Cyderes2mo ago

Security Engineer ll – Sentinel & Defender XDR

Bengaluru, KarnatakaFull-Timemid

EngineeringSecuritySecurity Engineer

0 views0 saves0 applied

Apply Now

Quick Summary

Overview

We help the world Be Everyday Ready™ Today’s threatscape is relentless. So are we. At Cyderes, we specialize in building practical IAM, exposure management, and risk programs, and stopping active threats fast with MDR that works with your existing security tools — all augmented by AI and driven…

Technical Tools

azurepythoncybersecuritylinuxnetworkingrest-apis

We help the world Be Everyday Ready™

Today’s threatscape is relentless. So are we. At Cyderes, we specialize in building practical IAM, exposure management, and risk programs, and stopping active threats fast with MDR that works with your existing security tools — all augmented by AI and driven by seasoned operators. Our tireless global team is laser-focused on cybersecurity, arming organizations with the people, platforms, and perspectives they need to conquer whatever tomorrow throws their way.

About the Role

~1 min read

Support intake process including coverage for Eastern Standard Time business hours

Administer and maintain Microsoft Sentinel and Defender XDR environments across managed clients

Perform health monitoring of:

Log ingestion pipelines

Data connector status

Automation strategies

Analytics rule performance

Monitor ingestion volumes and support cost optimization projects

Help with tenant standardisation across multi-client MSSP environments

Onboard new data sources into Microsoft Sentinel following established SOPs:

Validate connectivity

Confirm correct parsing and schema normalisation

Ensure events are visible and queryable in Log Analytics

Integrate Microsoft Defender data sources:

Defender for Endpoint

Defender for Identity

Defender for Cloud Apps

Validate data integrity and entity mapping

Troubleshoot ingestion or connector issues across Azure and third-party integrations

Develop analytics rules (Scheduled, NRT, Fusion)

Create and tune detection logic using KQL

Reduce false positives through structured tuning and rule refinement

Map detections to MITRE ATT&CK framework

Improve alert fidelity and correlation between Defender XDR and Sentinel

Maintain dashboards, workbooks, and reporting artefacts

Help build reusable hunting and detection libraries

Monitor Sentinel and Defender XDR alerts

Perform Tier 2 assessment and investigation of escalated alerts

Provide clear documentation and escalation to MDR/SOC teams

Support cause investigations for platform or telemetry issues

Help with containment automation where applicable

Maintain Azure Logic App guides

Automate response actions such as:

Device isolation

User disablement

IP blocking

Ticket creation

Follow change management processes for configuration updates

Test changes in lower environments when applicable

Contribute to:

Runbooks

Standard operating procedures

Onboarding checklists

Detection documentation

Document false positives and data quality issues

Provide tuning feedback to senior engineers and architecture teams

Stay current on Microsoft security roadmap changes

Participate in internal training and knowledge-sharing sessions

Diploma or Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or related field (or equivalent experience)

Experience

3–5 years of experience in IT security, SOC, or security engineering roles

Minimum 2 years hands-on experience with Microsoft Sentinel

Experience with Microsoft Defender XDR suite

Experience in MSSP or customer-facing environments

Exposure to multi-tenant environments (Azure Lighthouse preferred)

Working knowledge of:

Microsoft Sentinel

Microsoft Defender XDR

Azure Log Analytics

Proficiency in KQL

Understanding of:

Windows & Linux logs

Azure AD / Entra ID

Networking fundamentals (TCP/IP, ports, firewalls, or proxies)

Authentication and authorization models

Experience with:

Azure Logic Apps

REST APIs

PowerShell or Python scripting

Understanding of MITRE ATT&CK framework

Familiarity with MDR operational workflows

SC-200 (Microsoft Security Operations Analyst)

AZ-500 (Azure Security Engineer)

SC-100 (Cybersecurity Architect)

Security+

Relevant Microsoft Defender certifications

Document investigations and platform changes thoroughly

Customer-focused mindset

Balance operational and engineering responsibilities

Location & Eligibility

Where is the job

—

Location terms not specified

Who can apply

Same as job location

Listed under

India

Listing Details

Posted: February 25, 2026
First seen: March 26, 2026
Last seen: May 8, 2026

Posting Health

Days active: 43
Repost count: 0
Trust Level: 33%
Scored at: May 8, 2026

Signal breakdown

freshnesssource trustcontent trustemployer trust

Apply for this position

Cyderes

lever

Cyderes is a leading global provider specializing in full life-cycle cybersecurity services, helping organizations manage risk and respond to threats effectively.

Employees

350

Founded

2017

Domain

Jobs

External application · ~5 min on Cyderes's site

Please let Cyderes know you found this job on Jobera.