IT Security Engineer - Purview and Sentinel Lead - Full Time, Days (Remote)

NOR HEALTHCARE SYSTEMS CORP
Bellflower, United States of America
2 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior
Compensation
$ 135K

Job location

Remote
Bellflower, United States of America

Tech stack

API
Cloud Computing Security
Computer Security
Data Governance
Information Leak Prevention
Data Security
Intrusion Detection and Prevention
Microsoft Security Essentials
Powershell
Kusto Query Language
Security Information and Event Management
Microsoft Power Automate
Mitre Att&ck
Information Technology
Cybercrime
Microsoft Sentinel
Security Orchestration, Automation & Response

Job description

The Purview and Sentinel Lead serves as the organization's primary subject matter expert for Microsoft Purview (compliance, data governance, and eDiscovery) and Microsoft Sentinel (cloud-native SIEM/SOAR). This role is responsible for the design, operation, and continuous improvement of the organization's data protection posture and security operations detection capabilities across a multi-facility healthcare environment., * Microsoft Sentinel - SIEM/SOAR Operations: Own the architecture, configuration, and day-to-day health of the Microsoft Sentinel environment, including workspace design, data connector management, and cost optimization

  • Microsoft Purview - ComplianceData Governance: Design and administer the organization's Microsoft Purview compliance posture, including Information Protection, Data Loss Prevention (DLP), Insider Risk Management, Communication Compliance, and Audit solutions
  • Detection EngineeringThreat Intelligence: Maintain a detection engineering lifecycle - ideate, build, validate, tune, and retire - for Sentinel analytic rules based on threat intelligence feeds (H-ISAC, MDTI, CISA advisories)
  • Governance, ReportingCollaboration: Produce regular operational metrics and executive-level reporting on SIEM alert volume, detection coverage, DLP policy effectiveness, and eDiscovery activity

Requirements

Do you have experience in Threat hunting activities?, Do you have a Bachelor's degree?, * Experience: 2+ years in security operations, compliance engineering, or cloud security roles with direct hands-on experience in Microsoft Sentinel and/or Microsoft Purview

  • Education: Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or equivalent practical experience
  • Certifications (Required or Expected Within 12 Months):
  • Microsoft Security Operations Analyst Associate (SC-200)

Technical Skills:

  • Advanced KQL proficiency - analytic rules, hunting queries, workbooks, and summarization
  • Hands-on experience with Sentinel data connectors, DCRs, automation rules, and Logic Apps playbooks
  • Working knowledge of Microsoft Purview compliance portal: DLP, sensitivity labels, eDiscovery, litigation holds, and Audit
  • Familiarity with Microsoft Defender XDR suite integration (MDE, MDI, MDA, MDO)
  • Proficiency with PowerShell and Microsoft Graph API for compliance and security automation
  • Understanding of MITRE ATT&CK framework and its application to detection rule development

Apply for this position