**Who we are** NTT DATA Romania is looking for passionate Engineers for designing and improving security solutions and to offer architecture consultancy within various projects and activities. We are seeking a highly skilled and experienced Microsoft Sentinel Engineer at the senior level to join our dynamic team. **What you'll be doing** + Design, implement, and maintain Microsoft Sentinel deployments, ensuring optimal configuration, data ingestion quality, and alignment with organizational security objectives. + Create, refine, and optimize detection rules, analytics, workbooks, and dashboards to support effective monitoring of cloud, hybrid, and on-premises environments. + Develop advanced KQL queries to support threat detection, hunting, reporting, and operational efficiency. + Build and maintain SOAR playbooks using Logic Apps to automate triage, response actions, and workflow orchestration. + Lead threat hunting initiatives leveraging Microsoft Sentinel, Defender XDR suite data, and relevant threat intelligence sources. + Produce comprehensive documentation, including use cases, detection logic, response procedures, runbooks, and architectural diagrams. + Collaborate with SOC analysts, security engineers, cloud teams, and application owners to ensure cohesive incident response and coordinated remediation activities. + Oversee the integration of new log sources, ensuring proper mapping, normalization, and adherence to governance and compliance standards. + Conduct continuous tuning and performance optimization of alerts, analytic rules, and data connectors to improve signal-to-noise ratio. + Provide guidance, mentorship, and technical leadership to junior team members and cross-functional IT staff. + Linux proficiency + Ansible/Terraform literate + Available for 24x7 OnCall + Effective communication and documentation skills (Visio preferred, any other diagraming tool is accepted). **What you'll bring along** + Bachelor’s degree in Information Security, Cybersecurity, Computer Science, or related field. + Minimum 5-10 years of experience in a similar role + Extensive hands-on experience administering and engineering solutions within Microsoft Sentinel, including custom analytics, automation, and log management. + Strong proficiency in KQL with the ability to craft complex queries for detection, investigation, and reporting. + Deep understanding of security monitoring, threat detection methodologies, and incident response practices. + Deep understanding of log source onboarding in Sentinel. + Practical experience with Microsoft Defender XDR solutions (Defender for Endpoint, Identity, Office 365, and Cloud Apps). + Familiarity with cloud-native security architecture, particularly Azure services, identity management, and network security controls. + Ability to translate technical concepts into clear, actionable guidance for various levels of stakeholders. + Relevant certifications (e.g., SC-200, SC-100, AZ-500, CISSP, GIAC certifications). + Experience integrating Sentinel with third-party log sources, SIEM platforms, and security tools. + Knowledge of Python, Bash, PowerShell, or similar scripting languages to support automation and custom integrations. + Background in SOC operations, threat hunting, detection engineering, or cloud security. + Languages: English is mandatory, German an advantage **What’s in it for you** ✔ New beginnings can be a challenge. We promise a smooth integration and a supportive mentor ✔ Pick your working style: choose from Remote, Hybrid or Office work opportunities ✔ Early bird or night owl? Our projects have different working hours to suit your needs ✔ Nobody is born an expert. Sharpen your tech skills with our sponsored certifications, trainings and top e-learning platforms ✔ We want you to stay healthy! Enjoy our Private Health Insurance ⁠– it’s custom-made for you ✔ A clear mind is a healthy mind. Attend individual coaching sessions or go one step further by joining our accredited Coaching School ✔ Make the most of our epic parties or themed events – they’re lovingly designed for our people and their families ✔ NTT DATA recruiters will never ask job seekers and candidates for payment or banking information during the recruitment process, for any reason. Please remain vigilant of third parties that may try to impersonate NTT DATA recruiters, either in writing or by phone, in an attempt to deceptively obtain personal data or money from you. All email communications from an NTT DATA recruiter will be associated with an @nttdata.com email address. NTT DATA will not use any non-NTT DATA or personal email domains (Gmail, Yahoo, etc.) or personal communication channels (WhatsApp, Facebook etc) at any time during the recruitment process. If you suspect any fraudulent activity, please contact us. NTT DATA Romania is an equal opportunity employer and considers all applicants regardless to race, color, religion, citizenship, national origin, ancestry, age, sex, sexual orientation, gender identity, genetic information, physical or mental disability, veteran or marital status, or any other characteristic protected by law. We are committed to creating a diverse and inclusive environment for all employees. Not the job for you? Perhaps you have a friend who would be a perfect fit. Send them this link! **What’s in it for you** + New beginnings can be a challenge. We promise a smooth integration and a supportive mentor + Pick your working style: choose from Remote, Hybrid or Office work opportunities + Early bird or night owl? Our projects have different working hours to suit your needs + Nobody is born an expert. Sharpen your tech skills with our sponsored certifications, trainings and top e-learning platforms + We want you to stay healthy! Enjoy our Private Health Insurance ⁠– it’s custom-made for you + A clear mind is a healthy mind. Attend individual coaching sessions or go one step further by joining our accredited Coaching School + Make the most of our epic parties or themed events – they’re lovingly designed for our people and their families Your unique talent is what matters. NTT DATA Romania is an equal opportunity employer and considers all applicants regardless to race, color, religion, citizenship, national origin, ethnicity, age, gender, sexual orientation, gender identity, genetic information, physical or mental disability, veteran or marital status, or any other characteristic. **Third parties fraudulently posing as NTT DATA recruiters** NTT DATA recruiters will never ask job seekers and candidates for payment or banking information during the recruitment process, for any reason. Please remain vigilant of third parties that may try to impersonate NTT DATA recruiters, either in writing or by phone, in an attempt to deceptively obtain personal data or money from you. All email communications from an NTT DATA recruiter will be associated with an @nttdata.com email address. NTT DATA will not use any non-NTT DATA or personal email domains (Gmail, Yahoo, etc.) or personal communication channels (WhatsApp, Facebook etc) at any time during the recruitment process. If you suspect any fraudulent activity, please contact us. \#LI-AR2