Senior Microsoft Sentinel / SIEM Engineer

Social network you want to login/join with:

Client: Cloud Decisions

Location: Bristol, United Kingdom

Job Category: Other

EU work permit required: Yes

Job Views: 3

Posted: 31.05.2025

Expiry Date: 15.07.2025

Job Title: Senior Microsoft Sentinel / SIEM Engineer

Salary: Up to £85,000 + Benefits + Microsoft

Location: Fully Remote, UK

About the Role:

This is a standout opportunity for a Microsoft Sentinel expert to join a global security Microsoft powerhouse. You'll work with a Microsoft managed global partner, a prominent MISA member, a team with Security MVPs, and a Microsoft Verified Safe XDR Solution Partner. The role offers unparalleled access to Microsoft's security roadmap, previews, and frontline support.

You'll be at the forefront of cyber defence, working on investigations involving nation-state threat actors and refining enterprise-scale log ingestion and Sentinel integration engineering. This includes ingesting complex logs from various cloud and data sources and learning as you go.

Responsibilities:

• Own and optimise enterprise-wide log onboarding into Microsoft Sentinel
• Deploy standard and custom connectors, Function Apps, and parsers
• Enhance log ingestion pipelines and custom Function Apps
• Parse, normalise, and optimise log telemetry for accuracy and cost efficiency
• Partner with IR teams on real attacks to tune rules
• Collaborate with Microsoft teams to develop detection capabilities
• Contribute to internal knowledge base and engineering standards

Requirements:

• Experience with building and integrating complex Microsoft Sentinel solutions
• Understanding of security telemetry across identity, endpoint, cloud, and network
• Experience with SIEM content development, KQL, rules, and data connectors
• Scripting skills: Python, PowerShell, APIs, Function Apps
• Background in cyber threat detection, incident response, or DFIR is a plus
• Ability to work in fast-paced, customer-facing environments

Technical Skills:

• PowerShell, Python, REST APIs
• Log ingestion and parsing across multi-platforms (Azure, AWS, GCP, M365, Defender, Entra, Copilot, Carbon Black, Okta, Tier 1 Network vendors)
• MITRE ATT&CK, threat detection frameworks, IOC enrichment
• Problem-solving skills
• Sentinel/Log Analytics Cost Management and Data Optimisation

Benefits:

• Access to Microsoft Sentinel product teams and early feature previews
• Involvement in real-world nation-state attack detection
• Opportunity to enhance Sentinel mastery
• Part of a Microsoft Security elite MISA and Depth partner
• Exposure to multi-cloud detection and security automation
• Fully remote, flexible work culture with global collaboration
• Recognition, career growth within a respected security consultancy