SOHO Square Solutions
Opening for Security Automation and Detection Engineer : Contract : Austin, TX :
SOHO Square Solutions, Austin, Texas, us, 78716
Role Overview
We are seeking an experienced
Security Automation and Detection Engineer
to join our team on a one-year contract. This role requires a
hands-on SME in Microsoft Sentinel and KQL
with proven experience in log source onboarding, analytics rule creation, and automation playbook development. The ideal candidate is passionate about security operations, detection engineering, and automation within cloud-native SIEM platforms. This position is
technical interview-focused
and designed for professionals with recent, practical, and in-depth experience managing Sentinel in a production environment. Key Responsibilities
Microsoft Sentinel Management
Onboard and configure new log sources into Sentinel. Design, implement, and maintain
Analytics detection rules . Manage and optimize
Automation workflows
(Logic Apps, Playbooks). Detection Engineering
Write and optimize
KQL queries
for detections, hunting, and reporting. Develop and refine detection use cases across enterprise workloads. Validate and tune detections to minimize false positives. Automation & Security Operations
Implement SOAR-based automation within Sentinel to improve incident response. Collaborate with SOC and incident response teams to operationalize detections. Continuously improve detection coverage and automation efficiency. Collaboration & Documentation
Partner with security architects and infrastructure teams on data ingestion. Document onboarding steps, detection logic, and automation workflows. Share knowledge with the broader security engineering team. Required Qualifications
Proficiency with Microsoft Sentinel , with recent (last 6 months) hands-on experience in: Onboarding log sources, Creating and managing Analytics detection rules, Implementing Automation workflows. Strong expertise in
KQL (Kusto Query Language)
for detections, hunting, and dashboards. At least
50% of recent day-to-day work
focused on Sentinel operations and automation. Solid understanding of SIEM/SOAR concepts, security monitoring, and incident detection. Experience tuning detections to balance coverage and false positives. Preferred Skills
Azure Security tools (Defender suite, Azure Monitor, Logic Apps). Knowledge of MITRE ATT&CK mapping for detection engineering. Scripting skills (PowerShell, Python) for security automation. Familiarity with log source types (network, endpoint, cloud, identity).
#J-18808-Ljbffr
We are seeking an experienced
Security Automation and Detection Engineer
to join our team on a one-year contract. This role requires a
hands-on SME in Microsoft Sentinel and KQL
with proven experience in log source onboarding, analytics rule creation, and automation playbook development. The ideal candidate is passionate about security operations, detection engineering, and automation within cloud-native SIEM platforms. This position is
technical interview-focused
and designed for professionals with recent, practical, and in-depth experience managing Sentinel in a production environment. Key Responsibilities
Microsoft Sentinel Management
Onboard and configure new log sources into Sentinel. Design, implement, and maintain
Analytics detection rules . Manage and optimize
Automation workflows
(Logic Apps, Playbooks). Detection Engineering
Write and optimize
KQL queries
for detections, hunting, and reporting. Develop and refine detection use cases across enterprise workloads. Validate and tune detections to minimize false positives. Automation & Security Operations
Implement SOAR-based automation within Sentinel to improve incident response. Collaborate with SOC and incident response teams to operationalize detections. Continuously improve detection coverage and automation efficiency. Collaboration & Documentation
Partner with security architects and infrastructure teams on data ingestion. Document onboarding steps, detection logic, and automation workflows. Share knowledge with the broader security engineering team. Required Qualifications
Proficiency with Microsoft Sentinel , with recent (last 6 months) hands-on experience in: Onboarding log sources, Creating and managing Analytics detection rules, Implementing Automation workflows. Strong expertise in
KQL (Kusto Query Language)
for detections, hunting, and dashboards. At least
50% of recent day-to-day work
focused on Sentinel operations and automation. Solid understanding of SIEM/SOAR concepts, security monitoring, and incident detection. Experience tuning detections to balance coverage and false positives. Preferred Skills
Azure Security tools (Defender suite, Azure Monitor, Logic Apps). Knowledge of MITRE ATT&CK mapping for detection engineering. Scripting skills (PowerShell, Python) for security automation. Familiarity with log source types (network, endpoint, cloud, identity).
#J-18808-Ljbffr