🛠 Tech Stack

💼 About This Role

You'll manage and optimize Microsoft Sentinel SIEM operations for a critical federal-facing program, ensuring reliable log ingestion, normalization, and analytics across cloud and on-premise systems. You will support incident response and threat hunting activities by providing relevant log data and analysis. This role offers a fully remote work arrangement and the chance to work in a compliance-driven cybersecurity environment.

🎯 What You'll Do

• Manage and optimize Microsoft Sentinel SIEM operations.
• Develop detection rules, correlation logic, and dashboards.
• Support incident response, threat hunting, and forensic investigations.
• Coordinate onboarding of new log sources from cloud environments.

📋 Requirements

• 6+ years in security engineering or SOC/SIEM roles.
• Hands-on experience with Microsoft Sentinel and other SIEM platforms.
• Proficiency in KQL for building queries and analytics.
• Active Public Trust clearance (required).

✨ Nice to Have

• CISSP, GCIH, GCIA, or Microsoft Security certifications.
• Experience with NIST frameworks (800-53, 800-92, 800-61).
• Knowledge of AWS and Azure cloud security logs.

🎁 Benefits & Perks

• 🏠 Fully remote work within Canada
• 🔐 High-impact federal security programs
• 📈 Competitive compensation aligned with clearance level
• 🛠️ Exposure to advanced SIEM and cloud security
• 🎓 Professional development and certifications

📨 Hiring Process

Estimated timeline: 2-4 weeks · AI estimate

1. 1Recruiter Call· 30 min
2. 2Technical Interview· 60 min
3. 3Final Interview· 45 min

🚩 Heads Up

• Active Public Trust clearance requirement may limit candidate pool
• Experience requirement exceeds typical for senior level (6+ years)