Job Specifications
Job Title: Cybersecurity Engineer (SIEM / SOAR)
Location: Austin, TX (Onsite – 5 days per week, local candidates only)
Duration: Contract through August 31, 2026
Work Hours: Monday–Friday, 8:00 AM – 5:00 PM CST
Job Summary
We are seeking a senior-level Software Developer II to design, build, and optimize Microsoft Sentinel capabilities for enterprise security operations. This role focuses on SIEM, SOAR, and UEBA engineering, including automation playbooks, analytics rules, behavioral models, and platform integrations.
The ideal candidate will have strong experience with Azure security services, Sentinel automation, and security operations workflows, and will work with limited supervision while providing technical leadership.
Key Responsibilities
Microsoft Sentinel SOAR Development
Design, develop, test, and deploy automation playbooks using Azure Logic Apps, Azure Functions, ARM templates, and REST APIs
Build workflows for alert enrichment, triage, response, notifications, and case management
Integrate Sentinel with third-party systems such as EDR, IAM, ticketing tools, email gateways, and firewalls
UEBA & Analytics Engineering
Develop custom UEBA detection rules, anomaly models, and behavior-based analytics
Write and optimize KQL queries for analytics and advanced threat hunting
Maintain parsers, normalization rules, and entity behavior profiles
Collaborate with security teams to tune detection logic and reduce false positives
SIEM Platform Engineering
Design and implement custom data connectors and ingestion pipelines
Create dashboards, workbooks, and detection-as-code assets
Tune the platform for performance, noise reduction, and alignment with MITRE ATT&CK and Zero Trust principles
Application Development & Integration
Develop supporting scripts and services using Python, PowerShell, .NET, or similar languages
Support CI/CD pipelines, version control, and infrastructure-as-code practices
Documentation & Support
Produce technical documentation, SOPs, architecture diagrams, and runbooks
Provide Tier III support and participate in incident reviews when required
Collaborate with cybersecurity and infrastructure teams during implementation and testing
Required Skills & Experience
Bachelor’s degree in Computer Science, Software Engineering, Cybersecurity, or related field
2+ years of experience in software development, cloud engineering, SIEM, or cybersecurity engineering
Strong hands-on experience with Microsoft Sentinel
Experience with Azure services including Logic Apps, Functions, Event Hubs, Key Vault, and Entra ID
Proficiency in KQL, scripting, and API integrations
Knowledge of security operations, incident response, and threat detection
Familiarity with MITRE ATT&CK, NIST CSF, and Zero Trust concepts
Strong analytical, problem-solving, and communication skills
Preferred Qualifications
3+ years of hands-on experience with Microsoft Sentinel
Experience building SOAR playbooks and UEBA models
Experience integrating Sentinel with EDR, IAM, firewalls, and ticketing systems
Experience with DevOps pipelines (Azure DevOps, GitHub)
Experience in government, healthcare, or regulated environments
Relevant certifications such as SC-200, AZ-900, AZ-104, SC-100, or SC-300
Work Environment & Additional Details
Onsite role – 5 days per week in Austin, TX
Local candidates only
Occasional after-hours or weekend work may be required
Travel, parking, and related expenses are the responsibility of the worker/vendor
Background check required
Interviews conducted in person or via Microsoft Teams
PriceSenz is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, or disability.