Level 3 Security Platform Engineer

Altimi is a technology acceleration partner with impressive experience spanning over 20 years, specializing in the successful delivery of software development projects for international customers. We are based in Poland. Our main area of operation is the DACH region and Scandinavia, where we are known for providing top-notch software development services.

Our primary focus are managed services for companies seeking to accelerate growth, solve complex tech problems, build MVP/POC and/or modify legacy infrastructures.

The main area of competence includes Product & Application Engineering, DevOps, Cloud Security & Managed Services and AI & Data Enablement.

Role Overview

Provide Level 3 engineering support and ownership of the Microsoft security platform,  including Defender, Sentinel integration, and Security Copilot. The L3 engineer resolves  complex technical issues, performs deep root cause analysis, and implements approved  platform and policy changes.
This role represents the highest escalation point for Defender‑related engineering issues.

• Act as L3 escalation point for complex Defender and Sentinel issues
• Perform deep technical investigations across Defender XDR
• Troubleshoot Sentinel connectors, analytics, and ingestion pipelines
• Resolve platform‑level issues affecting Defender, Sentinel, or Copilot
• Implement approved security policy and configuration changes
• Lead complex root cause analysis and remediation planning
• Support Defender onboarding and stabilisation activities
• Validate Security Copilot workspace and signal ingestion
• Advise on tuning approaches and platform optimisation
• Produce technical documentation and handover materials
• Collaborate with SOC leadership and engineering stakeholders

Typical Escalations Handled

• Defender sensor or telemetry failures 
• Sentinel ingestion or analytics failures
• High‑impact policy issues or misconfigurations
• Defender + Sentinel incident correlation issues
• Security Copilot malfunction or data gaps

• Experience with Microsoft Defender XDR
• Strong Microsoft Sentinel engineering experience
• Experience with Defender for Endpoint, MDO, Cloud Apps
• Understanding of Identity Protection and hybrid environments
• Experience supporting Security Copilot platforms
• Strong PowerShell / KQL familiarity
• Experience in enterprise security platform operations
• Very good and fluent English
• Good communication skills
• Proactiveness
• Background in SOC operations or security engineering
• Experience with AI-driven security automation or Security Copilot prompt usage
• Experience in large enterprise environments

• Join for a role, stay for the development: More than 40% of our team is working with us longer than 5 years. Explore diverse domains, projects and modern technologies through internal mobility.
• Learn from the best: Almost 60% of all our colleague has over 10 years of professional experience.
• Flexibility: Work fully remotely, full-time from our office in Wroclaw or in a hybrid model.
• Practical benefits: private medical care, life insurance, sport card, English and German classes in small, online groups.