Microsoft Security (Sentinel) Automation & Detection Engineer

Social network you want to login/join with:

Client: Hays

Location: Cambridge, United Kingdom

Job Category: Other

EU work permit required: Yes

A multinational semiconductor and software design company seeks a Microsoft Security (Sentinel) Automation & Detection Engineer for a 6-month contract to start ASAP, based in Cambridge (Hybrid), Inside IR35.

Utilising knowledge of security operations, incident response, and detection engineering, you will be responsible for delivering Microsoft SIEM detections and security automations.

The successful candidate will be proficient in automation and orchestration tools (e.g., SOAR platforms, scripting languages like Python, PowerShell, KQL) and experienced with integrating security tools (e.g., SIEM, EDR, firewalls) APIs, and Case Management tools for data enrichment.

• Experience contributing to large-scale, sprint-based security automation and detection engineering projects in a SOC/Cyber Defense environment.
• Recent hands-on experience managing and implementing Microsoft Sentinel log sources and detection, with knowledge of Sentinel and Azure best practices.
• Experience with Sentinel/Analytics Rules/Logic Apps automations.
• Proficiency in KQL.
• At least 5 years in a technical security operations or security software development role.
• Strong understanding of security operations, automation processes, detection engineering, and SIEM management.
• Experience with cloud security tools and their integration into SOC operations.

• Lead the migration of log sources into Microsoft Sentinel SIEM.
• Develop security automations, logging, and SIEM detections to enhance cyber defense capabilities.
• Design and maintain automated workflows and playbooks for incident response, threat hunting, threat intelligence, and vulnerability management.
• Work with analysts to automate repetitive tasks and improve operational efficiency.
• Collaborate with Threat Intelligence, Incident Response, and Attack Surface teams to build effective SIEM detections.
• Evaluate and improve automation solutions for performance and scalability.
• Coordinate with third-party vendors for automation integrations.

• Vendor-specific certifications in security orchestration, automation, and response platforms.
• Ability to develop long-term automation strategies aligned with security objectives.
• Skilled in translating technical concepts into clear insights for diverse audiences.
• Meticulous in ensuring accuracy, reliability, and security in automation workflows.