KODISOFFTLLC
SIEM Engineer - Microsoft Sentinel
β - Featured Role | Apply direct with Data Freelance Hub
This role is for a SIEM Engineer specializing in Microsoft Sentinel, offering a remote contract for an unspecified length at an hourly pay rate. Requires a BA/BS, three years of Azure Sentinel and KQL experience, and an active Microsoft Security Operations Analyst Associate certification.
π - Country
United States
π± - Currency
$ USD
-
π° - Day rate
Unknown
-
ποΈ - Date
October 4, 2025
π - Duration
Unknown
-
ποΈ - Location
Remote
-
π - Contract
Unknown
-
π - Security
Unknown
-
π - Location detailed
United States
-
π§ - Skills detailed
#Computer Science #Compliance #KQL (Kusto Query Language) #Logic Apps #Data Ingestion #Security #Data Normalization #Monitoring #Visualization #Indexing #"ETL (Extract #Transform #Load)" #Data Storage #Azure #Documentation #Normalization #Azure Logic Apps #Storage
Role description
Remote- C2C
Qualifications:
Education:
BA/BS degree in Computer Science, Business Management, or an IT-related field.
Experience:
Three (3) yearsβ experience with Azure Sentinel.
Three (3) yearsβ experience with Kusto Query Language (KQL).
One (1) year of experience in Information Security.
Certification:
Active Microsoft Security Operations Analyst Associate certification.
Scope of Work:
The SIEM Engineer will design, implement, and manage the Microsoft Sentinel SIEM solution within the Judiciary, focusing on data collection, analysis, and visualization to monitor, detect, and respond to security threats. Key responsibilities include:
Essential Functions:
SIEM Configuration:
Design and deploy SIEM resources, including analytics rules, playbooks, Azure logic apps, and data connectors.
Optimize SIEM configurations for efficient data storage, retrieval, and search capabilities.
Data Collection and Integration:
Collaborate with system owners to identify data sources and drive initiatives to ingest system data.
Develop data ingestion strategies and set up data source integration for various log and event data types.
Implement data normalization and transformation processes for consistent analysis.
Dashboard and Visualization Development:
Design and create interactive dashboards, reports, and visualizations.
Present data insights clearly and support decision-making processes.
Develop data visuals for SOC display screens.
Search, Queries, and Alerts:
Develop and optimize analytics rules and alert mechanisms for monitoring security threats and operational issues.
Configure alerts to trigger automated responses or notifications.
SIEM App Development:
Build custom SIEM apps and add-ons to extend functionality.
Collaborate with development teams to integrate SIEM with other systems and tools.
Security and Compliance:
Implement security controls and best practices to protect SIEM data.
Monitor and analyze security events to detect and respond to threats.
Performance Optimization:
Monitor system performance and troubleshoot issues related to data indexing, search performance, and resource utilization.
Implement optimizations to enhance SIEM efficiency and responsiveness.
Training and Documentation:
Provide training and guidance on Microsoft Sentinel best practices, usage, and administration to JIS SOC team members.
Create documentation for configurations, processes, and troubleshooting procedures.
β’ This comprehensive role requires a strong blend of technical skills, hands-on experience with Microsoft Sentinel, and the ability to collaborate with various stakeholders to optimize data intelligence and enhance security operations.
Remote- C2C
Qualifications:
Education:
BA/BS degree in Computer Science, Business Management, or an IT-related field.
Experience:
Three (3) yearsβ experience with Azure Sentinel.
Three (3) yearsβ experience with Kusto Query Language (KQL).
One (1) year of experience in Information Security.
Certification:
Active Microsoft Security Operations Analyst Associate certification.
Scope of Work:
The SIEM Engineer will design, implement, and manage the Microsoft Sentinel SIEM solution within the Judiciary, focusing on data collection, analysis, and visualization to monitor, detect, and respond to security threats. Key responsibilities include:
Essential Functions:
SIEM Configuration:
Design and deploy SIEM resources, including analytics rules, playbooks, Azure logic apps, and data connectors.
Optimize SIEM configurations for efficient data storage, retrieval, and search capabilities.
Data Collection and Integration:
Collaborate with system owners to identify data sources and drive initiatives to ingest system data.
Develop data ingestion strategies and set up data source integration for various log and event data types.
Implement data normalization and transformation processes for consistent analysis.
Dashboard and Visualization Development:
Design and create interactive dashboards, reports, and visualizations.
Present data insights clearly and support decision-making processes.
Develop data visuals for SOC display screens.
Search, Queries, and Alerts:
Develop and optimize analytics rules and alert mechanisms for monitoring security threats and operational issues.
Configure alerts to trigger automated responses or notifications.
SIEM App Development:
Build custom SIEM apps and add-ons to extend functionality.
Collaborate with development teams to integrate SIEM with other systems and tools.
Security and Compliance:
Implement security controls and best practices to protect SIEM data.
Monitor and analyze security events to detect and respond to threats.
Performance Optimization:
Monitor system performance and troubleshoot issues related to data indexing, search performance, and resource utilization.
Implement optimizations to enhance SIEM efficiency and responsiveness.
Training and Documentation:
Provide training and guidance on Microsoft Sentinel best practices, usage, and administration to JIS SOC team members.
Create documentation for configurations, processes, and troubleshooting procedures.
β’ This comprehensive role requires a strong blend of technical skills, hands-on experience with Microsoft Sentinel, and the ability to collaborate with various stakeholders to optimize data intelligence and enhance security operations.
