Senior Microsoft Sentinel / SIEM Engineer

Social network you want to login/join with:

Client: Cloud Decisions

Location: Brighton, United Kingdom

Job Category: Other

EU work permit required: Yes

Job Views: 6

Posted: 06.06.2025

Expiry Date: 21.07.2025

Job Title: Senior Microsoft Sentinel / SIEM Engineer

Salary: Up to £85,000 + Benefits + Microsoft

Location: Fully Remote, UK

Company: Global Microsoft Managed MISA Partner

Specialization: Complex Sentinel Engineering/Integration

This is a standout opportunity for a Microsoft Sentinel expert to step into a high-impact, technically advanced role with a global security Microsoft powerhouse.

You will join a Microsoft-managed global partner, a prominent MISA member, with Security MVPs, a Microsoft Verified Safe XDR Solution Partner, and a trusted Security Depth Partner. This role offers unparalleled access to Microsoft’s security product roadmap, previews, and frontline support.

You will work at the forefront of cyber defense, contributing to investigations involving nation-state threat actors (including IR, CH, and NK campaigns), and refining your skills in enterprise-scale log ingestion and Sentinel integration engineering, with opportunities to learn and handle complex logs from various cloud and data sources.

• Own and optimize enterprise-wide log onboarding into Microsoft Sentinel
• Deploy standard and custom connectors, Function Apps, and parsers
• Build tailored SIEM solutions for threat detection and response
• Manage log ingestion across hybrid and multi-cloud environments
• Enhance custom Function Apps and ingestion pipelines
• Parse, normalize, and optimize log telemetry for precision and cost control
• Partner with IR teams on real attacks, tuning rules against live threats
• Collaborate with Microsoft teams to develop advanced detection capabilities
• Contribute to internal knowledge base and engineering standards

• Experience with building and integrating complex Microsoft Sentinel at SMC and enterprise levels
• Understanding of security telemetry across identity, endpoint, cloud, and network layers
• Experience in SIEM content development, including KQL, analytics rules, and custom data connectors
• Scripting and engineering skills: Python, PowerShell, APIs, Function Apps
• Background in cyber threat detection, incident response, or DFIR (a plus)
• Ability to work in fast-paced, customer-facing environments

• PowerShell, Python, REST APIs
• Log ingestion and parsing across platforms (Azure/AWS/GCP, M365, Defender, Entra, Copilot, Carbon Black, Okta, Tier 1 Network vendors)
• Knowledge of MITRE ATT&CK, threat detection frameworks, IOC enrichment
• Ability to troubleshoot and resolve issues independently
• Sentinel/Log Analytics Cost Management and Data Optimization

• Direct access to Microsoft Sentinel product teams and early feature previews
• Involvement in real-world nation-state attack detection
• Opportunities to enhance your Sentinel expertise
• Part of a Microsoft Security elite MISA and Depth partner
• Exposure to multi-cloud detection and advanced security automation
• Fully remote, flexible work culture with global team collaboration
• Recognition, career growth within a respected security consultancy