Microsoft Sentinel Technical Lead/Architect - Security Operations Center

Role : Microsoft Sentinel Technical Lead & SOC Architect

Position Type : Full-time

Experience : 7 to 12+ years in Cybersecurity, SOC operations, and solution architecture.

Minimum Qualification : Bachelors degree in computer science or a related field.

About the Role :

This role combines SOC leadership with hands-on solution architecture and implementation.

Youll lead the security operations team while also owning the end-to-end design and deployment of Microsoft Sentinel-based solutions across enterprise environments.

The ideal candidate bridges strategic vision with technical execution, enabling scalable, compliant, and automated security operations.

Key Responsibilities :

SOC Leadership & Operations :

- Lead and mature SOC capabilities using Microsoft Sentinel and Defender XDR.

- Define and optimize alerting, triage, escalation, and response workflows.

- Mentor SOC analysts across tiers and drive continuous improvement.

- Align SOC operations with MITRE ATT&CK, NIST, and ISO frameworks.

Architecture & Implementation :

- Architect Sentinel deployments : workspace design, RBAC, data ingestion.

- Integrate diverse log sources (Azure, M365, on-prem, third-party tools).

- Design and implement analytics rules, hunting queries, and dashboards.

- Build automation workflows using Logic Apps and Sentinel playbooks.

- Ensure seamless integration with Defender for Endpoint, Identity, Cloud, and Office.

Governance & Reporting :

- Define KPIs, executive dashboards, and compliance-aligned reporting.

- Support audits, risk assessments, and regulatory readiness.

- Document architecture, runbooks, and operational procedures.

Stakeholder Collaboration :

- Work with cloud architects, compliance teams, and business units.

- Translate business and threat models into technical implementations.

- Support pre-sales and client onboarding for managed SOC services.