IT Security Engineer - Purview and Sentinel Lead - Full Time, Days (Remote) 11491
Position Summary The Purview and Sentinel Lead serves as the organization's primary subject matter expert for Microsoft Purview (compliance, data governance, and eDiscovery) and Microsoft Sentinel (cloud-native SIEM/SOAR). This role is responsible for the design, operation, and continuous improvement of the organization's data protection posture and security operations detection capabilities across a multi-facility healthcare environment.
Key Responsibilities
Microsoft Sentinel - SIEM/SOAR Operations: Own the architecture, configuration, and day-to-day health of the Microsoft Sentinel environment, including workspace design, data connector management, and cost optimization Microsoft Purview - Compliance & Data Governance: Design and administer the organization's Microsoft Purview compliance posture, including Information Protection, Data Loss Prevention (DLP), Insider Risk Management, Communication Compliance, and Audit solutions Detection Engineering & Threat Intelligence: Maintain a detection engineering lifecycle - ideate, build, validate, tune, and retire - for Sentinel analytic rules based on threat intelligence feeds (H-ISAC, MDTI, CISA advisories) Governance, Reporting & Collaboration: Produce regular operational metrics and executive-level reporting on SIEM alert volume, detection coverage, DLP policy effectiveness, and eDiscovery activity
Required Qualifications
Experience: 2+ years in security operations, compliance engineering, or cloud security roles with direct hands-on experience in Microsoft Sentinel and/or Microsoft Purview Education: Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or equivalent practical experience Certifications (Required or Expected Within 12 Months): Microsoft Security Operations Analyst Associate (SC-200) Technical Skills: Advanced KQL proficiency - analytic rules, hunting queries, workbooks, and summarization Hands-on experience with Sentinel data connectors, DCRs, automation rules, and Logic Apps playbooks Working knowledge of Microsoft Purview compliance portal: DLP, sensitivity labels, eDiscovery, litigation holds, and Audit Familiarity with Microsoft Defender XDR suite integration (MDE, MDI, MDA, MDO) Proficiency with PowerShell and Microsoft Graph API for compliance and security automation Understanding of MITRE ATT&CK framework and its application to detection rule development Pay Rate: Min - $135,000 l Max - $135,000 Job Listing ID: 1791294