×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity

Microsoft Sentinel Security Platform Engineer

Job in Austin, Travis County, Texas, 78716, USA
Listing for: Allied Consultants, Inc.
Full Time position
Listed on 2026-03-01
Job specializations:
  • IT/Tech
    Cybersecurity
Salary/Wage Range or Industry Benchmark: 80000 - 100000 USD Yearly USD 80000.00 100000.00 YEAR
Job Description & How to Apply Below

Microsoft Sentinel Security Platform Engineer

Allied Consultants, Inc is a proudly Austin based firm with over 34 years of experience delivering top‑tier technical and business professionals within Texas State Agencies. We are currently seeking an experienced Microsoft Sentinel Security Platform Engineer to play a key role within a high‑impact technical services team.

Work location:

  • Onsite. Candidates MUST be local to Austin, TX

Responsibilities

Essential Job Functions (EJFs)

  • Designs, develops, tests, and deploys Sentinel SOAR automation playbooks using Azure Logic Apps, Azure Functions, ARM templates, and REST APIs.
  • Creates automated workflows for alert enrichment, triage, response actions, notification processes, and case management.
  • Integrates Sentinel with third‑party systems (EDR, IAM, ticketing systems, email gateways, firewalls, etc.) to automate security operations.
  • Develops custom UEBA detection rules
    , anomaly models, ML‑based behavior patterns, and advanced hunting queries (KQL).
  • Builds and maintains analytics content, data parsers, normalization rules, and entity behavior profiles.
  • Evaluates behavioral anomalies and collaborates with cybersecurity teams to fine‑tune detection logic.
  • Designs and implements custom data connectors, ingestion pipelines, and data transformation logic.
  • Creates dashboards, workbooks, hunting queries, and detection‑as‑code assets.
  • Performs platform tuning to improve performance, reduce noise, and align to MITRE ATT&CK and Zero Trust principles.

Application Development & Integration (10%)

  • Develops supporting code modules, scripts, microservices, and helper APIs using Python, Power Shell, .NET, or similar languages.
  • Works with Dev Ops pipelines, CI/CD processes, version control, and infrastructure‑as‑code where applicable.
  • Writes technical design documents, SOPs, architecture diagrams, and automation runbooks.
  • Collaborates with DSHS, HHSC CISO Office, and cross‑functional stakeholders on requirements, testing, and deployment.
  • Provides Tier III support for Sentinel engineering issues and participates in after‑action reviews when needed.

Knowledge, Skills, and Abilities (KSAs)

Knowledge of:

  • Microsoft Sentinel architecture, SOAR, and UEBA capabilities.
  • Azure cloud services, Logic Apps, Azure Functions, Event Hubs, Key Vault, and Azure AD.
  • Security operations processes (triage, threat detection, incident response, threat modeling).
  • MITRE ATT&CK, NIST CSF, Zero Trust Architecture concepts.
  • CI/CD pipelines, Dev Ops practices, and Git‑based version control.
  • API integrations and JSON/YAML structures.

Skills in:

  • Building Logic App workflows and custom Sentinel automation playbooks.
  • Writing complex KQL queries for analytics, hunting, and behavioral detection.
  • Developing custom connectors, data maps, and parsers.
  • Designing and optimizing UEBA detection models.
  • Debugging SOAR workflows and resolving integration issues.
  • Communicating technical information clearly to both technical and non‑technical audiences.

Abilities to:

  • Work independently and take ownership of complex development tasks.
  • Translate security requirements into scalable technical solutions.
  • Analyze threat behaviors and develop meaningful detections.
  • Work collaboratively with cybersecurity, infrastructure, and application teams.
  • Manage multiple work assignments and meet deadlines.

Qualifications

4 years of:

  • Graduation from an accredited four‑year college or university with major coursework in computer science, computer information systems, software engineering, cybersecurity, or a related field.

2 years of:

  • Two years of full‑time experience in software development, cloud engineering, SIEM engineering, or cybersecurity engineering.

Preferred:

3 years of:

  • Three or more years of hands‑on technical experience with Microsoft Sentinel.

1 year of:

  • Experience developing UEBA models, anomaly detection rules, and behavior‑based analytics.
  • Experience building Security Automation Playbooks (SOAR).
  • Microsoft certifications such as: SC‑200:
    Security Operations Analyst, AZ‑900 / AZ‑104, SC‑100 / SC‑300.
  • Experience integrating Sentinel with EDR, IAM, firewalls, and ticketing systems.
  • Experience with Dev Ops pipelines (Git Hub, Azure Dev Ops).
  • Experience working in a…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search