Microsoft Security is looking to enhance its security cloud offerings by enabling Independent Software Vendors (ISVs) to build third-party agents and analytics pipelines on Microsoft Sentinel's data lake infrastructure. This initiative aims to improve threat detection, investigation workflows, and overall security for customers by leveraging scalable, production-grade integrations and agents.
Requirements
- deep technical experience in cloud-scale data platforms, connector design, and agent development.
- leveraging Spark, KQL, and ML-based models for advanced threat detection and investigation workflows.
- building third-party agents and analytics pipelines on Microsoft Sentinel’s modern data lake infrastructure
- Proven experience developing and deploying production-grade connectors and integrations with Microsoft Security products (e.g., Microsoft Sentinel and Defender XDR), including proficiency in data ingestion, incident synchronization, and event management.
- Proficiency in API design, extensibility frameworks, and cloud-based architectures, with a track record of building scalable integration solutions.
- Hands-on experience implementing AI-driven automation and orchestration for security workflows using Azure Logic Apps, Power Automate, or similar tools.
- Advanced knowledge of operating system internals and security mechanisms, including OS mitigations across Windows, Linux, Mac, Android, and iOS platforms.
Responsibilities
- Architect and guide ISVs in building third-party agents and analytics pipelines on Sentinel’s modern data lake infrastructure, leveraging Spark, KQL, and ML-based models for advanced threat detection and investigation workflows
- Design, develop, and maintain scalable, production-grade connectors and integrations between Microsoft Security products (such as Microsoft Sentinel and Microsoft Defender XDR) and third-party ISV solutions, ensuring seamless data ingestion, incident synchronization, and automated event management.
- help our engineering teams design scalable extensibility frameworks by prioritizing modular APIs, standardized interfaces and reusable components over fragmented custom solutions, ensuring long-term adaptability and reduced maintenance overhead.
- Serve as an architecture point of contact into the Microsoft Security engineering teams for select ISVs and be responsible for delivering architecture workshops and design sessions.
- Proactively anticipate customer needs and market opportunities through quantitative and qualitative analyses.
- Collaborate closely with the Feature Product Managers, Business Development, and other customer focused architects to drive the end-to-end product vision.
- Strategize and lead the transition of ISV feature integrations from private preview to public preview and then to general availability.
Other
- 3+ years of experience managing ISV (Independent Software Vendor) partnerships.
- Ability to meet Microsoft, customer and/or government security screening requirements are required for this role.
- Demostrated problem-solving, strategic thinking, and ability to evaluate and communicate customer needs and solutions to technical and non-technical stakeholders.
- Proven track record of cross-team collaboration, stakeholder engagement, and delivery of high-impact initiatives.
- Highly adaptable to change, with effective communication and interpersonal skills tailored to diverse audiences including strategic executives.
