Security Engineer – Microsoft Sentinel & Purview (RARR Job 6065)

Role Overview

We are looking for a Cybersecurity Engineer with strong expertise in Microsoft Sentinel (SIEM/SOAR) and Microsoft Purview (DLP & Compliance). The role focuses on security monitoring, threat detection, incident response, and data protection across cloud and hybrid environments.

Key Skills (Mandatory)

• Hands-on experience with Microsoft Sentinel (SIEM & SOAR)
• Expertise in KQL queries & analytics rule creation
• Experience with log onboarding (Azure AD, M365, Defender, firewalls, 3rd party tools)
• Strong knowledge of incident investigation & threat hunting
• Experience with playbooks using Logic Apps
• Hands-on with Microsoft Purview (DLP, Compliance, Information Protection)
• Knowledge of Sensitivity Labels, Insider Risk, eDiscovery
• Understanding of compliance frameworks & data governance

Key Responsibilities

• Deploy and manage Microsoft Sentinel SIEM/SOAR solutions
• Perform incident triage, investigation & response
• Develop playbooks, dashboards & workbooks
• Conduct threat hunting & MITRE ATT&CK mapping
• Implement DLP policies using Microsoft Purview
• Manage data classification, compliance & governance
• Support security monitoring across M365 & Azure environments