Sentinel Security Engineer

NuHarbor Security • Remote (Colchester, Vermont, United States) • 3w ago

The Company

Every day, NuHarbor Security improves the cybersecurity of our clients by making it stronger and easier to understand. Our comprehensive suite of security services, from strategic advising to 24-hour monitoring and management, provide an organizational view of security that is focused on results and recommendations that are valuable for both business and technical leaders. We’re growing quickly because our clients, and the general market, are looking for these outcomes and for the data it gives them to explain, promote, and justify, their security investment and mission.

The Role

The Sentinel Security Engineer will work as part of a dynamic team to improve customer security and ensure customer satisfaction through your work to design, deploy, and manage the Microsoft security stack and the Microsoft Sentinel SIEM.

Unlike traditional engineering or analyst roles, you will have the opportunity to combine your interest and experience in both developing new solutions and delivering value through one of the world’s most popular software platforms. You will be receiving, investigating, and responding to security alerts while looking for opportunities to create time and effort-saving tools to improve scalability, efficiency, and consistency in security operations.

What You'll Do

Live by the NuHarbor corporate values: Protect the House, Help Clients Win, Always Improve.
Onboard clients with Sentinel and/or Microsoft Defender for Endpoint
Manage and maintain data connector ingestion and functionality
Monitor service health
Create, monitor and update functionality of workbooks.
Create and tune alerts and rules for both endpoint and SIEM purposes
Create and maintain playbooks for workflow automation.
Validate and tune log ingestion.
Define and manage data life cycles and roll-off policies to meet client specifications.
Collaborate with SOC and engineering teams to enhance our capabilities.
Maintain comprehensive documentation of SIEM configurations and changes.
Generate reports and dashboards for various stakeholders
Regularly meet with clients to drive forward shared objectives.

Your Foundation. The requirements for this role:

Bachelor’s Degree.
- Typical Degrees: Computer Science, Information Technology, Cybersecurity, Data Analytics, Mathematics, or related field(s).
  - In lieu of a degree, two (2) years of experience in a related technology field and relevant industry certifications are required.
- Minimum 3 years implementing and operating Microsoft security technologies, particularly Microsoft Defender for Endpoint (MDE) and Sentinel
- Minimum 2 years of commercial experience implementing DevOps practices and tooling, such as CI/CD pipelines and Infrastructure-as-Code
- Microsoft certifications in one or more of the following:
  - Azure Security Engineer Associate: AZ-500
  - Microsoft Security Operations Analyst: SC-200
  - Microsoft Cybersecurity Architect Expert: SC-100
  - Microsoft Identity and Access Administrator: SC-300
  - Microsoft Information Protection & Compliance Administrator Associate: SC-400
- Detailed practical knowledge of Internet protocols, firewalls, proxies, and intrusion detection/prevention systems.
- Testing and validation processes and methodologies
- Proven experience with scripting and automation (ex. PowerShell, Python)
- Demonstrated understanding of security event logging, correlation, and alerting.
- Excellent written and verbal communication skills.
- Ability to gain trust, collaborate and achieve shared objectives with both internal and external stakeholders.

Additional capabilities that will differentiate you for this role:

Five (5) or more years’ experience in an information technology field.
Experience in Azure monitoring tools & services (e.g., Azure Monitor, Azure Monitor for Containers, Application Insight, Azure Managed Grafana, Azure Advisor, Azure Cost Analysis).
Experience with Docker and Containers Orchestration (Azure Kubernetes Service and/or Azure Container Apps).
Proven experience in data migration projects, preferably involving Splunk and Azure.
Experience with ETL processes, data mapping, and data lifecycle management.
Experience with Infrastructure-as-Code (IaC).
Published articles or presentations in the field of SIEM and cybersecurity.
Demonstrated proactive approach to cybersecurity and customer service.
Demonstrated ability to make complex subjects understandable.

The Rewards

What you can expect:

The engagement and support of company leadership who recognize the challenge of marketing a complex cybersecurity service in a chaotic market.
An organization that recognizes and rewards employee commitment and contribution to our customers’ satisfaction and success
Growth in your career and capabilities as you help to chart a path to improving customer interactivity and service adoption.
A collaborative and driven working environment in a rapidly growing company and market
A fun and social working environment where you are encouraged to be your true self.

You can also expect competitive salary and benefits, including paid time to give back in your community and generous PTO.

We are purpose driven. We, as an organization, above anything else protect the house first and then help our customers win. If this sounds like the kind of organization you’d like to be a part of, we‘d like to hear from you.

AAP/EEO Statement

The Equal Employment Opportunity Policy of NuHarbor Security is to provide a fair and equal employment opportunity for all associates and job applicants regardless of race, color, religion, national origin, gender, sexual orientation, age, marital status or disability. NuHarbor Security hires and promotes individuals solely based on their qualifications for the job to be filled.

NuHarbor Security believes that employees should be provided with a working environment which enables each associate to be productive and to work to the best of his or her ability. We do not condone or tolerate an atmosphere of intimidation or harassment based on race, color, religion, national origin, gender, sexual orientation, age, marital status, or disability. We expect and require the cooperation of all employees in maintaining a discrimination and harassment-free atmosphere.