Enable job alerts via email!

Senior Microsoft Sentinel / SIEM Engineer

JR United Kingdom

Liverpool

Remote

GBP 70,000 - 85,000

Full time

Yesterday

Be an early applicant

Boost your interview chances

Create a job specific, tailored resume for higher success rate.

Job summary

A leading security consultancy seeks a Senior Microsoft Sentinel / SIEM Engineer to optimize log onboarding and collaborate on security solutions. This position involves high-impact work with Microsoft’s security roadmap and addresses real-world threats in a fully remote setting.

Benefits

Access to Microsoft Sentinel product teams

Involvement in real-world nation-state attack detection

Career growth within a respected security consultancy

Remote, flexible work culture with global collaboration

Qualifications

Experience with complex Microsoft Sentinel deployment at SMC and enterprise level.
Understanding of security telemetry across identity, endpoint, cloud, and network layers.
Ability to work in fast-paced, customer-facing environments.

Responsibilities

Own and optimize enterprise-wide log onboarding into Microsoft Sentinel.
Deploy connectors, Function Apps, and parsers for tailored SIEM solutions.
Collaborate with Microsoft teams to develop detection capabilities.

Skills

PowerShell

Python

REST APIs

Log ingestion

Problem-solving skills

Social network you want to login/join with:

Senior Microsoft Sentinel / SIEM Engineer, Liverpool

Client: Cloud Decisions

Location: Liverpool, United Kingdom

Job Category: Other

EU work permit required: Yes

Job Views: 5

Posted: 06.06.2025

Expiry Date: 21.07.2025

Job Description:

Job Title: Senior Microsoft Sentinel / SIEM Engineer

Salary: Up to £85,000 + Benefits + Microsoft

Location: Fully Remote, UK

Company: Global Microsoft Managed MISA Partner

Role Highlights:

Complex Sentinel Engineering/Integration
High-impact role with a global security Microsoft partner
Access to Microsoft’s security product roadmap and support

The Opportunity:

This role offers a chance to work at the forefront of cyber defense, involving investigations with nation-state threat actors and enterprise-scale log ingestion and Sentinel integration engineering.

The Role:

Own and optimize enterprise-wide log onboarding into Microsoft Sentinel
Deploy connectors, Function Apps, and parsers for tailored SIEM solutions
Handle log ingestion across hybrid and multi-cloud environments
Enhance custom Function Apps and ingestion pipelines
Partner with IR teams on real attacks
Collaborate with Microsoft teams to develop detection capabilities
Contribute to internal knowledge base and standards

Requirements:

Experience with complex Microsoft Sentinel deployment at SMC and enterprise level
Understanding of security telemetry across identity, endpoint, cloud, and network layers
Experience with SIEM content development, KQL, analytics rules, and data connectors
Scripting skills: Python, PowerShell, APIs, Function Apps
Background in cyber threat detection, incident response, or DFIR is a plus
Ability to work in fast-paced, customer-facing environments

Technical Skills:

PowerShell, Python, REST APIs
Log ingestion and parsing across Azure, AWS, GCP, M365, Defender, Entra, Copilot, Carbon Black, Okta, and network vendors
Knowledge of MITRE ATT&CK, threat detection frameworks, IOC enrichment
Problem-solving skills
Sentinel/Log Analytics cost management and data optimization

Benefits:

Access to Microsoft Sentinel product teams and early feature previews
Involvement in real-world nation-state attack detection
Opportunity to develop Sentinel expertise
Part of a Microsoft Security elite MISA and Depth partner
Exposure to multi-cloud detection and security automation
Remote, flexible work culture with global collaboration
Career growth within a respected security consultancy

Get your free, confidential resume review.

or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.