IT Security Engineer - Purview and Sentinel Lead - Full Time, Days (Remote) 11491

Position Summary

The Purview and Sentinel Lead serves as the organization's primary subject matter expert for Microsoft Purview (compliance, data governance, and eDiscovery) and Microsoft Sentinel (cloud-native SIEM/SOAR). This role is responsible for the design, operation, and continuous improvement of the organization's data protection posture and security operations detection capabilities across a multi-facility healthcare environment.

Key Responsibilities

Microsoft Sentinel - SIEM/SOAR Operations: Own the architecture, configuration, and day-to-day health of the Microsoft Sentinel environment, including workspace design, data connector management, and cost optimization

Microsoft Purview - Compliance & Data Governance: Design and administer the organization's Microsoft Purview compliance posture, including Information Protection, Data Loss Prevention (DLP), Insider Risk Management, Communication Compliance, and Audit solutions

Detection Engineering & Threat Intelligence: Maintain a detection engineering lifecycle - ideate, build, validate, tune, and retire - for Sentinel analytic rules based on threat intelligence feeds (H-ISAC, MDTI, CISA advisories)

Governance, Reporting & Collaboration: Produce regular operational metrics and executive-level reporting on SIEM alert volume, detection coverage, DLP policy effectiveness, and eDiscovery activity

Required Qualifications

Experience: 2+ years in security operations, compliance engineering, or cloud security roles with direct hands-on experience in Microsoft Sentinel and/or Microsoft Purview

Education: Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or equivalent practical experience

Certifications (Required or Expected Within 12 Months):

Microsoft Security Operations Analyst Associate (SC-200)

Technical Skills:

Advanced KQL proficiency - analytic rules, hunting queries, workbooks, and summarization

Hands-on experience with Sentinel data connectors, DCRs, automation rules, and Logic Apps playbooks

Working knowledge of Microsoft Purview compliance portal: DLP, sensitivity labels, eDiscovery, litigation holds, and Audit

Familiarity with Microsoft Defender XDR suite integration (MDE, MDI, MDA, MDO)

Proficiency with PowerShell and Microsoft Graph API for compliance and security automation

Understanding of MITRE ATT&CK framework and its application to detection rule development

Pay Rate: Min - $135,000 l Max - $135,000

Job Listing ID: 1791294