IT Security Engineer - Purview and Sentinel Lead - Full Time, Days (Remote)

Position Summary The Purview and Sentinel Lead serves as the organization's primary subject matter expert for Microsoft Purview (compliance, data governance, and eDiscovery) and Microsoft Sentinel (cloud-native SIEM/SOAR). This role is responsible for the design, operation, and continuous improvement of the organization's data protection posture and security operations detection capabilities across a multi-facility healthcare environment.

Key Responsibilities

• Microsoft Sentinel - SIEM/SOAR Operations: Own the architecture, configuration, and day-to-day health of the Microsoft Sentinel environment, including workspace design, data connector management, and cost optimization
• Microsoft Purview - ComplianceData Governance: Design and administer the organization's Microsoft Purview compliance posture, including Information Protection, Data Loss Prevention (DLP), Insider Risk Management, Communication Compliance, and Audit solutions
• Detection EngineeringThreat Intelligence: Maintain a detection engineering lifecycle - ideate, build, validate, tune, and retire - for Sentinel analytic rules based on threat intelligence feeds (H-ISAC, MDTI, CISA advisories)
• Governance, ReportingCollaboration: Produce regular operational metrics and executive-level reporting on SIEM alert volume, detection coverage, DLP policy effectiveness, and eDiscovery activity

Required Qualifications

• Experience: 2+ years in security operations, compliance engineering, or cloud security roles with direct hands-on experience in Microsoft Sentinel and/or Microsoft Purview
• Education: Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or equivalent practical experience
• Certifications (Required or Expected Within 12 Months):
• Microsoft Security Operations Analyst Associate (SC-200)

Technical Skills:

• Advanced KQL proficiency - analytic rules, hunting queries, workbooks, and summarization
• Hands-on experience with Sentinel data connectors, DCRs, automation rules, and Logic Apps playbooks
• Working knowledge of Microsoft Purview compliance portal: DLP, sensitivity labels, eDiscovery, litigation holds, and Audit
• Familiarity with Microsoft Defender XDR suite integration (MDE, MDI, MDA, MDO)
• Proficiency with PowerShell and Microsoft Graph API for compliance and security automation
• Understanding of MITRE ATT&CK framework and its application to detection rule development

Pay Rate: Min - $135,000 l Max - $135,000 Job Listing ID: 1791294