Senior Microsoft Sentinel / SIEM Engineer

Social network you want to login/join with:

Client: Cloud Decisions

Location: Guildford, United Kingdom

Job Category: Other

EU work permit required: Yes

Job Title: Senior Microsoft Sentinel / SIEM Engineer

Salary: Up to £85,000 + Benefits + Microsoft

Location: Fully Remote, UK

Company: Global Microsoft Managed MISA Partner

This is a standout opportunity for a Microsoft Sentinel expert to step into a high-impact, technically advanced role within a global security Microsoft powerhouse.

Join a Microsoft managed global partner, a prominent MISA member, a team with Security MVPs, and a Microsoft Verified Safe XDR Solution Partner, gaining unparalleled access to Microsoft’s security product roadmap, previews, and frontline support.

Work at the forefront of cyber defence, contributing to investigations involving nation-state threat actors and refining skills in enterprise-scale log ingestion and Sentinel integration engineering.

• Own and optimise enterprise-wide log onboarding into Microsoft Sentinel.
• Deploy standard and custom connectors, Function Apps, and parsers for tailored SIEM solutions.
• Handle log ingestion across hybrid and multi-cloud environments.
• Enhance and develop custom Function Apps and ingestion pipelines.
• Parse, normalise, and optimise log telemetry for precision and cost efficiency.
• Collaborate with IR teams on active threats, tuning rules accordingly.
• Work closely with Microsoft teams to develop detection capabilities.
• Contribute to internal knowledge base and engineering standards.

• Experience with complex Microsoft Sentinel deployment at SMC and enterprise levels.
• Understanding of security telemetry across identity, endpoint, cloud, and network layers.
• Skills in SIEM content development: KQL, analytics rules, custom data connectors.
• Scripting and engineering skills: Python, PowerShell, APIs, Function Apps.
• Background in cyber threat detection, incident response, or DFIR is a plus.
• Ability to work in fast-paced, customer-facing environments.

• PowerShell, Python, REST APIs.
• Log ingestion and parsing across Azure, AWS, GCP, M365, Defender, Entra, Copilot, Carbon Black, Okta, and Tier 1 network vendors.
• Knowledge of MITRE ATT&CK, threat detection frameworks, IOC enrichment.
• Problem-solving ability is crucial.
• Experience with Sentinel/Log Analytics cost management and data optimisation.

• Direct access to Microsoft Sentinel product teams and early feature previews.
• Involvement in real-world nation-state attack detection.
• Opportunities to develop Sentinel expertise.
• Part of a Microsoft Security elite MISA and Depth partner.
• Exposure to multi-cloud detection and advanced security automation.
• Fully remote, flexible work culture with global collaboration.
• Career growth within a respected security consultancy.