Senior Microsoft Sentinel / SIEM Engineer

Social network you want to login/join with:

Client: Cloud Decisions

Location: Bradford, United Kingdom

Job Category: Other

EU work permit required: Yes

Job Views: 3

Posted: 31.05.2025

Expiry Date: 15.07.2025

Job Title:

To £85,000 + Benefits + Microsoft

Fully Remote, UK

(*Global Microsoft Managed MISA Partner

+ complex Sentinel Engineering/Integration)

This is a standout opportunity for a Microsoft Sentinel expert to step into a high-impact, technically advanced role with a global security Microsoft powerhouse.

You'll be joining a Microsoft managed global partner, a prominent MISA member, a team with Security MVPs, and a Microsoft Verified Safe XDR Solution Partner, a trusted Security Depth Partner.

This role provides unparalleled access to Microsoft’s security product roadmap, security previews, and frontline support.

You will work at the forefront of cyber defense, directly involved in investigations against nation-state threat actors (including IR, CH, and NK based campaigns), while enhancing your skills in enterprise-scale log ingestion and Sentinel integration engineering, working with complex logs from diverse cloud and data sources.

You will own and optimize enterprise-wide log onboarding into Microsoft Sentinel—deploying connectors, Function Apps, and parsers to create tailored SIEM solutions that facilitate threat detection and response.

• Manage log ingestion across hybrid and multi-cloud environments
• Enhance custom Function Apps and ingestion pipelines
• Parse, normalize, and optimize log telemetry for accuracy and cost-efficiency
• Collaborate with IR teams during active threats, tuning rules based on real attack scenarios
• Work closely with Microsoft teams to develop advanced detection capabilities
• Contribute to internal knowledge bases and engineering standards

• Experience with complex Microsoft Sentinel implementations at SMC and enterprise levels
• Knowledge of security telemetry across identity, endpoint, cloud, and network layers
• Proficiency in SIEM content development, including KQL, analytics rules, and data connectors
• Scripting and engineering skills in Python, PowerShell, APIs, and Function Apps
• Background in cyber threat detection, incident response, or DFIR is advantageous
• Ability to work effectively in fast-paced, client-facing environments

• PowerShell, Python, REST APIs
• Log ingestion and parsing across platforms (Azure, AWS, GCP, M365, Defender, Entra, Copilot, Carbon Black, Okta, Tier 1 Network vendors)
• Knowledge of MITRE ATT&CK, threat detection frameworks, IOC enrichment
• Resourcefulness and problem-solving skills are essential
• Sentinel/Log Analytics cost management and data optimization

• Access to Microsoft Sentinel product teams and early feature previews
• Involvement in real-world nation-state attack detection
• Opportunities to develop Sentinel expertise
• Part of a Microsoft Security elite MISA and Depth partner
• Exposure to multi-cloud detection and advanced security automation
• Remote work with flexible culture and global team collaboration
• Career growth within a respected security consultancy