LanceSoft, Inc.
Base pay range
$85.00/hr - $90.00/hr
Position Overview The
Software Developer II
performs advanced (senior-level) software development work focused on designing, building, testing, and optimizing
Microsoft Sentinel
capabilities for large-scale security programs. This role is responsible for developing
custom automation playbooks, analytics rules, behavioral models, connectors, and integrations
that support
SOAR and UEBA
functionality.
The position works under limited supervision and exercises
independent judgment, technical leadership, and initiative
while collaborating with cybersecurity, cloud, and DevOps teams.
Essential Job Functions
Design, develop, test, and deploy
Sentinel SOAR automation playbooks
using
Azure Logic Apps, Azure Functions, ARM templates, and REST APIs .
Create automated workflows for
alert enrichment, triage, response actions, notifications, and case management .
Integrate Sentinel with
third‑party platforms
(EDR, IAM, ticketing systems, email gateways, firewalls) to automate security operations.
Develop
custom UEBA detection rules , anomaly models, ML‑based behavior patterns, and
advanced KQL hunting queries .
Build and maintain analytics content, parsers, normalization rules, and entity behavior profiles.
Evaluate behavioral anomalies and collaborate with security teams to refine detection logic.
Design and implement
custom data connectors, ingestion pipelines, and transformation logic .
Create dashboards, workbooks, hunting queries, and
detection‑as‑code assets .
Tune Sentinel performance to reduce noise and align detections with
MITRE ATT&CK and Zero Trust principles .
Application Development & Integration (10%)
Develop supporting code modules, scripts, microservices, and APIs using
Python, PowerShell, .NET, or similar languages .
Work with
CI/CD pipelines, DevOps processes, version control, and infrastructure‑as‑code .
Produce technical documentation, SOPs, architecture diagrams, and automation runbooks.
Collaborate with security leadership and cross‑functional teams on requirements, testing, and deployments.
Provide
Tier III engineering support
and participate in post‑incident reviews as needed.
Knowledge, Skills, and Abilities (KSAs) Knowledge of:
Microsoft Sentinel architecture,
SOAR and UEBA
Security operations and incident response processes
MITRE ATT&CK, NIST CSF, Zero Trust Architecture
DevOps and CI/CD pipelines
API integrations and
JSON/YAML
Skills in:
Building Sentinel automation playbooks and Logic App workflows
Writing complex
KQL
for analytics and threat hunting
Developing custom connectors and parsers
Designing and tuning UEBA models
Debugging SOAR workflows and integrations
Communicating complex technical concepts clearly
Ability to:
Work independently on complex development efforts
Translate security requirements into scalable technical solutions
Analyze threat behavior and build effective detections
Collaborate across cybersecurity, infrastructure, and application teams
Manage multiple priorities and meet deadlines
Bachelor’s degree in
Computer Science, Information Systems, Software Engineering, Cybersecurity , or related field
2+ years
of experience in software development, cloud engineering, SIEM engineering, or cybersecurity engineering
Preferred Qualifications
3+ years
hands‑on experience with
Microsoft Sentinel
Experience building
UEBA models and anomaly detections
Microsoft certifications (SC‑200, AZ‑900, AZ‑104, SC‑100, SC‑300)
Experience integrating Sentinel with
EDR, IAM, firewalls, ticketing systems
Experience in
government, healthcare, or regulated environments
Seniority level
Associate
Employment type
Contract
Job function
Information Technology
Industries
Government Administration, Health and Human Services, and Hospitals and Health Care
Referrals increase your chances of interviewing at LanceSoft, Inc. by 2x
Get notified about new Software Engineer jobs in
Austin, TX .
#J-18808-Ljbffr
Position Overview The
Software Developer II
performs advanced (senior-level) software development work focused on designing, building, testing, and optimizing
Microsoft Sentinel
capabilities for large-scale security programs. This role is responsible for developing
custom automation playbooks, analytics rules, behavioral models, connectors, and integrations
that support
SOAR and UEBA
functionality.
The position works under limited supervision and exercises
independent judgment, technical leadership, and initiative
while collaborating with cybersecurity, cloud, and DevOps teams.
Essential Job Functions
Design, develop, test, and deploy
Sentinel SOAR automation playbooks
using
Azure Logic Apps, Azure Functions, ARM templates, and REST APIs .
Create automated workflows for
alert enrichment, triage, response actions, notifications, and case management .
Integrate Sentinel with
third‑party platforms
(EDR, IAM, ticketing systems, email gateways, firewalls) to automate security operations.
Develop
custom UEBA detection rules , anomaly models, ML‑based behavior patterns, and
advanced KQL hunting queries .
Build and maintain analytics content, parsers, normalization rules, and entity behavior profiles.
Evaluate behavioral anomalies and collaborate with security teams to refine detection logic.
Design and implement
custom data connectors, ingestion pipelines, and transformation logic .
Create dashboards, workbooks, hunting queries, and
detection‑as‑code assets .
Tune Sentinel performance to reduce noise and align detections with
MITRE ATT&CK and Zero Trust principles .
Application Development & Integration (10%)
Develop supporting code modules, scripts, microservices, and APIs using
Python, PowerShell, .NET, or similar languages .
Work with
CI/CD pipelines, DevOps processes, version control, and infrastructure‑as‑code .
Produce technical documentation, SOPs, architecture diagrams, and automation runbooks.
Collaborate with security leadership and cross‑functional teams on requirements, testing, and deployments.
Provide
Tier III engineering support
and participate in post‑incident reviews as needed.
Knowledge, Skills, and Abilities (KSAs) Knowledge of:
Microsoft Sentinel architecture,
SOAR and UEBA
Security operations and incident response processes
MITRE ATT&CK, NIST CSF, Zero Trust Architecture
DevOps and CI/CD pipelines
API integrations and
JSON/YAML
Skills in:
Building Sentinel automation playbooks and Logic App workflows
Writing complex
KQL
for analytics and threat hunting
Developing custom connectors and parsers
Designing and tuning UEBA models
Debugging SOAR workflows and integrations
Communicating complex technical concepts clearly
Ability to:
Work independently on complex development efforts
Translate security requirements into scalable technical solutions
Analyze threat behavior and build effective detections
Collaborate across cybersecurity, infrastructure, and application teams
Manage multiple priorities and meet deadlines
Bachelor’s degree in
Computer Science, Information Systems, Software Engineering, Cybersecurity , or related field
2+ years
of experience in software development, cloud engineering, SIEM engineering, or cybersecurity engineering
Preferred Qualifications
3+ years
hands‑on experience with
Microsoft Sentinel
Experience building
UEBA models and anomaly detections
Microsoft certifications (SC‑200, AZ‑900, AZ‑104, SC‑100, SC‑300)
Experience integrating Sentinel with
EDR, IAM, firewalls, ticketing systems
Experience in
government, healthcare, or regulated environments
Seniority level
Associate
Employment type
Contract
Job function
Information Technology
Industries
Government Administration, Health and Human Services, and Hospitals and Health Care
Referrals increase your chances of interviewing at LanceSoft, Inc. by 2x
Get notified about new Software Engineer jobs in
Austin, TX .
#J-18808-Ljbffr