We help the world Be Everyday Ready™
Today’s threatscape is relentless. So are we. At Cyderes, we specialize in building practical IAM, exposure management, and risk programs, and stopping active threats fast with MDR that works with your existing security tools — all augmented by AI and driven by seasoned operators. Our tireless global team is laser-focused on cybersecurity, arming organizations with the people, platforms, and perspectives they need to conquer whatever tomorrow throws their way.
About the Company: We are Cyderes (Cyber Defense and Response). A global, pure-play, full lifecycle cyber securityservicesprovider. We help the world Be Everyday Ready™
Today’s threatscape is relentless. So are we. At Cyderes, we specialize in building practical IAM, exposure management, and risk programs, and stopping active threats fast with MDR that works with your existing security tools — all augmented by AI and driven by seasoned operators. Our tireless global team is laser-focused on cybersecurity, arming organizations with the people, platforms, and perspectives they need to conquer whatever tomorrow throws their way.
About the Job:The Security Engineer ll – Microsoft Sentinel & Defender XDR plays a critical engineering role within Cyderes’ Managed Sentinel SIEM and MDR services.
This role goes beyond basic platform administration. The Security Engineer ll is responsible for detection engineering, platform optimization, onboarding lifecycle execution, and Defender XDR integration. You will serve as a trusted technical resource to clients, ensuring their Microsoft security ecosystem is properly configured, optimized, and continuously improving against evolving threats.
You will represent and reinforce the Cyderes brand through strong collaboration, professional communication, and consistent delivery that meets or exceeds client expectations.
Responsibilities:
Platform Engineering & Administration
Support intake process including coverage for Eastern Standard Time business hours as requiredAdminister and maintain Microsoft Sentinel and Defender XDR environments across managed clientsPerform health monitoring of:Log ingestion pipelinesData connector statusAutomation playbooksAnalytics rule performanceMonitor ingestion volumes and support cost optimization initiativesAssist in tenant standardization across multi-client MSSP environmentsLog Source Onboarding & Integration
Onboard new data sources into Microsoft Sentinel following established SOPs:Validate connectivityConfirm correct parsing and schema normalizationEnsure events are visible and queryable in Log AnalyticsIntegrate Microsoft Defender data sources:Defender for EndpointDefender for IdentityDefender for Office 365Defender for Cloud AppsValidate data integrity and entity mappingTroubleshoot ingestion or connector issues across Azure and third-party integrationsDetection Engineering & Use Case Development
Develop and maintain analytics rules (Scheduled, NRT, Fusion)Create and tune detection logic using KQLReduce false positives through structured tuning and rule refinementMap detections to MITRE ATT&CK frameworkImprove alert fidelity and correlation between Defender XDR and SentinelMaintain dashboards, workbooks, and reporting artifactsAssist in building reusable hunting and detection librariesMonitoring & Incident Support
Monitor Sentinel and Defender XDR alertsPerform Tier 2 triage and investigation of escalated alertsProvide clear documentation and escalation to MDR/SOC teamsSupport root cause investigations for platform or telemetry issuesAssist with containment automation where applicableAutomation & SOAR
Develop and maintain Azure Logic App playbooksAutomate response actions such as:Device isolationUser disablementIP blockingTicket creationFollow change management processes for configuration updatesTest changes in lower environments when applicableDocumentation & Continuous Improvement
Contribute to:RunbooksStandard operating proceduresOnboarding checklistsDetection documentationDocument false positives and data quality issuesProvide tuning feedback to senior engineers and architecture teamsStay current on Microsoft security roadmap changesParticipate in internal training and knowledge-sharing sessions
Requirements
Education
Diploma or Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or related field (or equivalent experience)Experience3–5 years of experience in IT security, SOC, or security engineering rolesMinimum 2 years hands-on experience with Microsoft SentinelExperience with Microsoft Defender XDR suiteExperience in MSSP or customer-facing environments preferredExposure to multi-tenant environments (Azure Lighthouse preferred)Technical Skills
Strong working knowledge of:Microsoft SentinelMicrosoft Defender XDRAzure Log AnalyticsProficiency in KQLUnderstanding of:Windows & Linux logsAzure AD / Entra IDNetworking fundamentals (TCP/IP, ports, firewalls, proxies)Authentication & authorization modelsExperience with:Azure Logic AppsREST APIsPowerShell or Python scriptingUnderstanding of MITRE ATT&CK frameworkFamiliarity with MDR operational workflowsCertifications (Preferred)
SC-200 (Microsoft Security Operations Analyst)AZ-500 (Azure Security Engineer)SC-100 (Cybersecurity Architect)Security+Relevant Microsoft Defender certificationsSoft Skills
Strong analytical and problem-solving skillsClear written and verbal communicationAbility to document investigations and platform changes thoroughlyCustomer-focused mindsetAbility to balance operational and engineering responsibilities
WHY CYDERES?
Benefits that go beyond the basics, we support our people so they can do their best work.
✔ Medical Insurance - Employee + dependents covered
✔ Life Insurance - Protection for what matters most
✔ Hybrid Work Model - 2–3 days in office
✔ Maternity & Paternity Leave - Time for the moments that matter
✔ Paid Time Off - PTO + sick & casual leave
✔ Bereavement & Volunteer Time - Give back to your community
✔ Professional Development - Reimbursement program
✔ LinkedIn L&D Platform - Thousands of courses at your fingertips
✔ Mobile Phone Reimbursement - Stay connected, on us
Cyderes is an Equal Opportunity Employer (EOE). Qualified applicants are considered for employment without regard to race, religion, color, sex, age, disability, sexual orientation, genetic information, national origin, or veteran status.
Note: This job posting is intended for direct applicants only. We request that outside recruiters do not contact us regarding this position.
