Senior Security Operations Engineer
Senior Security Operations Engineer
Alternate / Related Job Titles
• Senior SIEM Engineer
• Microsoft Sentinel Engineer
• Security Detection Engineering Lead
• Senior SOC Engineering Specialist
• Cloud Security Operations Engineer
Location & Onsite Flexibility
Minneapolis, MN — Remote
Contract Details
• Position Type: Contract
• Contract Duration: Not to Exceed Contract Term
• Start: As Soon As Possible
• Pay Rate: $50.79/hour
Job Description
We are seeking a Senior Security Operations Engineer with expert-level Microsoft Sentinel engineering experience to support SIEM engineering, advanced threat detection development, and security operations maturity. This is a hands-on technical role focused on delivering high-impact improvements within a large enterprise Sentinel environment. This position requires deep engineering ownership of Sentinel, not analyst-only experience.
Key Responsibilities
Microsoft Sentinel (Primary Focus)
• Engineer and tune Microsoft Sentinel data connectors, analytic rules, content packs, and automation playbooks
• Build KQL-based detections, custom analytics, hunting queries, and watchlists
• Manage and optimize log ingestion pipelines, including WindowsEvent, SecurityEvent, and NxLog sources
• Design and maintain SOAR automation using Logic Apps
• Migrate legacy detection and hunting workflows into Sentinel’s Threat Hunting module
• Partner with SOC and IR teams to improve signal fidelity and detection quality
Threat Hunting & Detection Engineering
• Conduct advanced threat hunting using KQL and Sentinel workbooks
• Convert threat intelligence into actionable detections
• Identify detection gaps and expand coverage across identity, endpoint, and cloud telemetry
Endpoint Security (CrowdStrike Falcon)
• Review CrowdStrike IOA detections and build complementary Sentinel detections
• Integrate CrowdStrike EASM insights into detection workflows
• Support endpoint engineering related to USB security, SSH visibility, certificates, and firewall controls
Identity & Credential Security
• Integrate credential risk signals into Sentinel detections
• Build detections for abnormal authentication behavior and correlated identity attacks
Incident Response & Escalation
• Provide Tier 3 engineering support for Sentinel alerts and endpoint incidents
• Support high-severity investigations requiring deep log correlation
Documentation & Knowledge Transfer
• Produce engineering documentation, SOPs, playbooks, and runbooks
• Deliver full knowledge transfer at the conclusion of the contract
Required Qualifications (Must Have)
• Extensive hands-on Microsoft Sentinel engineering experience
• Strong proficiency in KQL
• Experience building analytic rules, hunting queries, SOAR playbooks, and SIEM data models
• Hands-on experience with CrowdStrike Falcon (EDR, IOA, EASM, firewall)
• Strong understanding of MITRE ATT&CK and modern detection engineering practices
• Broad troubleshooting skills across Windows, Linux, identity, and cloud environments
Preferred Qualifications
• Experience migrating legacy SIEM workflows into Sentinel
• Experience with identity risk and credential monitoring tools
• Scripting experience with PowerShell or Python
• Experience supporting OT, factory, or production environments
Ideal Candidate Profile
• Former Sentinel engineer, architect, or senior detection engineer
• Able to build detections and automations from scratch
• Deep understanding of SIEM ingestion, normalization, and schema mapping
• Self-directed, senior-level professional comfortable working independently
Benefits
Medical, Vision, and Dental Insurance Plans
401(k) Retirement Fund
About The Company
We are a leading provider of data storage solutions, committed to innovation, sustainability, and employee development. With a collaborative and inclusive culture, the organization values integrity, innovation, and global impact while delivering cutting-edge technology to customers worldwide.
About GTT
GTT is a minority-owned staffing firm and a subsidiary of Chenega Corporation, a Native American-owned company in Alaska. As a Native American-owned, economically disadvantaged organization, GTT values diverse and inclusive workplaces. Our clients include Fortune 500 banking, insurance, financial services, technology companies, and leading life sciences, biotech, utility, and retail organizations across the U.S. and Canada.
Job Number
26-01310
Hashtags
#LI-GTT #LI-Remote #gttjobs
Remote
About the Company:
GTT, LLC
Global Technical Talent is a subsidiary of Chenega Corporation (www.Chenega.com) with over 1.3 billion US$ in revenue and 5800 US employees. We provide Total Talent Solutions, Global staffing, SOW, RPO, Direct Sourcing, and Global Payroll with physical offices in US, Canada, and India. GTT Digital headquartered in Toronto specializes in providing high-tech digital and banking talent to some of the nation’s largest financial institutions. GTT has been a leader in the staffing industry for over 22 years and is one of the largest staffing firms in the New England region. We are known for our Fortune 500 clientele and cutting-edge, technology-driven recruiting infrastructure.
We are a Native American-owned, economically disadvantaged corporation that highly values diverse and inclusive workplaces. Our clients and partners are among the most successful and innovative organizations in the world. Our top clients are Fortune 500 banking, insurance, and financial services firms, some of the nation’s largest life sciences, biotech, utility, and retail companies, and prestigious educational institutions in the Ivy League tier.
There is always a new opportunity for success when you look through all of the open job opportunities on our website’s career page. Just click on this link: https://bit.ly/gttcareers
Awards
SIA’s Best Staffing Firm to Work for ( 2019 -2023)
SIA’s Fastest Growing Staffing Firm
Inc 5000 Company
NH Business Magazines Fast 5 fastest growing companies.
Company Size:
100 to 499 employees
Industry:
Staffing/Employment Agencies
Founded:
2004
Website:
http://www.gttit.com
Apply tot his job
Apply To this Job
Alternate / Related Job Titles
• Senior SIEM Engineer
• Microsoft Sentinel Engineer
• Security Detection Engineering Lead
• Senior SOC Engineering Specialist
• Cloud Security Operations Engineer
Location & Onsite Flexibility
Minneapolis, MN — Remote
Contract Details
• Position Type: Contract
• Contract Duration: Not to Exceed Contract Term
• Start: As Soon As Possible
• Pay Rate: $50.79/hour
Job Description
We are seeking a Senior Security Operations Engineer with expert-level Microsoft Sentinel engineering experience to support SIEM engineering, advanced threat detection development, and security operations maturity. This is a hands-on technical role focused on delivering high-impact improvements within a large enterprise Sentinel environment. This position requires deep engineering ownership of Sentinel, not analyst-only experience.
Key Responsibilities
Microsoft Sentinel (Primary Focus)
• Engineer and tune Microsoft Sentinel data connectors, analytic rules, content packs, and automation playbooks
• Build KQL-based detections, custom analytics, hunting queries, and watchlists
• Manage and optimize log ingestion pipelines, including WindowsEvent, SecurityEvent, and NxLog sources
• Design and maintain SOAR automation using Logic Apps
• Migrate legacy detection and hunting workflows into Sentinel’s Threat Hunting module
• Partner with SOC and IR teams to improve signal fidelity and detection quality
Threat Hunting & Detection Engineering
• Conduct advanced threat hunting using KQL and Sentinel workbooks
• Convert threat intelligence into actionable detections
• Identify detection gaps and expand coverage across identity, endpoint, and cloud telemetry
Endpoint Security (CrowdStrike Falcon)
• Review CrowdStrike IOA detections and build complementary Sentinel detections
• Integrate CrowdStrike EASM insights into detection workflows
• Support endpoint engineering related to USB security, SSH visibility, certificates, and firewall controls
Identity & Credential Security
• Integrate credential risk signals into Sentinel detections
• Build detections for abnormal authentication behavior and correlated identity attacks
Incident Response & Escalation
• Provide Tier 3 engineering support for Sentinel alerts and endpoint incidents
• Support high-severity investigations requiring deep log correlation
Documentation & Knowledge Transfer
• Produce engineering documentation, SOPs, playbooks, and runbooks
• Deliver full knowledge transfer at the conclusion of the contract
Required Qualifications (Must Have)
• Extensive hands-on Microsoft Sentinel engineering experience
• Strong proficiency in KQL
• Experience building analytic rules, hunting queries, SOAR playbooks, and SIEM data models
• Hands-on experience with CrowdStrike Falcon (EDR, IOA, EASM, firewall)
• Strong understanding of MITRE ATT&CK and modern detection engineering practices
• Broad troubleshooting skills across Windows, Linux, identity, and cloud environments
Preferred Qualifications
• Experience migrating legacy SIEM workflows into Sentinel
• Experience with identity risk and credential monitoring tools
• Scripting experience with PowerShell or Python
• Experience supporting OT, factory, or production environments
Ideal Candidate Profile
• Former Sentinel engineer, architect, or senior detection engineer
• Able to build detections and automations from scratch
• Deep understanding of SIEM ingestion, normalization, and schema mapping
• Self-directed, senior-level professional comfortable working independently
Benefits
Medical, Vision, and Dental Insurance Plans
401(k) Retirement Fund
About The Company
We are a leading provider of data storage solutions, committed to innovation, sustainability, and employee development. With a collaborative and inclusive culture, the organization values integrity, innovation, and global impact while delivering cutting-edge technology to customers worldwide.
About GTT
GTT is a minority-owned staffing firm and a subsidiary of Chenega Corporation, a Native American-owned company in Alaska. As a Native American-owned, economically disadvantaged organization, GTT values diverse and inclusive workplaces. Our clients include Fortune 500 banking, insurance, financial services, technology companies, and leading life sciences, biotech, utility, and retail organizations across the U.S. and Canada.
Job Number
26-01310
Hashtags
#LI-GTT #LI-Remote #gttjobs
Remote
About the Company:
GTT, LLC
Global Technical Talent is a subsidiary of Chenega Corporation (www.Chenega.com) with over 1.3 billion US$ in revenue and 5800 US employees. We provide Total Talent Solutions, Global staffing, SOW, RPO, Direct Sourcing, and Global Payroll with physical offices in US, Canada, and India. GTT Digital headquartered in Toronto specializes in providing high-tech digital and banking talent to some of the nation’s largest financial institutions. GTT has been a leader in the staffing industry for over 22 years and is one of the largest staffing firms in the New England region. We are known for our Fortune 500 clientele and cutting-edge, technology-driven recruiting infrastructure.
We are a Native American-owned, economically disadvantaged corporation that highly values diverse and inclusive workplaces. Our clients and partners are among the most successful and innovative organizations in the world. Our top clients are Fortune 500 banking, insurance, and financial services firms, some of the nation’s largest life sciences, biotech, utility, and retail companies, and prestigious educational institutions in the Ivy League tier.
There is always a new opportunity for success when you look through all of the open job opportunities on our website’s career page. Just click on this link: https://bit.ly/gttcareers
Awards
SIA’s Best Staffing Firm to Work for ( 2019 -2023)
SIA’s Fastest Growing Staffing Firm
Inc 5000 Company
NH Business Magazines Fast 5 fastest growing companies.
Company Size:
100 to 499 employees
Industry:
Staffing/Employment Agencies
Founded:
2004
Website:
http://www.gttit.com
Apply tot his job
Apply To this Job