Senior Microsoft Sentinel / SIEM Engineer

Social network you want to login/join with:

col-narrow-left

Cloud Decisions

Chester, United Kingdom

Other

-

Yes

col-narrow-right

6

09.06.2025

24.07.2025

col-wide

Job Title:

To £85,000 + Benefits + Microsoft

Fully Remote, UK

(*Global Microsoft Managed MISA Partner

+ complex Sentinel Engineering/Integration)

The Opportunity

This is a standout opportunity for a Microsoft Sentinel expert to step into a high-impact, technically advanced role with a global security Microsoft powerhouse.

You'll be joining a Microsoft-managed global partner, a prominent MISA member, with Security MVPs, a Microsoft Verified Safe XDR Solution Partner, and a trusted Security Depth Partner.

This role provides unparalleled access to Microsoft’s security product roadmap, previews, and frontline support.

You will work at the forefront of cyber defense, directly involved in investigations with nation-state threat actors (including IR, CH, and NK campaigns), and refine your skills in enterprise-scale log ingestion and Sentinel integration engineering, working with complex logs from various cloud and data sources.

The Role

You will own and optimize enterprise-wide log onboarding into Microsoft Sentinel, deploying connectors, Function Apps, and parsers to build tailored SIEM solutions for threat detection and response.

• Log ingestion at scale across hybrid and multi-cloud environments
• Enhance custom Function Apps and ingestion pipelines
• Parse, normalize, and optimize log telemetry for accuracy and cost-efficiency
• Partner with IR teams during active attacks, tuning rules based on live threat activity
• Collaborate with Microsoft teams to develop advanced detection capabilities
• Contribute to internal knowledge bases and engineering standards

Requirements

• Experience with complex Microsoft Sentinel implementations at SMC and enterprise levels
• Understanding of security telemetry across identity, endpoint, cloud, and network layers
• Skills in SIEM content development, including KQL, analytics rules, and custom connectors
• Scripting skills: Python, PowerShell, APIs, Function Apps
• Background in cyber threat detection, incident response, or DFIR is a plus
• Ability to work in fast-paced, customer-facing environments

Technical Skills

• PowerShell, Python, REST APIs
• Log ingestion and parsing across platforms (Azure, AWS, GCP, M365, Defender, Entra, Copilot, Carbon Black, Okta, Tier 1 Network vendors)
• Knowledge of MITRE ATT&CK, threat detection frameworks, IOC enrichment
• Problem-solving skills
• Sentinel/Log Analytics cost management and data optimization

What’s In It for You?

• Access to Microsoft Sentinel product teams and early feature previews
• Involvement in real-world nation-state attack detection
• Opportunities to develop Sentinel expertise
• Part of a Microsoft Security elite MISA and Depth partner
• Exposure to multi-cloud detection and security automation
• Fully remote, flexible work culture with global collaboration
• Career growth within a respected security consultancy