Microsoft Partner Manager
VersapaySalary not specified
Full Time
Senior (5 to 8 years), Expert & Leadership (9+ years)
Not SpecifiedCompensation
Senior (5 to 8 years)Experience Level
Full TimeJob Type
UnknownVisa
CybersecurityIndustries
Requirements
- 5 years of SIEM experience in Splunk, QRadar, Microsoft, and comparable SIEMs
- Hands-on experience with other SIEM platforms (Splunk, IBM QRadar, Microsoft Sentinel, etc.) and integrating them with endpoint security tools
- Strong understanding of cybersecurity principles, threat detection, and SIEM management
- Experience working with Sentinel One Core EDR technology
- Proficiency in scripting and automation (Python, PowerShell, etc.)
- Experience with cloud security (AWS, Azure, GCP) and cloud-native SIEM solutions (preferred)
- Bachelor’s degree in computer science, Information Security, or a related field (or equivalent experience)
- 5 years of experience in cybersecurity in a SOC or security engineering capacity (preferred)
- Proven hands-on expertise with Microsoft Sentinel and Microsoft Defender suite (preferred)
- Deep knowledge of Kusto Query Language (KQL) and building custom analytics rules and workbooks in Sentinel (preferred)
- Strong experience in customer-facing roles (preferred)
- Experience with incident response, threat detection, and threat hunting techniques (preferred)
- Strong understanding of cloud security, especially in Azure environments (preferred)
- Familiarity with MITRE ATT&CK, NIST, and other security frameworks (preferred)
Responsibilities
- Architect, deploy, and maintain Microsoft Sentinel for SIEM use cases including log ingestion, data normalization, and incident correlation
- Manage and optimize Microsoft Defender for Endpoint, Identity, Cloud, Office 365, and other Defender tools to maximize protection and visibility
- Develop custom queries, detection rules, workbooks, and automation playbooks to improve threat detection and response efficiency
- Lead the design and implementation of security monitoring, including data connectors, analytics rules, and incident automation
- Collaborate with threat analysts and incident response teams to triage, investigate, and respond to security alerts and incidents
- Provide technical guidance in security best practices, incident response procedures, and threat hunting using Microsoft security tools
- Continuously assess the security landscape and recommend improvements to policies, tools, and configurations
- Integrate and optimize Microsoft Sentinel to improve visibility and automate threat detection workflows
- Utilize Microsoft Sentinel AI-powered analytics to dashboard reports and automate critical reporting functions
- Develop automated detection and response playbooks based on Microsoft data feeds, streamlining incident management and reducing time to resolution
- Work closely with other security and IT teams to share threat intelligence, optimize SIEM use, and contribute to security strategy development
- Develop and maintain dashboards, reports, and documentation related to Microsoft Sentinel deployment, performance, and incident metrics
- Continuously evaluate Microsoft Sentinel capabilities and other relevant security tools to recommend improvements and refine detection capabilities
Skills
Key technologies and capabilities for this role
Questions & Answers
Common questions about this position
What salary is offered for the SIEM Engineer position?
This information is not specified in the job description.
Is this SIEM Engineer role remote or does it require office work?
This information is not specified in the job description.
What skills and experience are required for this SIEM Engineer role?
Candidates need 5 years of SIEM experience in Splunk, QRadar, Microsoft, and comparable SIEMs, plus hands-on experience with platforms like Splunk, IBM QRadar, and Microsoft Sentinel, including integration with endpoints. Strong technical acumen in Microsoft Sentinel for log ingestion, detection rules, and automation is essential, along with excellent communication and client-facing skills.
What is the team structure or work environment like for this role?
You will join the Dedicated Defense group as a key team member, collaborating with threat analysts, incident response teams, and other security and IT teams to enhance security posture and share threat intelligence.
What makes a strong candidate for the SIEM Engineer position?
A strong candidate has 5+ years of hands-on SIEM experience across Splunk, QRadar, Microsoft Sentinel, excellent communication and client-facing skills, and expertise in Microsoft security tools for threat detection and automation.
UltraViolet Cyber
Unified defensive and offensive cybersecurity solutions
About UltraViolet Cyber
UltraViolet Cyber focuses on enhancing cybersecurity for organizations by integrating both defensive and offensive security operations. Their main services include Managed Detection and Response (MDR), which provides continuous monitoring and response to cyber threats, and Penetration Testing as a Service, where they simulate cyber attacks to find and fix vulnerabilities. This company stands out from competitors by combining the expertise of Red Team (offensive) and Blue Team (defensive) professionals, ensuring that security measures are both proactive and reactive. The goal of UltraViolet Cyber is to help organizations improve their resilience against cyber threats and protect their sensitive data and infrastructure effectively.
McLean, VirginiaHeadquarters
2023Year Founded
$4MTotal Funding
SERIES_ACompany Stage
CybersecurityIndustries
201-500Employees
Benefits
Health Insurance
Dental Insurance
Vision Insurance
Life Insurance
Disability Insurance
401(k) Company Match
401(k) Retirement Plan
Unlimited Paid Time Off
Paid Holidays
Risks
Increased competition from larger firms may pressure UltraViolet Cyber's market share.
Rapid evolution of AI-driven threats may outpace current capabilities, requiring investment.
Integration challenges from the merger could lead to operational inefficiencies and dissatisfaction.
Differentiation
UltraViolet Cyber unifies defensive and offensive security operations for comprehensive threat management.
The company offers Managed Detection and Response and Penetration Testing as a Service.
Security as Code platform automates threat detection, providing a unified risk picture.
Upsides
Growing demand for cloud security solutions offers expansion opportunities for UltraViolet Cyber.
Interest in AI-driven cybersecurity tools aligns with UltraViolet Cyber's automation focus.
Rising need for advanced penetration testing services due to RaaS models benefits UltraViolet Cyber.
Related Jobs
RemoteRemoteSenior Cloud Security Architect (R-00079)
True Zero TechnologiesSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteCloud Engineer III - Next-Gen SIEM (Remote)
CrowdstrikeSalary not specified
- Full Time
- Expert & Leadership (9+ years)
RemoteSolution Architect - Modern Work - Security
RPS North AmericaSalary not specified
- Full Time
- Expert & Leadership (9+ years)
RemoteCorporate Sales Engineer, Next-Gen SIEM - SME Team (Remote)
CrowdstrikeSalary not specified
- Full Time
- Mid-level (3 to 4 years)
RemoteSenior/ Staff Security Engineer, Detection and Response
Grow Therapy$168,000 - $220,000/year
- Full Time
- Senior (5 to 8 years)
RemoteSecurity Analyst
Qualified.com$130,000 - $145,000/year
- Full Time
- Junior (1 to 2 years)
RemoteSenior Security Operations Center (SOC) Manager, Remote (copy)
AledadeSalary not specified
RemoteSenior Incident Response Engineer
Snowflake$198,000 - $303,600/year
- Full Time
- Junior (1 to 2 years)
RemoteStaff Security Engineer
CVS HealthSalary not specified
- Full Time
- Expert & Leadership (9+ years)
RemoteSecurity Operations Analyst
The Voleon GroupSalary not specified
- Full Time
- Entry Level & New Grad