Azure Sentinel Detection Engineer, Senior

Key Role:

Support and detect advanced Cyber threats to our global commercial enterprise networks by thinking like a cyber attacker and develop the detections to stop them. Build and Rapidly prototype high confidence detections based on a wide variety of data sources and use cases. Analyze attacker TTPs and build the countermeasures to stop them within Azure Sentinel and other SIEM environments. Identify data coverage gaps and areas for improving the SIEM detection capabilities. Coordinate with engineering team to remediate SIEM performance issues. This position is open to remote delivery anywhere within the U.S., to include the District of Columbia.

Basic Qualifications:

  • 4+ years of experience with operational security, including security operations center, incident response, malware analysis, or IDS platforms
  • 2+ years of experience with developing SIEM content
  • Experience in Azure Sentinel and Kusto Query Language
  • Knowledge of Windows Operating System
  • Bachelor’s degree in Computer Science or Cybersecurity

Additional Qualifications:

  • Experience with scripting languages, including Python or PowerShell
  • Experience with Windows Enterprise security or systems administration
  • Experience with SIEM and SOC, including, Splunk or SecureOnix
  • Experience with network hunting, including Bro Logs, Netflow, PCAP, and Suricata
  • Knowledge of offensive tools, including Mimikatz, Metasploit, and Empire
  • Knowledge of endpoint incident response and forensics
  • GCFA, GCFE, GREM, GNFA, or OSCP Certification

The proposed salary range for this position in Colorado is 110,000 to 140,000. Final salary will be determined based on various factors.

At Booz Allen, we celebrate your contributions, provide you with opportunities and choice, and support your total well-being. Our comprehensive benefit offerings include healthcare, retirement plan, insurance programs, commuter program, employee assistance program, paid and unpaid leave programs, education assistance, and childcare benefits.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.

#LI-AH1, #LI-Remote, DH1, ID15-CMCL

Not ready to apply? Join our talent community and sign up for job alerts.