Job Description

Company Name: VARITE India Private Limited
About The Client:
A global information technology, consulting, and business process services company, headquartered in India, provides a broad spectrum of services, including IT consulting, application development, business process outsourcing, and digital solutions. Serving clients across diverse industries and in over 167 countries, the company offers technology-driven solutions to enhance efficiency and innovation. With a global presence, it has emerged as a key player in the IT services and consulting space, contributing to the digital transformation of businesses worldwide.
About The Job:

• We are looking for a skilled and proactive Microsoft Sentinel Content Developer to support our SIEM transformation initiatives.
• The ideal candidate will have hands-on experience in log parsing, normalization, and detection rule development, with a strong understanding of both Splunk and Microsoft Sentinel environments.
• This role requires working closely with Datadog observability pipelines and Microsoft Sentinel to ensure seamless log ingestion and detection coverage.

Essential Job Functions:
Log Parsing & Normalization:

• Perform parsing and normalization of logs at the Datadog observability pipeline level.
• Create and manage Data Collection Rules (DCRs) in Microsoft Sentinel with custom parsing and transformation logic.
• Map logs to Microsoft Sentinel Normalized Schema (ASIM) where applicable.
• Ensure high-quality, structured data ingestion for effective detection and investigation.

Detection Rule Migration:

• Analyze and understand existing Splunk detection rules written in SPL.
• Translate and migrate detection logic into Microsoft Sentinel analytic rules using KQL.
• Optimize rules for performance, accuracy, and minimal false positives.

Content Development:

• Develop and maintain custom analytic rules, hunting queries, and workbooks in Sentinel.
• Collaborate with threat detection teams to build use cases aligned with MITRE Telecommunication&CK and other frameworks.

Collaboration & Documentation:

• Work closely with SOC, engineering, and cloud teams to understand log sources and detection requirements.
• Document parsing logic, rule mappings, and enrichment strategies for operational transparency

Qualifications:

• 4 to 12 years exp required
• Strong experience with Microsoft Sentinel, KQL, and Data Collection Rules (DCR).
• Hands-on experience with Splunk SPL and detection rule development.
• Familiarity with Datadog log formats and observability pipelines.
• Understanding of ASIM schema, Microsoft Defender XDR, and Sentinel connectors.
• Experience with log enrichment, GeoIP, and custom field mapping.
• Ability to work independently and take ownership of content development tasks.

Preferred Qualifications:

• Microsoft certifications (e.g., SC-200, AZ-500).
• Knowledge of threat detection frameworks (MITRE Telecommunication&CK, CIS, etc.).
• Familiarity with CI/CD pipelines for Sentinel content deployment.

How to Apply: Interested candidates are encouraged to respond/submit their updated resumes, and for additional job opportunities, please visit
Unlock Rewards: Refer Candidates and Earn.
If you're not available or interested in this opportunity, please pass this along to anyone in your network who might be a good fit and interested in our open positions. VARITE offers a Candidate Referral program, where you'll receive a one-time referral bonus based on the following scale if the referred candidate completes a three-month assignment with VARITE.
Experience Level Bonus Referral: 0-2 years INR 5,000
2-6 years INR 7,500
6+ years INR 10,000
About VARITE: VARITE is a global staffing and IT consulting company providing technical consulting and team augmentation services to Fortune 500 Companies in USA, UK, CANADA and INDIA. VARITE is currently a primary and direct vendor to the leading corporations in the verticals of Networking, Cloud Infrastructure, Hardware and Software, Digital Marketing and Media Solutions, Clinical Diagnostics, Utilities, Gaming and Entertainment, and Financial Services.
Equal Opportunity Employer:
VARITE is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. We do not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity or expression, national origin, age, marital status, veteran status, or disability status.

Skills Required