Security Engineer - SecOps

Responsibilities

• Handle investigation and response to security incidents across endpoints, identities, email, cloud workloads, and SaaS applications
• Act as a senior escalation point for SOC analysts during complex or ambiguous security events
• Develop, tune, and maintain Microsoft Sentinel analytics rules and optimize KQL queries for threat hunting
• Build and maintain SOAR automation and playbooks using Logic Apps for alert enrichment and response
• Perform proactive threat hunting across Microsoft Sentinel and Defender data to identify emerging threats
• Monitor and continuously improve detection coverage and security posture
• Partner with engineering and infrastructure teams to drive long-term remediation and risk reduction

Requirements

• Bachelor's degree in Cyber Security, Computer Science, Information Security, or a related field
• 4-6+ years of experience in Security Operations (SOC), Incident Response, or Detection & Response
• Hands-on experience with Microsoft Sentinel (SIEM) and Microsoft Defender XDR
• Proficiency in KQL (Kusto Query Language) for investigations and detection engineering
• Solid understanding of Azure cloud architecture and native security controls
• Experience with MITRE ATT&CK framework and modern attack methodologies
• Ability to support on-call rotations in a 24/7 or follow-the-sun environment

Preferred Qualifications

• Relevant certifications such as SC-200, SC-100, CySA+, GCIH, GCIA, or CISSP
• Experience with Azure Entra ID and identity security concepts (RBAC, IAM)

About the Company

Truveta provides unprecedented real-world data and real-time intelligence, powered by a dataset built with and owned by US health systems united in a mission of Saving Lives with Data. We enable research on more than 130 million de-identified patients across the US to power breakthrough medical discoveries and improve patient care.