Microsoft Sentinel Engineer – 1916764

****Candidates should possess in-depth knowledge and
configuration experience of Microsoft Sentinel, Defender, and
Purview (Data Protection)****

Job Title: Microsoft Sentinel Engineer

Location: New York City, Los Angeles, Washington DC area, or

Work Environment: Hybrid Work Week (3-days onsite)

Salary: $150K to $170K plus a performance-based bonus

Term: Full-time/Direct-Hire

3rd Party C2C/Transfer: No

Referral Fee: $500 – Refer qualified colleagues, friends, or

Please send an updated resume in Microsoft Word format


Our client, an AM Law 100 firm, is looking to hire an Information
Security Engineer in New York City, Los Angeles, Delaware, or
Washington DC (tri-state area). This is a full-time, direct-hire
role that will allow for a hybrid work week (3 days a week
onsite). The position will pay an annual base salary of $150K to
$170K plus a performance-based bonus and an excellent benefits

The Information Security Engineer works within a diverse and
exciting team of 6 additional skilled cybersecurity
professionals. Collectively, this team is responsible for the
ongoing operation of our client’s information security program,
ensuring the robust protection of sensitive data and systems. The
Information Security Engineer is a wide-ranging, hands-on role
encompassing the design, implementation, and maintenance of
advanced cybersecurity technologies, performing in-depth security
reviews for new projects and technologies, and providing a
frontline response for security incidents. The ability to
communicate effectively with all levels of the business regarding
security issues while ensuring that our client’s information
assets are adequately protected is essential.

Understanding security in a holistic and highly technical manner
is essential for this role. They’re looking for individuals who
think strategically about and fix specific security risks in the
environment. They want to bring you on board if you have
experience in protecting cloud environments (in particular,
Microsoft Azure), SIEM, XDR, threat intelligence, automation,
network security, application security, forensics/IR, and
security architecture in general.

Duties and Responsibilities:

* Act as the primary resource/lead or backup resource for at
least 2 of our client’s security platforms (Palo Alto
SaaS/SASE/Strata, FireEye, Microsoft Defender for
Endpoint/Identity/Etc., Azure Sentinel, CyberArk, Splunk,
Varonis, Vectra, Forescout, Illumio, and others) including
design, implementation, and maintenance of those
platforms. Continually evaluate new features for implementation
in the environment.
* Develop functional knowledge of the comprehensive security
architecture in order to support those technologies when needed,
as well as integrate these technologies creatively and
* Perform front line security incident response as a member of a
5 person on call rotation (working in conjunction with Managed
Security Services Providers). Using our client’s established
processes and procedures, provide timely investigation and
resolution to all suspicious email reports, malware instances,
and other security events. Develop automation scripts to assist
in the team’s incident response effort.
* Using established processes, conduct detailed, written security
reviews for vendors, projects, and technologies. The security
review process includes conducting initial intake interviews with
stakeholders, researching and performing due diligence, using
third party risk management tools, conducting risk assessments,
and presenting final recommendations for moving forward in a
secure manner.
* Throughout the system development lifecycle (SDLC), assess and
review our client’s current technology infrastructure to identify
key risk areas, ensuring that adequate controls are in place to
address those risks. Take a lead position to research specific
security technologies and controls as requested by senior
* As assigned, conduct periodic scheduled processes and
procedures such as running vulnerability scans, and periodic
privileged access reviews.
* Maintain operational responsibility for the information
security team’s ticketing queue, primarily relating to the
evaluating and managing tickets requesting policy exceptions.
* Offer insights and collaborate within the team to provide input
to strategic and tactical planning, initiatives, and projects.

Skills and Qualifications:

* Four year degree in computer science or related field, or the
equivalent work experience preferred.
* A minimum of 5 – 7 years of experience in an information
technology security role, or equivalent work experience in other
areas of the broader Information Technology field, working with
and configuring Microsoft security technologies. This includes a
strong foundation in managing and securing Microsoft systems to
ensure robustness of IT infrastructure. Information Security
certifications are considered a plus (CISSP, CISA, CEH, GSEC,
OSCP, CRISC, Palo Alto, Cisco, Splunk, and others). Non-security
certifications in Cisco, Microsoft, and Cloud considered.
* Scripting abilities (e.g. PowerShell) are a plus
* This role is highly technical and expertise in at least some of
the following is required: Next generation firewalls (e.g. Palo
Alto) and endpoint security tools (Defender for Endpoint),
ethical hacking, web app penetration testing, email security
(Proofpoint), SIEMs (Splunk, Sentinel), threat analysis tools,
vulnerability scanners, authentication, encryption,
authorization, continuous auditing tools/techniques, network
segmentation, access control, privileged account management, or
other information security tools. Deep understanding of
networking and operating systems concepts considered very
* This role requires diligent adherence to specified processes
and procedures with a professional and consistent end product.
* Experience managing and leading security projects, including
defining requirements, developing project plans, and delivering
* Excellent oral and written communication skills.
* Strong organizational skills to handle multiple priorities.

Job Location