Microsoft Sentinel Engineer

Up to £70,000 DOE

Remote - MUST be UK Based

• Are you an experienced Microsoft Sentinel Engineer ready to take ownership of advanced security projects?
• Do you have strong 3rd-line level experience across Microsoft, Azure, networking, and cloud security?
• Would you like to join a fast-growing global consultancy where your expertise will help shape the future of their cybersecurity offering?

You will join the cybersecurity team within a specialist Microsoft consultancy that's growing rapidly across the UK and globally. The team currently numbers around 15 within a 60-person business and is expanding fast including the recent onboarding of a major financial services client.

As a Microsoft Sentinel Engineer, you will design, implement, and optimise Sentinel solutions across enterprise environments. You will connect multiple data sources, write complex KQL queries, build automation playbooks, and work closely with clients to strengthen their security operations and response capabilities.

This is a technically advanced role that combines engineering depth with real client interaction ideal for someone who enjoys both hands‑on work and architectural thinking.

• Design, configure, and deliver Sentinel SIEM solutions for enterprise clients.
• Develop and optimise automation rules, playbooks, and runbooks using Logic Apps and Power Automate.
• Write and fine‑tune Kusto Query Language (KQL) queries to analyse and visualise raw security data.
• Integrate third‑party tools (firewalls, IAM, telemetry) into Sentinel.
• Use MITRE ATT&CK to anticipate and counter adversarial activity.
• Apply cost‑optimisation principles (data tiering, filtering).
• Collaborate with security architects to improve internal policies and ISO 27001 alignment.
• Act as an escalation point within the SOC and mentor junior engineers.

• 3+ years' experience as a Microsoft Sentinel or SIEM Engineer.
• Strong technical background across Microsoft 365, Azure, networking, and cybersecurity.
• Hands‑on experience with KQL, PowerShell, and ideally Python.
• Proven experience automating processes using Logic Apps, Playbooks, or Terraform.
• Understanding of encryption, data protection, and incident response.
• Confident communicator, capable of working in client‑facing scenarios.
• Ideally certified in one or more of:
  • SC-200 (Security Operations Analyst)
  • AZ-500 (Azure Security Engineer)
  • SC-100 (Cybersecurity Architect – highly desirable)
  • CompTIA Security+, CISSP, or Ethical Hacker

• Join a fast‑growing, globally distributed Microsoft consultancy with a strong reputation for delivery and innovation.
• Be part of the fastest‑growing division in the business — with real opportunities to progress.
• Work directly with senior leadership (including the CEO) in a collaborative, flat structure.
• Gain exposure to enterprise‑scale environments, including clients in the financial services sector.
• Fully remote role with flexible working and global team collaboration.

Apply today or get in touch for a confidential chat — we would love to tell you more about the team, their growth plans, and how you could make an impact in this key role.