Job Search

OUR GOAL: 
Treat our consultants and clients the way we would like others to treat us!
 
Interested in joining our team? Check out the opportunity below and apply today!
  
Our client is seeking a FedRAMP Security Architect for a contract opportunity. The customer is going through a FedRAMP implementation. They are looking for a resource to bring on board to ensure their team will be ready to tackle a FedRAMP certification effort later this year. 
 

• Contract for 6 months and ideally brought on full time if the right fit
• The resource can be based anywhere in the US. There aren’t any time zone restrictions.

 
Role Highlight:
The primary responsibility will be managing and administering security tools – particularly MS Sentinel SIEM, which will make up a significant portion of the role – along with other duties outlined in the JD.

Responsibilities:

• As a Senior Cybersecurity Operations Engineer, this resource will play a key role in leading security operations by leveraging Microsoft Sentinel as the central platform for detection, investigation, and response.
• This resource will act as a lead for high-severity incidents, driving end-to-end triage, root cause analysis, and continuous improvement of detection capabilities.
• You will design and optimize detection use cases, lead proactive threat hunting initiatives, and enhance automation to improve response efficiency.
• Lead triage and response for incidents and leading incident response efforts and coordination across technical teams during major security events
• Drive root cause analysis (RCA) for critical incidents and translate findings into improvements across detection engineering, logging strategy, and response workflows
• Own the log onboarding strategy and architecture for Microsoft Sentinel, ensuring comprehensive visibility across cloud, on-premises, and integrations
• Lead integration of new data sources into Sentinel, including defining onboarding standards, data mapping, normalization, and validation of log quality
• Identify and remediate logging gaps across the enterprise, partnering with engineering, cloud, and application teams to improve telemetry coverage
• Establish and enforce best practices for log ingestion, retention, and cost optimization within Azure Sentinel
• Design, develop, and continuously improve detection use cases and analytics rules, aligned to MITRE ATT&CK and evolving threat landscape
• Own SIEM tuning strategy, reducing noise while ensuring high-confidence, high-fidelity detections
• Lead proactive threat hunting initiatives using KQL and integrated threat intelligence, uncovering advanced or previously undetected threats
• Architect and oversee Sentinel automation (playbooks, Logic Apps) to improve response efficiency and consistency
• Develop and maintain advanced dashboards, workbooks, and reporting to provide actionable security insights to stakeholders
• Mentor and coach junior and mid-level SOC analysts, setting standards for investigations, KQL usage, and operational excellence
• Collaborate cross-functionally with cloud, DevOps, identity, and infrastructure teams to embed security visibility and detection into system design
• Own and continuously improve SOC documentation, including SOPs, playbooks, and onboarding standards for new data sources and detections

 
EDUCATIONAL/SKILL/EXPERIENCE REQUIREMENTS 

• Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field 
• Equivalent combination of education and related experience 
• 5 years of experience in a Security Operations Center (SOC), Incident Response, Azure Cloud Security
• Extensive SOC experience (L3/Senior/Principal level), serving as an escalation point for complex and high-severity incidents
• Expert-level proficiency in Microsoft Sentinel (Azure SIEM), with deep expertise in log ingestion, integration, data lifecycle management, and incident investigation.
• Strong expertise in log normalization, parsing, and data quality management, ensuring high-fidelity detections
• Demonstrated ability to optimize SIEM performance, reducing noise while improving detection accuracy and coverage
• Experience with automation and orchestration, including Sentinel playbooks and Logic Apps to enhance response efficiency
• Deep experience in detection engineering, including designing, implementing, and tuning analytics aligned to MITRE ATT&CK
• Advanced KQL expertise for large-scale data analysis, threat hunting, and detection development
• Expertise in managing and utilizing a wide range of security tools, including Next Generation Firewall, IDS/IPS, EDR, AV, MS Defender Suite, Internet Proxy, other Cloud Security Tools, etc.
• Strong knowledge of cloud and enterprise security technologies, including Microsoft Defender suite, identity security (Entra ID), EDR/XDR, firewalls, and cloud-native controls
• Proven leadership in threat hunting and incident response, including RCA and continuous improvement of detection and response capabilities
• Strong communication and stakeholder engagement skills, with the ability to influence technical and non-technical teams
• Demonstrated mentorship of SOC analysts, driving operational maturity
• Relevant certifications (SC-200, AZ-500, CySA+) preferred
• Strong analytical and problem-solving skills, with the ability to operate effectively in a fast-paced environment
• Commitment to continuous learning and staying current with evolving threats and technologies

Reference: 1059054  
  
Don’t meet every single requirement? Studies have shown that women and people of color are less likely to apply to jobs unless they meet every qualification. At Revel IT, we are dedicated to building a diverse, inclusive, and authentic workplace, so if you’re excited about this role, but your experience doesn’t align perfectly with every qualification in the description, we encourage you to apply anyway. You might be the right candidate for this or our other open roles!  

  
Revel IT is an Equal Opportunity Employer. Revel IT does not discriminate on the basis of race, religion, color, sex, gender identity, sexual orientation, age, non-disqualifying physical or mental disability, national origin, veteran status or any other basis covered by appropriate law. All employment is decided on the basis of qualifications, merit, and business need.  

#gdr4900