×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity

SOC Detection Engineer: Sentinel, Defender & Automation

Job in Bellaire, Harris County, Texas, 77401, USA
Listing for: Direct Jobs
Full Time position
Listed on 2026-05-28
Job specializations:
  • IT/Tech
    Cybersecurity
Job Description & How to Apply Below

Job Summary

The Information Security SOC Engineer is a hands‑on cybersecurity professional responsible for engineering, operating, and automating detection and response capabilities. The engineer designs and maintains content in Microsoft Sentinel (data connectors, analytics rules, hunting queries, workbooks), enhances protections with Microsoft Defender (Endpoint/XDR, Office 365, Identity), and builds automation using Azure Logic Apps.

Key Responsibilities
  • Detection Engineering & SIEM Operations (Microsoft Sentinel and Rapid
    7): own Sentinel content lifecycle including data ingestion, analytic rules, KQL queries, UEBA tuning, watchlists, and dashboards; develop hunting queries and proactive threat detection logic; implement incident enrichment and correlation across multiple data sources.
  • Endpoint, Email, and Identity Protection (Microsoft Defender): engineer configurations within Microsoft Defender for Endpoint/XDR, Defender for Office 365, and Identity protection; integrate Defender alerting with Sentinel for enhanced detection correlation.
  • Automation & Orchestration (Azure Logic Apps): build, deploy, and manage Logic Apps SOAR playbooks for automated triage, enrichment, and response; implement approval flows, track automation metrics, and improve MTTR.
  • Incident Response &

    Collaboration:

    support containment, eradication, and recovery of security incidents; conduct post‑incident reviews and update detection logic and processes accordingly.
Runbooks, Documentation & Continuous Improvement
  • Maintain engineering runbooks, playbooks, and process documentation.
  • Track SOC metrics and produce security operational dashboards.
Required Qualifications & Skills
  • Bachelor's degree in Cybersecurity/IT or equivalent experience.
  • 2–4+ years in SOC, SIEM engineering, or detection/response roles.
  • Experience building automation.
  • Strong understanding of incident response and MITRE ATT&CK.
  • Experience integrating MSSP feeds and third‑party tools.
  • Certifications such as SC-200, SC-100, AZ-500, Security+, CEH.
  • Strong analytical and communication skills.
  • Team‑oriented with a positive and professional approach.
Preferred Qualifications
  • Hands‑on experience with Microsoft Sentinel (KQL, analytics rules, workbooks, connectors).
  • Hands‑on experience with Microsoft Defender (Endpoint/XDR, Office 365, Identity).
  • Scripting experience (Power Shell, Python).
  • Experience building automation using Azure Logic Apps.
#J-18808-Ljbffr
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search