Senior Security Engineer, Microsoft Sentinel / Hybrid Onsite Liaison

Senior Security Engineer, Microsoft Sentinel / Hybrid Onsite Liaison Company Overview WINTrio LLC (WINTrio) is a leading provider of Cyber/DevSecOps, Cloud, Artificial Intelligence (AI)/Machine Learning (ML), and Agile Software Development solutions. We collaborate closely with federal and commercial clients to solve complex technical challenges by delivering innovative, agile, and cost-effective solutions. Our team is empowered to think creatively and deliver impactful results that drive measurable value. Role: Senior Security Engineer, Microsoft Sentinel / Hybrid Onsite Liaison Location: Washington, DC / Northern Virginia, hybrid onsite 2 to 3 days per week Client: Long-term Federal/Public Sector Work Authorization: US Citizen or Green Card preferred; must be able to pass federal background and suitability requirements. Job Summary: As a Senior Security Engineer, you will serve as the primary onsite security engineering liaison for a federal clients vSOC program. This role supports Microsoft Sentinel operations, Microsoft Defender tuning, log ingestion validation, telemetry gap identification, detection use case validation, vulnerability prioritization, patch governance coordination, and stakeholder engagement. Key Responsibilities: Serve as the primary technical liaison between the remote vSOC team and federal client stakeholders. Review Microsoft Sentinel log ingestion, monitoring coverage, dashboards, and detection content. Validate and tune detection use cases aligned to MITRE ATT&CK. Identify telemetry gaps across identity, endpoints, cloud, network, GitHub, SQL, VPN, Proofpoint, and backup tools. Support Microsoft Defender for Endpoint and Microsoft Defender for Identity tuning and operational validation. Coordinate remediation actions with client IRM staff and system owners. Support vulnerability prioritization, patch governance validation, and monthly remediation reporting. Validate log routing, normalization, and pipeline health, including Cribl or similar tools where applicable. Provide technical support during security events, incident escalation, purple team exercises, and continuity tests. Help mature the clients Sentinel and Defender deployment from current-state operations to an optimized security monitoring capability. Required Qualifications: Bachelors degree in Cybersecurity, Computer Science, Information Technology, or related field. 8+ years of cybersecurity engineering, SOC engineering, detection engineering, or SIEM operations experience. Strong hands-on experience with Microsoft Sentinel, KQL, workbooks, analytics rules, incidents, watchlists, and automation rules. Strong experience with Microsoft Defender for Endpoint and Microsoft Defender for Identity. Experience with AWS log ingestion, CloudTrail, VPC Flow Logs, IAM monitoring, and cloud telemetry. Experience supporting federal security requirements, sensitive data environments, and audit-ready documentation. Ability to work directly with client technical and executive stakeholders. Tools and Preferred Qualifications: Microsoft Sentinel, Defender XDR, MDE, MDI, Entra ID, Azure Government, AWS Commercial. KQL, Logic Apps, Azure Monitor, Log Analytics, GitHub, SQL Server auditing. Cisco, Checkpoint, iBoss, VPN, Proofpoint TAP/TRAP, Veeam, WinCollect, Cribl. Certifications preferred: CISSP, GCIH, GCIA, CEH, Microsoft Security Operations Analyst, SC-200, AZ-500, AWS Security Specialty. Benefits Medical, Dental, and Vision Insurance FSA & HSA options 401(k) Retirement Plan Annual Bonus & Profit Sharing Paid Time Off (PTO) & Vacation Employee Assistance Program (EAP) Life & Disability Insurance Why Join WINTrio? WINTrio is a people-first, employee-driven organization. We offer opportunities to grow across emerging technologies, program management, and business development while working on high-impact federal initiatives. Equal Opportunity Employer WINTrio LLC is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration without regard to race, color, religion, sex, gender identity, national origin, age, veteran status, or disability.
recblid u1wfhm7atyyohlcqrzql1h0ysv4d74

Senior Security Engineer, Microsoft Sentinel / Hybrid Onsite Liaison Company Overview WINTrio LLC (WINTrio) is a leading provider of Cyber/DevSecOps, Cloud, Artificial Intelligence (AI)/Machine Learning (ML), and Agile Software Development solutions. We collaborate closely with federal and commercial clients to solve complex technical challenges by delivering innovative, agile, and cost-effective solutions. Our team is empowered to think creatively and deliver impactful results that drive measurable value. Role: Senior Security Engineer, Microsoft Sentinel / Hybrid Onsite Liaison Location: Washington, DC / Northern Virginia, hybrid onsite 2 to 3 days per week Client: Long-term Federal/Public Sector Work Authorization: US Citizen or Green Card preferred; must be able to pass federal background and suitability requirements. Job Summary: As a Senior Security Engineer, you will serve as the primary onsite security engineering liaison for a federal clients vSOC program. This role supports Microsoft Sentinel operations, Microsoft Defender tuning, log ingestion validation, telemetry gap identification, detection use case validation, vulnerability prioritization, patch governance coordination, and stakeholder engagement. Key Responsibilities: Serve as the primary technical liaison between the remote vSOC team and federal client stakeholders. Review Microsoft Sentinel log ingestion, monitoring coverage, dashboards, and detection content. Validate and tune detection use cases aligned to MITRE ATT&CK. Identify telemetry gaps across identity, endpoints, cloud, network, GitHub, SQL, VPN, Proofpoint, and backup tools. Support Microsoft Defender for Endpoint and Microsoft Defender for Identity tuning and operational validation. Coordinate remediation actions with client IRM staff and system owners. Support vulnerability prioritization, patch governance validation, and monthly remediation reporting. Validate log routing, normalization, and pipeline health, including Cribl or similar tools where applicable. Provide technical support during security events, incident escalation, purple team exercises, and continuity tests. Help mature the clients Sentinel and Defender deployment from current-state operations to an optimized security monitoring capability. Required Qualifications: Bachelors degree in Cybersecurity, Computer Science, Information Technology, or related field. 8+ years of cybersecurity engineering, SOC engineering, detection engineering, or SIEM operations experience. Strong hands-on experience with Microsoft Sentinel, KQL, workbooks, analytics rules, incidents, watchlists, and automation rules. Strong experience with Microsoft Defender for Endpoint and Microsoft Defender for Identity. Experience with AWS log ingestion, CloudTrail, VPC Flow Logs, IAM monitoring, and cloud telemetry. Experience supporting federal security requirements, sensitive data environments, and audit-ready documentation. Ability to work directly with client technical and executive stakeholders. Tools and Preferred Qualifications: Microsoft Sentinel, Defender XDR, MDE, MDI, Entra ID, Azure Government, AWS Commercial. KQL, Logic Apps, Azure Monitor, Log Analytics, GitHub, SQL Server auditing. Cisco, Checkpoint, iBoss, VPN, Proofpoint TAP/TRAP, Veeam, WinCollect, Cribl. Certifications preferred: CISSP, GCIH, GCIA, CEH, Microsoft Security Operations Analyst, SC-200, AZ-500, AWS Security Specialty. Benefits Medical, Dental, and Vision Insurance FSA & HSA options 401(k) Retirement Plan Annual Bonus & Profit Sharing Paid Time Off (PTO) & Vacation Employee Assistance Program (EAP) Life & Disability Insurance Why Join WINTrio? WINTrio is a people-first, employee-driven organization. We offer opportunities to grow across emerging technologies, program management, and business development while working on high-impact federal initiatives. Equal Opportunity Employer WINTrio LLC is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration without regard to race, color, religion, sex, gender identity, national origin, age, veteran status, or disability.
recblid u1wfhm7atyyohlcqrzql1h0ysv4d74

• 

• Government Careers