Security Detection Engineer (Microsoft Sentinel)

• Salary: Gross monthly salary between EUR 4,931 and EUR 8,451 (scale 09) for a 36-hour work week.
• Extras: a thirteenth month, 8% holiday allowance, and a 10% Employee Benefit Budget.
• Development budget: EUR 1,400 development budget per year for your growth and development.
• Hybrid working: a balance between home and office work (possible for most roles).
• Pension: decide for yourself the amount of your personal contribution.

Or view all our benefits.

Design and improve security detections that help protect over 48,000 colleagues worldwide and millions of customers by reducing noise and strengthening cyber resilience.

Design, build and continuously improve security detections that protect Rabobank. As a Security Detection Engineer (Microsoft Sentinel), you translate threats, risks and stakeholder needs into high-quality detections and keep them effective over time through structured review and collaboration. You work closely with security analysts and application teams, challenge unclear requests and focus on quality, maintainability and ownership in a complex, regulated environment.

• Improving detection quality by tuning existing rules to significantly reduce false positives while keeping real threats visible.
• Translating compliance or regulatory requirements into concrete detections that are understandable for both technical and non-technical stakeholders.
• Guiding application teams in defining what they really want to detect, and why, before building effective detections.

• 36 hours per week.
• You periodically review and recertify detections to ensure ongoing relevance, effectiveness and coverage across the bank.
• Over 48,000 Rabobank colleagues worldwide.

• Develop and maintain high-quality detections in Microsoft Sentinel, including threat-based, compliance-driven and application-specific use cases.
• Continuously tune and recertify detections to improve signal-to-noise ratio, performance and maintainability in a regulated environment.
• Advise and challenge stakeholders by translating detection requests into clear, effective and realistic detection strategies.

You design and improve the detection landscape through automation, documentation and enrichment, ensuring detections stay aligned with evolving threats, risks and regulations while supporting analysts in their daily work.

We believe in the power of differences. By combining people's differences, we become an even better bank. We are curious about what you will bring to our team.

The focus is on improving security detection and monitoring to help Rabobank stay secure. Collaboration is our way of working; as one expert, analytical team within Rabobank. You work closely together, share knowledge openly and continuously improve how you work.

For us, your development and that of society go hand in hand. That is why we want to invest in you and work together to create a better world. We summarize this in one sentence: “At Rabobank, you work on yourself and the world around you simultaneously.”

This is reflected in your personal development budget, our hybrid work environment and a healthy work-life balance. You can work on banking matters for our personal and business clients, as well as on social issues such as the food and energy transitions.

At Rabobank, we are working toward a culture where everyone feels welcome. We value our differences and use them to collaborate more effectively and make better decisions. By being open to different perspectives, we create an environment where colleagues feel heard and enjoy working.

• Higher professional or academic working and thinking level with at least 3 years of experience in security detection or security monitoring roles.
• At least 3 years of hands-on experience with Microsoft Sentinel or Microsoft Unified Portal, including writing and tuning KQL detections.
• Proven experience in understanding, debugging and improving complex KQL-based detections in regulated environments.
• Clear communication skills to work effectively with technical and non-technical stakeholders.
• Critical and quality-driven mindset, able to challenge requests constructively and explain trade-offs.
• Team player attitude combined with the ability to work independently and take ownership.

• If you are invited for an interview, Bo, our virtual assistant, will contact you via SMS and email to schedule the interviews.
• You can find answers to frequently asked questions here.
• Assessments can be part of the application process.
• A reliability assessment is part of the procedure.
• We respect your privacy.

#LI-OVD