SRA’s mission is to level up every day to protect our clients and their customers. This begins with our team members and their experience. SRA prides itself on maintaining a culture where team members have a shared sense of support and belonging, consistent with our It’s Personal company value. At SRA, we prioritize transparent career pathing, varied DEI programming and community groups, competitive benefits including mental health support, and an emphasis on a sustainable, healthy, and engaging work culture. SRA has twice been named a Best Place to Work by the Philadelphia Business Journal. These Essential Functions, Requirements, and Skills are guidelines. If you are a candidate who does not meet this exact job description but can demonstrate excellent organization, attention to detail, professionalism, flexibility, and self-direction in your professional background, we hope you apply. SRA values a diverse workplace and strongly encourages people of all backgrounds to apply.

Summary/Objective

We are looking for a skilled Analytics Engineer to join our CyberSOC engineering team. The ideal candidate will have hands-on experience crafting detection logic using Kusto Query Language (KQL) and a deep understanding of log source telemetry and schema structures.

Key qualifications include:

Proven ability to develop high-fidelity detection content. Practical experience with at least one Endpoint Detection and Response (EDR) platform. Proficiency with at least one Security Information and Event Management (SIEM) solution.

This role is ideal for someone passionate about cybersecurity analytics and eager to contribute to a high-impact security operations environment. Requirements Essential Functions

Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Provide operational coverage during standard business hours supporting internal defenders and analysts with: Responding to inquiries related to Microsoft Sentinel analytics Assisting clients with Sentinel analytics questions and troubleshooting Diagnosing and resolving issues with Sentinel analytics Deploying Sentinel analytics to client environments Design, develop, and modify Microsoft Sentinel analytics in alignment with requests assigned by the Analytics Engineering Lead, adhering to established processes and quality standards. Collaborate with the Endpoint Detection and Response (EDR) analytics team to create and maintain detection rules across one or more EDR platforms, including: SentinelOne Microsoft Defender for Endpoint CrowdStrike Falcon Develop and maintain custom Sentinel functions to enhance rule coverage and search capabilities. Troubleshoot and resolve issues related to Sentinel analytics and custom Sentinel functions. Coordinate with the Content Engineering Lead to ensure logging infrastructure is optimized to support both existing and new Sentinel analytics. Manage the deployment lifecycle of Sentinel analytics, including initial rollout, updates, and troubleshooting deployment-related issues.

Supervisory Responsibility

Not applicable.

Work Environment

This job operates in a professional office environment or remotely as needed/required. This role routinely uses standard office equipment.

Physical Demands

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. While performing the duties of this job, the employee is regularly required to talk and hear; use hands to finger, handle, or feel; and reach with hands and arms. The employee frequently is required to stand and walk. This is a largely sedentary role.

Candidates with disabilities are encouraged to apply and email careers@sra.io with any questions. Reasonable accommodations may be made to enable disabled individuals to perform the essential functions of this role.

Position Type/Expected Hours of Work

This is a full-time position with 40 working hours expected weekly. Evening and weekend work may be required as job duties demand.

Travel

Willingness to travel.

Required Education and Experience

Punctuality and timely attendance to external client and internal stakeholder needs. Bachelor’s degree in Information Technology, IT Security, Computer Science, Computer Engineering, or equivalent experience. Proficient in Kusto Query Language (KQL) for developing and troubleshooting Microsoft Sentinel analytics and functions. 1-3 years of professional experience, campus applicants are welcome.

Preferred Qualifications and Experience

Strong understanding of log source telemetry and schema structures, enabling accurate translation of use cases into high-fidelity Sentinel detection rules. Hands-on experience developing detection content (e.g., alerts, use cases, queries, dashboards) within a SIEM platform such as Microsoft Sentinel, Splunk, or QRadar. Hands-on experience with EDR platforms, including at least one of the following: CrowdStrike Falcon, SentinelOne, or Microsoft Defender for Endpoint. In-depth knowledge of Sentinel analytics configurations, deployment options, and best practices. Familiarity with Microsoft’s DevOps pipeline (training available if needed). Strong written and verbal communication skills, with the ability to convey technical concepts clearly and professionally to both internal teams and clients. Comfortable leading meetings, demonstrating professionalism, subject matter expertise, and the ability to engage stakeholders effectively. Highly organized with strong attention to detail, ensuring accuracy and consistency in deliverables. Demonstrated passion for technology and a proactive approach to staying current with industry trends. Collaborative team player who also excels at working independently and managing individual responsibilities. Flexible and adaptable, with the ability to adjust to shifting client and project needs, including occasional extended hours when necessary.

Other Duties

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.

Equal Employment Opportunity Statement

Security Risk Advisors is an Equal Opportunity Employer and prohibits discrimination or harassment of any kind. All employment decisions at SRA are based on business needs, job requirements, and individual qualifications, without regard to race, color, sex, sexual orientation, gender identity or expression, age, religion, national origin, disability, marital or family status, veteran status, medical condition, or any similar category protected by law.

Benefits Work with Experts: Robust training program, plus company-paid external training. SRA recognizes the value of professional development for employees. Therefore, we encourage our employees to pursue continuing education and role-specific training. Every SRA employee is eligible to attend one training per year paid for by SRA

Corps Training Program: Our SRA Corps training program is a six-week experience for new hires that begins with one week of orientation at our Philadelphia headquarters. Whether new hires are interns, co-ops, or full-time consultants, SRA Corps members meet our founders, learn our values, and experience a day in the life of a cybersecurity consultant. Following orientation, Corps members return to their home office and participate in trainings such as Consulting 101, Enterprise Networks, Cloud Security, and more. Our leaders provide hands-on offensive, defensive, and frameworks boot camps.

Mental Health Services: SRA has partnered with BetterHelp to provide SRA employees with free mental health support. BetterHelp connects individuals with licensed therapists for chat, video and phone sessions.

Medical / Dental / Other (regular full-time employees only) Generous medical, dental, and vision benefits at different price points Company-paid disability and life insurance Company 401(k) plan, including annual 3% safe harbor contribution Free patient advocacy service that helps find care providers and resolve insurance queries Free on-site wellness programming covering both emotional and physical wellness Generous parental leave, sick leave, and vacation policies Option to work remotely or with a flexible schedule when needed Company-paid cellphone with discounted accessories 1-2-3 Give Program: 1. SRA will give $1,000 to a charity of your choice. 2. If you give an additional amount (up to $1,000), then, 3. SRA will match that amount up to $1,000