Software Developer 2

About The Position

Requirements

• Graduation from an accredited four-year college or university with major coursework in computer science, computer information systems, software engineering, cybersecurity, or a related field.
• 2 years of experience in software development, cloud engineering, SIEM Engineering, or Cybersecurity engineering.
• Must be able to pass a background check. May require additional background checks as required by projects and/or clients at any time during employment.
• Exceptional interpersonal skills with the ability to communicate in a clear, professional, and articulate manner.
• Building Logic App workflows and custom Sentinel automation playbooks.
• Writing complex KQL queries for analytics, hunting, and behavioral detection.
• Developing custom connectors, data maps, and parsers.
• Designing and optimizing UEBA detection models.
• Debugging SOAR workflows and resolving integration issues.
• Microsoft Sentinel architecture, SOAR, and UEBA capabilities.
• Azure cloud services, Logic Apps, Azure Functions, Event Hubs, Key Vault, and Azure AD.
• Security operations processes (triage, threat detection, incident response, threat modeling).
• MITRE ATT&CK, NIST CSF, Zero Trust Architecture concepts.
• Programming and scripting languages (Python, PowerShell, KQL, C#, JavaScript, or equivalent).
• CI/CD pipelines, DevOps practices, and Git-based version control.
• API integrations and JSON/YAML structures.
• Communicating technical information clearly to both technical and non-technical
• Exceptional verbal and written communication skills.
• Excellent organizational, analytical, and problem-solving skills with high-level attention to detail.
• Ability to analyze systems and procedures
• Strong multitasking skills with the ability to manage multiple design streams across concurrent work effort.
• Must be self-motivated and able to work well independently as well as on a multi-functional team.
• Ability to handle sensitive and confidential information appropriately.
• Translate security requirements into scalable technical solutions.
• Analyze threat behaviors and develop meaningful detections.
• Work collaboratively with cybersecurity, infrastructure, and application teams.
• Manage multiple work assignments and meet deadlines.

Nice To Haves

• 3 years experience or more of hands-on technical experience with Microsoft Sentinel.
• 1 year of experience developing UEBA models, anomaly detection rules, and behavior-based analytic
• 1 year experience with building Security Automation Playbooks (SOAR).
• 1 year experience with Microsoft certifications such as: SC-200: Security Operations Analyst, AZ-900 / AZ-104, SC-100 / SC-300.
• 1 year experience integrating Sentinel with EDR, IAM, firewalls, and ticketing systems.
• 1 year experience with DevOps pipelines (GitHub, Azure DevOps).
• 1 year experience working in a government, healthcare, or regulatory environment.

Responsibilities

• Designs, develops, tests, and deploys Sentinel SOAR automation playbooks using Azure Logic Apps, Azure Functions, ARM templates, and REST APIs.
• Creates automated workflows for alert enrichment, triage, response actions, notification processes, and case management.
• Integrates Sentinel with third-party systems (EDR, IAM, ticketing systems, email gateways, firewalls, etc.) to automate security operations.
• Develops custom UEBA detection rules, anomaly models, ML-based behavior patterns, and advanced hunting queries (KQL).
• Builds and maintains analytics content, data parsers, normalization rules, and entity behavior profiles.
• Evaluate behavioral anomalies and collaborate with cybersecurity teams to fine-tune detection logic.
• Designs and implements custom data connectors, ingestion pipelines, and data transformation logic.
• Create dashboards, workbooks, hunting queries, and detection-as-code assets.
• Performs platform tuning to improve performance, reduce noise, and align to MITRE ATT&CK and Zero Trust principles.
• Develops supporting code modules, scripts, microservices, and helper APIs using Python, PowerShell, .NET, or similar languages.
• Works with DevOps pipelines, CI/CD processes, version control, and infrastructure-as-code where applicable.
• Writes technical design documents, SOPs, architecture diagrams, and automation runbooks.
• Collaborates with cross-functional stakeholders on requirements, testing, and deployment.
• Provides Tier III support for Sentinel engineering issues and participates in after-action reviews when needed.
• Other duties as assigned.

Benefits

• Medical, Dental and Vision Insurance; Wellness Program
• Flexible Spending Accounts (Healthcare, Dependent Care, Commuter)
• Short-Term and Long-Term Disability options
• Basic Life and AD&D Insurance (Company Provided)
• Voluntary Life and AD&D options
• 401(k) Retirement Savings Plan with matching after one year
• Paid Time Off