Senior Specialist, Cybersecurity Engineering

Merck & Co.-posted 7 months ago
$114,700 - $180,500/Yr
Full-time • Mid Level
Onsite
Chemical Manufacturing
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

We are seeking a Cyber Defense Analytics Senior Specialist with specialized expertise in SIEM engineering and detection content development to support and advance our Microsoft Sentinel platform. This role is instrumental in designing scalable, high-fidelity detection logic, optimizing telemetry ingestion, and improving threat visibility across the enterprise.

  • Work on the development, deployment, and optimization of SIEM analytics rules, KQL-based queries, and hunting queries within Microsoft Sentinel.
  • Act as the Subject Matter Expert on SIEM, ensuring efficient and secure integration of data sources and telemetry streams.
  • Engineer detection logic that aligns with MITRE ATT&CK, threat modeling, and business risk prioritization to improve detection coverage and fidelity.
  • Partner with incident response, threat intel, and vulnerability teams to transform intelligence and threat scenarios into actionable detection content.
  • Collaborate with infrastructure and cloud teams to onboard, normalize, and validate log sources, ensuring telemetry quality and completeness.
  • Create and maintain a detection engineering lifecycle framework, from hypothesis to deployment, including validation, documentation, tuning, and suppression logic.
  • Optimize Azure Data Explorer (ADX) and custom enrichment data sources to support advanced correlation logic and reduce false positives.
  • Develop and maintain dashboards and metrics to measure detection performance, including alert volume, false positive rate, and detection dwell time.
  • Contribute to the Sentinel content roadmap and backlog management, prioritizing detections that address current and emerging threats.
  • Ensure all work adheres to security governance, SDLC policies, and compliance requirements (e.g., PCI, GDPR).
  • BA/BS required, advanced degree in Engineering and or related field.
  • Minimum 3 years of experience in SIEM engineering, threat detection, or security operations with a focus on cloud-native platforms.
  • Strong proficiency in Microsoft Sentinel, including Kusto Query Language (KQL), analytic rule creation, and custom workbook/dashboard development.
  • Hands-on experience with Azure Log Analytics, ADX, and Logstash/Cribl pipelines for data ingestion and transformation.
  • Demonstrated ability to create high-quality, low-noise detections aligned with adversary behaviors and threat models.
  • Familiarity with log source types (Windows Event, Linux syslog, firewall, cloud-native telemetry, etc.) and their parsing requirements.
  • Proficiency in scripting languages such as PowerShell or Python for data enrichment, rule testing, and automation support.
  • Experience with Agile methodologies, using tools such as Jira for managing detection backlogs and sprints.
  • Strong grasp of SDLC and DevSecOps practices in support of detection content lifecycle management.
  • Microsoft Certified: Security Operations Analyst Associate (Sentinel).
  • MITRE ATT&CK Defender (MAD), GIAC (GCIA, GCED), or similar detection engineering certifications.
  • CISSP, CISM, or Microsoft Azure certifications are a plus.
  • Bonus eligibility
  • Long term incentive if applicable
  • Health care and other insurance benefits (for employee and family)
  • Retirement benefits
  • Paid holidays
  • Vacation
  • Sick days
Track Jobs with Teal

Job Search Resources

AI Resume Builder
Cybersecurity Engineer Resume Examples
Cybersecurity Engineer Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service