Global Analytics Engineer

JOB DESCRIPTION

SRA's mission is to level up every day to protect our clients and their customers. This begins with our team members and their experience. SRA prides itself on maintaining a culture where team members have a shared sense of support and belonging, consistent with our It's Personal company value. At SRA, we prioritize transparent career pathing, varied DEI programming and community groups, competitive benefits including mental health support, and an emphasis on a sustainable, healthy, and engaging work culture. SRA has twice been named a Best Place to Work by the Philadelphia Business Journal.

These Essential Functions, Requirements, and Skills are guidelines. If you are a candidate who does not meet this exact job description but can demonstrate excellent organization, attention to detail, professionalism, flexibility, and self-direction in your professional background, we hope you apply. SRA values a diverse workplace and strongly encourages women, people of color, LGBTQ+ individuals, people with disabilities, members of ethnic minorities, and veterans to apply.

Summary/Objective

We are looking for a skilled Analytics Engineer to join our CyberSOC engineering team. The ideal candidate will have hands-on experience crafting detection logic using Kusto Query Language (KQL) and a deep understanding of log source telemetry and schema structures.

Key qualifications include:

- Proven ability to develop high-fidelity detection content.

- Practical experience with at least one Endpoint Detection and Response (EDR) platform.

- Proficiency with at least one Security Information and Event Management (SIEM) solution.

This role is ideal for someone passionate about cybersecurity analytics and eager to contribute to a high-impact security operations environment.

Essential Functions

Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

- Provide operational coverage during standard business hours supporting internal defenders and analysts with:

- Responding to inquiries related to Microsoft Sentinel analytics

- Assisting clients with Sentinel analytics questions and troubleshooting

- Diagnosing and resolving issues with Sentinel analytics

- Deploying Sentinel analytics to client environments

- Design, develop, and modify Microsoft Sentinel analytics in alignment with requests assigned by the Analytics Engineering Lead, adhering to established processes and quality standards.

- Collaborate with the Endpoint Detection and Response (EDR) analytics team to create and maintain detection rules across one or more EDR platforms, including:

- SentinelOne

- Microsoft Defender for Endpoint
- CrowdStrike Falcon

- Develop and maintain custom Sentinel functions to enhance rule coverage and search capabilities.

- Troubleshoot and resolve issues related to Sentinel analytics and custom Sentinel functions.

- Coordinate with the Content Engineering Lead to ensure logging infrastructure is optimized to support both existing and new Sentinel analytics.

- Manage the deployment lifecycle of Sentinel analytics, including initial rollout, updates, and troubleshooting deployment-related issues.

Supervisory Responsibility

Not applicable.

Work Environment

This job operates in a professional office environment or remotely as needed/required. This role routinely uses standard office equipment.

Physical Demands

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. While performing the duties of this job, the employee is regularly required to talk and hear; use hands to finger, handle, or feel; and reach with hands and arms. The employee frequently is required to stand and walk. This is a largely sedentary role.

Candidates with disabilities are encouraged to apply and email careers@sra.io with any questions. Reasonable accommodations may be made to enable disabled individuals to perform the essential functions of this role.

Position Type/Expected Hours of Work

This is a full-time position with 40 working hours expected weekly. Evening and weekend work may be required as job duties demand.

Travel

Willingness to travel.

Required Education and Experience

- Bachelor's degreeinInformation Technology, IT Security, Computer Science, Computer Engineering, or equivalent experience.

- Proficient in Kusto Query Language (KQL) for developing and troubleshooting Microsoft Sentinel analytics and functions.

- 1-3 years of professional experience, campus applicants are welcome.

- Punctuality and timely attendance to external client and internal stakeholder needs.

Preferred Qualifications and Experience

- Strong understanding of log source telemetry and schema structures, enabling accurate translation of use cases into high-fidelity Sentinel detection rules.

- Hands-on experience developing detection content (e.g., alerts, use cases, queries, dashboards) within a SIEM platform such as Microsoft Sentinel, Splunk, or QRadar

- Hands-on experience with EDR platforms, including at least one of the following: CrowdStrike Falcon, SentinelOne, or Microsoft Defender for Endpoint.

- In-depth knowledge of Sentinel analytics configurations, deployment options, and best practices.

- Familiarity with Microsoft's DevOps pipeline (training available if needed).

- Strong written and verbal communication skills, with the ability to convey technical concepts clearly and professionally to both internal teams and clients.

- Comfortable leading meetings, demonstrating professionalism, subject matter expertise, and the ability to engage stakeholders effectively.

- Highly organized with strong attention to detail, ensuring accuracy and consistency in deliverables.

- Demonstrated passion for technology and a proactive approach to staying current with industry trends.

- Collaborative team player who also excels at working independently and managing individual responsibilities.

- Flexible and adaptable, with the ability to adjust to shifting client and project needs, including occasional extended hours when necessary.

Other Duties

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.

Equal Employment Opportunity Statement

Security Risk Advisors is an Equal Opportunity Employer and prohibits discrimination or harassment of any kind. All employment decisions at SRA are based on business needs, job requirements, and individual qualifications, without regard to race, color, sex, sexual orientation, gender identity or expression, age, religion, national origin, disability, marital or family status, veteran status, medical condition, or any similar category protected by law.

- Study / Exam support if desired
- Health / Dental Insurance
- Employer matched pension contribution
- Life Insurance / Income Protection
- Annual performance related bonus
- Hybrid after initial full onboarding and training period
- Annual charitable donations to a charity of choice
- Access to free mental health services

#J-18808-Ljbffr

---