Dice Id:10121503Austin, TX (Hybrid 2 days onsite per week)Contract: Long-TermEligibility RequirementsMust be local to the Austin, TX area and able to work onsite two days per weekMust be able to work on a W2 basis only (no C2C, 1099, or third-party vendors)Must be eligible to work in the U.S. without sponsorship or visa transferPosition OverviewWe are seeking a Software Developer II with strong experience in Microsoft Sentinel, security automation (SOAR), and analytics engineering (UEBA). This role focuses on designing, building, and optimizing Sentinel automation playbooks, analytics rules, and integrations to support advanced security operations and threat detection.The ideal candidate has hands-on experience with Azure services, KQL, automation workflows, and security engineering concepts, and can work independently while collaborating with cybersecurity and platform teams.Key ResponsibilitiesMicrosoft Sentinel SOAR DevelopmentDesign, develop, test, and deploy Sentinel automation playbooks using Azure Logic Apps, Azure Functions, ARM templates, and REST APIsBuild automated workflows for alert enrichment, triage, response actions, notifications, and case managementIntegrate Sentinel with third-party systems (EDR, IAM, ticketing systems, email gateways, firewalls, etc.)UEBA & Analytics EngineeringDevelop custom UEBA detection rules, anomaly models, and behavioral analytics using KQLBuild and maintain analytics rules, hunting queries, normalization logic, and entity behavior profilesAnalyze behavioral anomalies and fine-tune detection logic with security stakeholdersSIEM Platform & Content EngineeringDesign and implement custom data connectors, ingestion pipelines, and transformation logicBuild dashboards, workbooks, and detection-as-code assetsTune Sentinel configurations to improve performance, reduce noise, and align with MITRE ATT&CK and Zero Trust principlesApplication Development & IntegrationDevelop supporting scripts, APIs, and microservices using Python, PowerShell,.NET, or similar languagesWork within CI/CD pipelines, DevOps workflows, and Git-based version controlDocumentation & SupportProduce technical documentation, architecture diagrams, SOPs, and automation runbooksProvide Tier III engineering support and participate in post-incident reviews as neededMinimum QualificationsBachelor s degree in Computer Science, Software Engineering, Cybersecurity, or related field2+ years of experience in software development, cloud engineering, SIEM engineering, or cybersecurity engineeringHands-on experience with Microsoft Sentinel, Azure services, and security operations workflowsProficiency in KQL, scripting, and API-based integrationsStrong understanding of security operations, incident response, and threat detection conceptsPreferred Qualifications3+ years hands-on experience with Microsoft SentinelExperience building SOAR automation playbooks and UEBA detection modelsExperience integrating Sentinel with EDR, IAM, firewalls, and ticketing platformsExperience with DevOps pipelines (GitHub, Azure DevOps)Familiarity with MITRE ATT&CK, NIST CSF, and Zero Trust principlesMicrosoft certifications such as SC-200, AZ-900/AZ-104, SC-100/SC-300Experience working in regulated environments (government, healthcare, or similar) Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.Report this jobDice Id: 10121503Position Id: 8846282Posted 2 days ago Read Full Job DescriptionContact the Job PosterAmy DunnTechnology Recruiting Solutions,Inc. Senior Recruiter/OwnerView ProfileSimilar JobsxSharexCopied!CopyTwitterFacebookLinkedInEmail Create your free profile to continue Create your free profile to continue Log in to continue Log in to continue Already have an account? LoginAn error occurred while registering your account. Please try again shortly, or contact Dice at inquiries@consultant.dev account is for *If you are a recruiter, staffing agency, or employer creating an account for your candidate, choose that option.I'm creating this account for myselfI'm representing a candidateYou must make a selection.Complete your candidate's information belowFirst Name *First name is required.Last Name *Last name is required.Email Address *Please enter a valid email.This email is already registered. Want to sign in or recover your password?Password *8 character minimum with at least 1 number and 1 letter.Confirm Password *Password must match.By registering, you are agreeing with Dice's Privacy Policy and Terms of Use — and to receive emails from Dice with information about your job search. RegisterCancelThis site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.Don't have an account? Create your free profile Email and/or password incorrect. Please use the "Forgot password?" link, or contact Dice at inquiries@consultant.dev like you already have an employer account, Please log in hereEmail Address *Please enter a valid email.Password *8 character minimum with at least 1 number and 1 letter.Log inForgot password?Registration DeniedYour registration has been denied because we believe you are using automation tools.This may happen as a result of the following:Javascript is disabled or blocked by an extension (ad blocker for example)Your browser does not support cookiesIf you are needing additional assistance, please contact customer support.CloseAd

Microsoft Sentinel / SOAR / UEBA Software Developer

Posted Yesterday

Project-Based

Description

Job Details Software Developer II Microsoft Sentinel / SOAR / UEBA Location: Austin, TX (Hybrid 2 days onsite per week) Contract: Long-Term Eligibility Requirements Must be local to the Austin, TX area and able to work onsite two days per week Must be able to work on a W2 basis only (no C2C, 1099, or third-party vendors) Must be eligible to work in the U.S. without sponsorship or visa transfer Position Overview We are seeking a Software Developer II with strong experience in Microsoft Sentinel , security automation (SOAR), and analytics engineering (UEBA). This role focuses on deg, building, and optimizing Sentinel automation playbooks, analytics rules, and integrations to support advanced security operations and threat detection. The ideal candidate has hands-on experience with Azure services, KQL, automation workflows, and security engineering concepts, and can work independently while collaborating with cybersecurity and platform teams. Key Responsibilities Microsoft Sentinel SOAR Development Design, develop, test, and deploy Sentinel automation playbooks using Azure Logic Apps , Azure Functions , ARM templates , and REST APIs Build automated workflows for alert enrichment, triage, response actions, notifications, and case management Integrate Sentinel with third-party systems (EDR, IAM, ticketing systems, email gateways, firewalls, etc.) UEBA & Analytics Engineering Develop custom UEBA detection rules, anomaly models, and behavioral analytics using KQL Build and maintain analytics rules, hunting queries, normalization logic, and entity behavior profiles Analyze behavioral anomalies and fine-tune detection logic with security stakeholders SIEM Platform & Content Engineering Design and implement custom data connectors, ingestion pipelines, and transformation logic Build dashboards, workbooks, and detection-as-code assets Tune Sentinel configurations to improve performance, reduce noise, and align with MITRE ATT&CK and Zero Trust principles Application Development & Integration Develop supporting scripts, APIs, and microservices using Python, PowerShell,.NET, or similar languages Work within CI/CD pipelines, DevOps workflows, and Git-based version control Documentation & Support Produce technical documentation, architecture diagrams, SOPs, and automation runbooks Provide Tier III engineering support and participate in post-incident reviews as needed Minimum Qualifications Bachelor s degree in Computer Science, Software Engineering, Cybersecurity , or related field 2+ years of experience in software development, cloud engineering, SIEM engineering, or cybersecurity engineering Hands-on experience with Microsoft Sentinel , Azure services, and security operations workflows Proficiency in KQL , scripting, and API-based integrations Strong understanding of security operations, incident response, and threat detection concepts Preferred Qualifications 3+ years hands-on experience with Microsoft Sentinel Experience building SOAR automation playbooks and UEBA detection models Experience integrating Sentinel with EDR, IAM, firewalls, and ticketing platforms Experience with DevOps pipelines (GitHub, Azure DevOps) Familiarity with MITRE ATT&CK , NIST CSF , and Zero Trust principles Microsoft certifications such as SC-200, AZ-900/AZ-104, SC-100/SC-300 Experience working in regulated environments (government, healthcare, or similar) Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity. Report this job Dice Id: 10121503 Position Id: 8846282 Posted 2 days ago Read Full Job Description

Skills

PowerShellAzure DevOpsPythonCI/CDAIARM TemplatesDevOpsSecurityAzureREST.NETArtificial IntelligenceGitMicroservicesIAMCybersecurityAPIdotnetGitHub