Job description

Security Engineer - Microsoft E5, Sentinel, and CrowdStrike job at Robert Half. San Ramon, CA. Job Description Job Description We are seeking a highly skilled Security Engineer with expertise in Microsoft E5, Microsoft Sentinel, and CrowdStrike to strengthen our organization's cybersecurity defenses. The ideal candidate will be responsible for deploying and managing advanced security solutions, including CrowdStrike's Identity Protection and External Attack Surface Management (EASM) modules, as well as leveraging Microsoft E5 security capabilities and Sentinel for comprehensive threat monitoring and response. Key Responsibilities: • CrowdStrike: • Configure and manage CrowdStrike Falcon modules, including Identity Protection to defend against identity-based threats and External Attack Surface Management (EASM) to monitor and secure internet-facing assets. • Utilize CrowdStrike’s advanced threat intelligence and Endpoint Detection and Response (EDR) capabilities to identify and mitigate threats. • Automate response actions using CrowdStrike APIs and integrate with other security tools for streamlined incident management. • Microsoft E5 and Sentinel: • Implement and maintain security features in the Microsoft E5 licensing suite, including Defender for Endpoint, Defender for Identity, and Azure AD Premium P2 for Zero Trust architecture. • Deploy and manage Microsoft Sentinel as the central Security Information and Event Management (SIEM) tool, integrating it with CrowdStrike and other security platforms. • Develop and customize analytics rules in Sentinel using Kusto Query Language (KQL) to detect, investigate, and respond to security incidents. • Create and manage Logic Apps playbooks in Sentinel to automate incident response workflows. • Incident Management and Threat Hunting: • Perform proactive threat hunting using Sentinel and CrowdStrike tools, analyzing logs and behaviors to identify and mitigate potential risks. • Correlate data from multiple sources, including EASM insights, to map external vulnerabilities and prioritize remediation efforts. • Cost Optimization and Compliance: • Optimize data ingestion and retention strategies in Microsoft Sentinel and Azure Log Analytics to balance costs while maintaining regulatory compliance. • Ensure security processes align with frameworks such as NIST, GDPR, and HIPAA. • Collaboration and Strategic Security: • Partner with cross-functional teams to design and implement security strategies aligned with business goals. • Stay informed about emerging threats, security technologies, and best practices to ensure the organization remains protected. • Bachelor’s degree in Computer Science, Cybersecurity, or a related field (or equivalent experience). • Proven experience with CrowdStrike Falcon modules, particularly Identity Protection and EASM, as well as Microsoft E5 security tools and Microsoft Sentinel. • Proficiency in Kusto Query Language (KQL), Azure Logic Apps, and CrowdStrike API integrations. • Strong understanding of SIEM, SOAR, EDR, and external attack surface management principles. • Familiarity with Zero Trust architectures and conditional access policies. • Relevant certifications such as Microsoft Certified: Security, Compliance, and Identity Fundamentals, Azure Security Engineer Associate, and CrowdStrike Certified Falcon Administrator (CCFA) are a plus. • Excellent analytical, communication, and problem-solving skills.

Requirements