Position Summary
The Purview and Sentinel Lead serves as the organization's primary subject matter expert for Microsoft Purview (compliance, data governance, and eDiscovery) and Microsoft Sentinel (cloud-native SIEM/SOAR). This role is responsible for the design, operation, and continuous improvement of the organization's data protection posture and security operations detection capabilities across a multi-facility healthcare environment.
Β
Key Responsibilities
- Microsoft Sentinel - SIEM/SOAR Operations: Own the architecture, configuration, and day-to-day health of the Microsoft Sentinel environment, including workspace design, data connector management, and cost optimization
- Microsoft Purview - Compliance & Data Governance: Design and administer the organization's Microsoft Purview compliance posture, including Information Protection, Data Loss Prevention (DLP), Insider Risk Management, Communication Compliance, and Audit solutions
- Detection Engineering & Threat Intelligence: Maintain a detection engineering lifecycle - ideate, build, validate, tune, and retire - for Sentinel analytic rules based on threat intelligence feeds (H-ISAC, MDTI, CISA advisories)
- Governance, Reporting & Collaboration: Produce regular operational metrics and executive-level reporting on SIEM alert volume, detection coverage, DLP policy effectiveness, and eDiscovery activity
Required Qualifications
- Experience: 2+ years in security operations, compliance engineering, or cloud security roles with direct hands-on experience in Microsoft Sentinel and/or Microsoft Purview
- Education: Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or equivalent practical experience
- Certifications (Required or Expected Within 12 Months):
- Microsoft Security Operations Analyst Associate (SC-200)
Technical Skills:
- Advanced KQL proficiency - analytic rules, hunting queries, workbooks, and summarization
- Hands-on experience with Sentinel data connectors, DCRs, automation rules, and Logic Apps playbooks
- Working knowledge of Microsoft Purview compliance portal: DLP, sensitivity labels, eDiscovery, litigation holds, and Audit
- Familiarity with Microsoft Defender XDR suite integration (MDE, MDI, MDA, MDO)
- Proficiency with PowerShell and Microsoft Graph API for compliance and security automation
- Understanding of MITRE ATT&CK framework and its application to detection rule development
Pay Rate: Min - $135,000 l Max - $135,000
Job Listing ID: 1791294