UEBA / SOAR Developer jobs in United States
cer-icon
Apply on Employer Site
company-logo

LanceSoft, Inc. · 21 hours ago

UEBA / SOAR Developer

positionAustin, TX
timeContract
remoteOnsite
seniorityEntry, Mid Level
money$85/hr - $90/hr
date2+ years exp

LanceSoft, Inc. is seeking a Software Developer II to perform advanced software development work focused on Microsoft Sentinel capabilities for large-scale security programs. The role involves designing, building, testing, and optimizing automation playbooks and analytics rules while collaborating with various teams in cybersecurity and DevOps.

Information Technology
check
Growth Opportunities
check
H1B Sponsor Likelynote

Responsibilities

Design, develop, test, and deploy Sentinel SOAR automation playbooks using Azure Logic Apps, Azure Functions, ARM templates, and REST APIs
Create automated workflows for alert enrichment, triage, response actions, notifications, and case management
Integrate Sentinel with third-party platforms (EDR, IAM, ticketing systems, email gateways, firewalls) to automate security operations
Develop custom UEBA detection rules, anomaly models, ML-based behavior patterns, and advanced KQL hunting queries
Build and maintain analytics content, parsers, normalization rules, and entity behavior profiles
Evaluate behavioral anomalies and collaborate with security teams to refine detection logic
Design and implement custom data connectors, ingestion pipelines, and transformation logic
Create dashboards, workbooks, hunting queries, and detection-as-code assets
Tune Sentinel performance to reduce noise and align detections with MITRE ATT&CK and Zero Trust principles
Develop supporting code modules, scripts, microservices, and APIs using Python, PowerShell, .NET, or similar languages
Work with CI/CD pipelines, DevOps processes, version control, and infrastructure-as-code
Produce technical documentation, SOPs, architecture diagrams, and automation runbooks
Collaborate with security leadership and cross-functional teams on requirements, testing, and deployments
Provide Tier III engineering support and participate in post-incident reviews as needed

Qualification

Microsoft SentinelSOAR developmentUEBA detection rulesKQLAzure servicesPythonPowerShellDevOpsAPI integrationsTechnical documentationCollaborationCommunication

Required

Bachelor's degree in Computer Science, Information Systems, Software Engineering, Cybersecurity, or related field
2+ years of experience in software development, cloud engineering, SIEM engineering, or cybersecurity engineering
Knowledge of Microsoft Sentinel architecture, SOAR and UEBA
Knowledge of Azure services (Logic Apps, Azure Functions, Event Hubs, Key Vault, Azure AD)
Knowledge of security operations and incident response processes
Knowledge of MITRE ATT&CK, NIST CSF, Zero Trust Architecture
Knowledge of programming/scripting languages (Python, PowerShell, KQL, C#, JavaScript)
Knowledge of DevOps and CI/CD pipelines
Knowledge of API integrations and JSON/YAML
Skills in building Sentinel automation playbooks and Logic App workflows
Skills in writing complex KQL for analytics and threat hunting
Skills in developing custom connectors and parsers
Skills in designing and tuning UEBA models
Skills in debugging SOAR workflows and integrations
Skills in communicating complex technical concepts clearly
Ability to work independently on complex development efforts
Ability to translate security requirements into scalable technical solutions
Ability to analyze threat behavior and build effective detections
Ability to collaborate across cybersecurity, infrastructure, and application teams
Ability to manage multiple priorities and meet deadlines

Preferred

3+ years hands-on experience with Microsoft Sentinel
Experience building UEBA models and anomaly detections
Experience developing SOAR automation playbooks
Microsoft certifications (SC-200, AZ-900, AZ-104, SC-100, SC-300)
Experience integrating Sentinel with EDR, IAM, firewalls, ticketing systems
DevOps experience (GitHub, Azure DevOps)
Experience in government, healthcare, or regulated environments

Company

LanceSoft, Inc.

twittertwitter
Glassdoor4.1
company-logo
Established in 2000, LanceSoft is a pioneer in delivering top-notch Global Workforce Solutions and IT Services to a diverse clientele.
dateFounded in 2000
location
Herndon, Virginia, USA
people-size5001-10000 employees
web-link
http://www.lancesoft.com/

H1B Sponsorship

LanceSoft, Inc. has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (46)
2024 (32)
2023 (23)
2022 (25)
2021 (60)
2020 (80)

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Ram Karuppusamy
Chairman & CEO
linkedin
leader-logo
Simon Dealy
Chief Financial Officer
linkedin
Company data provided by crunchbase