Senior Security Engineer, Managed Microsoft Sentinel

Bengaluru, Karnataka April 20, 2026 Full Time

We help the world Be Everyday Ready™

Today’s threatscape is relentless. So are we. At Cyderes, we specialize in building practical IAM, exposure management, and risk programs, and stopping active threats fast with MDR that works with your existing security tools — all augmented by AI and driven by seasoned operators. Our tireless global team is laser-focused on cybersecurity, arming organizations with the people, platforms, and perspectives they need to conquer whatever tomorrow throws their way.

About the Job:

The Senior Security Engineer – Microsoft Sentinel & Defender XDR is a senior technical authority

within Cyderes’ Managed Sentinel SIEM and MDR services. This role owns complex security engineering initiatives

across multi-tenant Microsoft environments and plays a key role in advancing detection maturity, platform

reliability, and security automation for managed clients.

Beyond day-to-day platform operations, the Senior Security Engineer leads advanced detection engineering,

drives optimization and standardization efforts, and serves as an escalation point for complex ingestion, telemetry,

and investigation challenges. This role partners closely with MDR, SOC, architecture, and customer stakeholders to

ensure Microsoft Sentinel and Defender XDR implementations are resilient, cost-effective, and aligned to real-

world threat activity.

As a trusted technical advisor, you influence platform strategy, mentor junior engineers, and help shape service

evolution by identifying gaps, improving alert fidelity, and enabling scalable automation. You will consistently

represent the Cyderes brand through strong technical leadership, clear communication, and delivery excellence

that meets or exceeds client expectations.

About the Job:

The Senior Security Engineer – Microsoft Sentinel & Defender XDR is a senior technical authority

within Cyderes’ Managed Sentinel SIEM and MDR services. This role owns complex security engineering initiatives

across multi-tenant Microsoft environments and plays a key role in advancing detection maturity, platform

reliability, and security automation for managed clients.

Beyond day-to-day platform operations, the Senior Security Engineer leads advanced detection engineering,

drives optimization and standardization efforts, and serves as an escalation point for complex ingestion, telemetry,

and investigation challenges. This role partners closely with MDR, SOC, architecture, and customer stakeholders to

ensure Microsoft Sentinel and Defender XDR implementations are resilient, cost-effective, and aligned to real-

world threat activity.

As a trusted technical advisor, you influence platform strategy, mentor junior engineers, and help shape service

evolution by identifying gaps, improving alert fidelity, and enabling scalable automation. You will consistently

represent the Cyderes brand through strong technical leadership, clear communication, and delivery excellence

that meets or exceeds client expectations.

#LI-Hybrid

WHY CYDERES?

Benefits that go beyond the basics, we support our people so they can do their best work.

✔ Medical Insurance - Employee + dependents covered

✔ Life Insurance - Protection for what matters most

✔ Retirement Match Program - We invest in your future

✔ Hybrid Work Model - 2–3 days in office

✔ Maternity & Paternity Leave - Time for the moments that matter

✔ Paid Time Off - PTO + sick & casual leave

✔ Bereavement & Volunteer Time - Give back to your community

✔ Professional Development - Reimbursement program

✔ LinkedIn L&D Platform - Thousands of courses at your fingertips

✔ Mobile Phone Reimbursement - Stay connected, on us

Cyderes is an Equal Opportunity Employer (EOE). Qualified applicants are considered for employment without regard to race, religion, color, sex, age, disability, sexual orientation, genetic information, national origin, or veteran status.

Note: This job posting is intended for direct applicants only. We request that outside recruiters do not contact us regarding this position.

Responsibilities:

Security Platform Engineering & Administration

• Serve as a subject matter expert (SME) for Microsoft Sentinel and Microsoft Defender XDR across managed clients

• Own the intake process and platform readiness during Eastern Standard Time business hours as required

• Lead administration and lifecycle management of:

Microsoft Sentinel

Microsoft Defender XDR suite

• Oversee and continuously improve platform health monitoring, including:

Log ingestion pipelines and data normalization

Data connector stability and performance

Automation playbooks and SOAR workflows

Analytics rule efficiency and alert reliability

• Analyze ingestion trends and lead cost optimization strategies across multi-tenant environments

• Drive tenant standardization, configuration baselines, and best practices across MSSP deployments

• Act as an escalation point for complex platform or telemetry issues

Log Source Onboarding & Integration

• Onboard new data sources into Microsoft Sentinel following established SOPs:

Validate connectivity

Confirm correct parsing and schema normalization

Ensure events are visible and queryable in Log Analytics

• Integrate Microsoft Defender data sources:

Defender for Endpoint

Defender for Identity

Defender for Office 365

Defender for Cloud Apps

• Validate data integrity and entity mapping

• Troubleshoot ingestion or connector issues across Azure and third-party integrations

• Lead onboarding of new and complex data sources into Microsoft Sentinel

• Design and evolve standard operating procedures (SOPs) for data onboarding

• Ensure:

Reliable connectivity

Accurate parsing and schema normalization

Strong entity mapping and enrichment

End-to-end data visibility in Log Analytics

• Own integration strategy for Microsoft Defender data sources:

Defender for Endpoint

Defender for Identity

Defender for Office 365

Defender for Cloud Apps

• Troubleshoot and resolve advanced ingestion, schema, or connector issues across Azure and third-party platforms

• Advise on architectural decisions related to telemetry quality and coverage

Detection Engineering & Use Case Development

• Design, develop, and maintain advanced analytics rules, including:

Scheduled

Near-Real-Time (NRT)

Fusion and correlation-based detections

• Lead development and optimization of complex KQL-based detection logic

• Own false-positive reduction initiatives through structured tuning, suppression, and enrichment

• Ensure high-quality MITRE ATT&CK mapping and detection coverage analysis

• Improve cross-platform correlation between Microsoft Defender XDR and Sentinel• Design and maintain:

Workbooks and dashboards for operational and executive visibility

Reusable detection and threat hunting libraries

Review and provide feedback on detection logic authored by junior engineers

Automation & SOAR Engineering

• Architect, develop, and maintain advanced Azure Logic App playbooks

• Design end-to-end automation for:

Device isolation

Account disablement or remediation

IP and domain blocking

Case and ticket orchestration

• Integrate REST APIs and external systems where required

• Enforce change management and version control standards

• Validate automation through testing in non-production environments

• Continuously identify opportunities to reduce analyst workload through automation

Leadership, Documentation & Continuous Improvement

• Serve as a technical mentor to Security Engineer I/II team members

• Lead or contribute to:

Runbooks

SOPs

Detection documentation

Platform onboarding standards

• Document complex investigations, detection logic, and platform decisions

• Provide strategic tuning and architecture feedback to senior engineering and security leadership

• Stay current with Microsoft security roadmap changes and emerging threat trends

• Participate in internal training sessions and contribute to knowledge-sharing initiatives

Requirements

Education experience

• Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or related field (or equivalent

Experience

• 5–8 years of experience in security engineering, SOC, or security operations roles

• Minimum 3-4 years hands-on experience with Microsoft Sentinel

• Deep experience with the Microsoft Defender XDR suite

• Proven experience operating in MSSP or customer-facing environments

• Hands-on exposure to multi-tenant security operations (Azure Lighthouse strongly preferred)

• Demonstrated experience leading or owning security engineering initiatives

Technical Skills

• Strong working knowledge of:

Microsoft Sentinel

Microsoft Defender XDR

Azure Log Analytics• Advanced Proficiency in KQL

• Strong understanding of:

Windows & Linux logs

Azure AD / Entra ID

Networking fundamentals (TCP/IP, ports, firewalls, proxies)

Authentication & authorization models

• Hands-on experience with:

Azure Logic Apps

REST APIs

PowerShell or Python scripting

• Strong understanding of the MITRE ATT&CK framework

• Familiarity with MDR and SOC operational workflows

• Ability to translate security telemetry into actionable detections

Certifications (Preferred)

• SC-200 (Microsoft Security Operations Analyst)

• AZ-500 (Azure Security Engineer)

• SC-100 (Cybersecurity Architect)

• CompTIA Security+

• Relevant Microsoft Defender certifications

Soft Skills

• Strong analytical and problem-solving skills

• Clear written and verbal communication

• Ability to document investigations and platform changes thoroughly

• Customer-focused mindset and risk-driven approach

• Comfortable balancing hands-on engineering with strategic ownership

• Ability to lead through influence rather than authority