Technical Security Architect (Sentnel)

Job Description

Technical Security Architect (Microsoft Sentinel) Company Description: Aristiun empowers organizations to embrace a proactive security posture by offering an innovative Security Performance and Lifecycle Management (SPLM) solution. Our platform simplifies security control management and traceability, streamlines compliance, and enhances security posture. We are driven by the belief that technology can be a powerful enabler of security, and we are passionate about building solutions that help our clients navigate the complexities of today's threat landscape. Role Description: We seek a highly skilled and visionary Technical Security Architect to be the principal authority for our client's next-generation security operations. This is a full-time remote position focused on designing, implementing, and optimizing a sophisticated, large-scale security ecosystem built on Microsoft Sentinel. You will act as the key technical leader, translating complex security requirements into a robust, automated, and future-proof platform for one of our major clients. As a Technical Security Architect, you will: Architect Solutions: Lead the end-to-end design, implementation, and continuous optimization of a large-scale Microsoft Sentinel environment for our clients. Develop Advanced Detections: Author and implement advanced analytics rules, custom threat detection logic, and correlation rules using Kusto Query Language (KQL). Drive Automation: Design, build, and manage a library of SOAR playbooks using Azure Logic Apps to automate incident response actions, dramatically reducing response times. Serve as a Top-Tier Expert: Act as the lead L3 technical escalation point for major security incidents, guiding complex investigations and coordinating response efforts. Lead Threat Hunting: Conduct proactive, intelligence-driven threat hunting campaigns within client environments to uncover undetected and emerging threats. Integrate Ecosystems: Oversee the technical integration of a wide array of log sources, including Microsoft Defender for Endpoint, Microsoft Entra ID, AWS, M365, and network infrastructure. Provide Visibility: Create and maintain live, interactive security dashboards and reports using Sentinel Workbooks to provide real-time visibility to clients and internal leadership. Collaborate for Success: Work closely with clients and internal Aristiun teams to ensure service delivery excellence, provide technical oversight, and guarantee SLAs are met. Qualifications: Technical Background: A degree in Cybersecurity, Information Technology, Computer Science, or a related field, OR demonstrable experience in a senior security engineering role. Exceptional Experience: 7+ years of professional experience in cybersecurity, with at least 4 years in a security architecture, security engineering, or senior SOC role. Sentinel Expertise: Expert-level, hands-on experience with Microsoft Sentinel is essential. This includes deployment, data connector configuration, analytics rule development, and SOAR automation. KQL Proficiency: Deep expertise in Kusto Query Language (KQL) for threat hunting, data analysis, and creating advanced detections. Microsoft Security Ecosystem: Deep technical knowledge of Microsoft Defender for Endpoint, Microsoft Entra ID, and Microsoft 365 security controls. Automation & Scripting Skills: Experience with PowerShell, Python, or Azure Logic Apps. Self-Starter and Team Player: Able to work independently and collaboratively in a remote environment. Strong Communicator: Proven ability to translate complex technical concepts into clear, actionable guidance for clients and team members. Bonus Points: Prior experience migrating a large enterprise from a legacy SIEM to Microsoft Sentinel. Experience in a consulting or client-facing role, managing the technical relationship with an enterprise client. Relevant industry certifications (e.g., AZ-500, SC-200, CISSP, GIAC). What We Offer: Competitive Salary: A great salary that reflects your experience and contributions. Equity Opportunities: For deserving candidates, we offer the chance to share in Aristiun's success. Performance Bonuses: Rewarding performance with attractive bonuses. Remote Work Flexibility: Work from anywhere with a strong internet connection. Continuous Learning: Access to cutting-edge technology and professional development opportunities to stay at the forefront of the industry. Join Aristiun and help us shape the future of AI-driven security!