Job Requirements
Washington, DC
Clearance Unspecified Polygraph not specified
Career Level not specified
Salary not specified
Join Premium to unlock estimated salaries 
Job Description
The Senior Security Engineer will provide onsite cybersecurity support as part of a hybrid delivery model, working closely with internal stakeholders to enhance security monitoring, detection capabilities, and incident readiness. This role supplements 24x7x365 remote SOC operations and focuses on strengthening onsite security posture, validation, and coordination activities.
Key Responsibilities
Review and assess Microsoft Sentinel log ingestion and monitoring coverage
Validate and tune detection use cases to improve threat detection accuracy
Identify telemetry and log ingestion gaps across systems and environments
Coordinate remediation activities with IRM (Information Risk Management) staff
Support vulnerability prioritization and validate patch governance processes
Validate log routing and normalization, including tools such as Cribl (as applicable)
Provide hands-on technical support during active security events and incidents
Required Technical Skills & Expertise
Strong proficiency in Microsoft Sentinel (SIEM)
Experience with Microsoft Defender for Endpoint (Windows and macOS)
Experience with Microsoft Defender for Identity
Knowledge of AWS log ingestion and cloud telemetry
Understanding of log management, normalization, and telemetry pipelines
Work Model Requirement
Onsite presence required 2–3 days per week
Role is supplemental to 24x7x365 remote monitoring services, not a replacement
Key Expectations
Ability to operate independently in an onsite advisory and technical role
Strong coordination skills with internal security and IRM teams
Practical, hands-on experience in detection engineering and security operations
Key Responsibilities
Review and assess Microsoft Sentinel log ingestion and monitoring coverage
Validate and tune detection use cases to improve threat detection accuracy
Identify telemetry and log ingestion gaps across systems and environments
Coordinate remediation activities with IRM (Information Risk Management) staff
Support vulnerability prioritization and validate patch governance processes
Validate log routing and normalization, including tools such as Cribl (as applicable)
Provide hands-on technical support during active security events and incidents
Required Technical Skills & Expertise
Strong proficiency in Microsoft Sentinel (SIEM)
Experience with Microsoft Defender for Endpoint (Windows and macOS)
Experience with Microsoft Defender for Identity
Knowledge of AWS log ingestion and cloud telemetry
Understanding of log management, normalization, and telemetry pipelines
Work Model Requirement
Onsite presence required 2–3 days per week
Role is supplemental to 24x7x365 remote monitoring services, not a replacement
Key Expectations
Ability to operate independently in an onsite advisory and technical role
Strong coordination skills with internal security and IRM teams
Practical, hands-on experience in detection engineering and security operations
group id: RTX199ddb