troubleshoot and resolve advanced ingestion, schema, or connector issues across Azure and third-party platforms

Advise on architectural decisions related to telemetry quality and coverage

Design advanced analytics rules, including:

Scheduled

Near-Real-Time (NRT)

Fusion and correlation-based detections

Lead development and optimization of complex KQL-based detection logic

Manage false-positive reduction projects through structured tuning, suppression, and enrichment

Ensure MITRE ATT&CK mapping and detection coverage analysis

Improve cross-platform correlation between Microsoft Defender XDR and Sentinel• Design:

Workbooks and dashboards for operational and executive visibility

Reusable detection and threat hunting libraries

Review and provide feedback on detection logic authored by junior engineers

Architect, maintain advanced Azure Logic App strategies

Design end-to-end automation for:

Device isolation

Account disablement or remediation

IP and domain blocking

Case and ticket orchestration

Integrate REST APIs and external systems where required

Enforce change management and version control standards

Validate automation through testing in non-production environments

Identify opportunities to reduce analyst workload through automation

Leadership, Documentation & Continuous Improvement

Be an technical mentor to Security Engineer I/II team members

Lead or contribute to:

Runbooks

SOPs

Detection documentation

Platform onboarding standards

Document complex investigations, detection logic, and platform decisions

Provide strategic tuning and architecture feedback to senior engineering and security leadership

Stay current with Microsoft security roadmap changes and new threat trends

Participate in internal training sessions and contribute to knowledge-sharing projects

Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or related field (or equivalent

5–8 years of experience in security engineering, SOC, or security operations roles

3+ years hands-on experience with Microsoft Sentinel

Deep experience with the Microsoft Defender XDR suite

Experience operating in MSSP or customer-facing environments

Hands-on exposure to multi-tenant security operations (Azure Lighthouse)

Demonstrated experience leading security engineering projects

Working knowledge of:

Microsoft Sentinel

Microsoft Defender XDR

Azure Log Analytics• Advanced Proficiency in KQL

Experience with:

Windows & Linux logs

Azure AD / Entra ID

Networking fundamentals (TCP/IP, ports, firewalls, or proxies)

Authentication and authorization models

Hands-on experience with:

Azure Logic Apps

REST APIs

PowerShell or Python scripting

Experience with the MITRE ATT&CK framework

Familiarity with MDR and SOC operational workflows

Translate security telemetry into applicable detections

SC-200 (Microsoft Security Operations Analyst)

AZ-500 (Azure Security Engineer)

SC-100 (Cybersecurity Architect)

CompTIA Security+

Relevant Microsoft Defender certifications

Document investigations and platform changes thoroughly

Customer-focused mindset and risk-driven approach

Comfortable balancing hands-on engineering with strategic ownership.

#LI-Hybrid

This is a hybrid remote/in-office role.

Benefits that go beyond the basics, we support our people so they can do their best work.

✔ Medical Insurance - Employee + dependents covered

✔ Life Insurance - Protection for what matters most

✔ Retirement Match Program - We invest in your future

✔ Hybrid Work Model - 2–3 days in office

✔ Maternity & Paternity Leave - Time for the moments that matter

✔ Paid Time Off - PTO + sick & casual leave

✔ Bereavement & Volunteer Time - Give back to your community

✔ Professional Development - Reimbursement program

✔ LinkedIn L&D Platform - Thousands of courses at your fingertips

✔ Mobile Phone Reimbursement - Stay connected, on us

Cyderes is an Equal Opportunity Employer (EOE). Qualified applicants are considered for employment without regard to race, religion, color, sex, age, disability, sexual orientation, genetic information, national origin, or veteran status.

Note: This job posting is intended for direct applicants only. We request that outside recruiters do not contact us regarding this position.

Location & Eligibility

Where is the job

Bangalore, India

Hybrid — some on-site time required

Who can apply

Listed under

Worldwide

Listing Details

Posted: April 15, 2026
First seen: April 15, 2026
Last seen: May 24, 2026

Posting Health

Days active: 39
Repost count: 0
Trust Level: 33%
Scored at: May 25, 2026

Signal breakdown

freshnesssource trustcontent trustemployer trust

Apply for this position

Cyderes

lever

Cyderes is a leading global provider specializing in full life-cycle cybersecurity services, helping organizations manage risk and respond to threats effectively.

Employees

350

Founded

2017

Domain

Jobs

External application · ~5 min on Cyderes's site

Please let Cyderes know you found this job on Jobera.