Senior Microsoft Sentinel / SIEM Engineer

Social network you want to login/join with:

Client: Cloud Decisions

Location: Maidstone, United Kingdom

Job Category: Other

EU work permit required: Yes

Job Views: 3

Posted: 31.05.2025

Expiry Date: 15.07.2025

Job Title: Senior Microsoft Sentinel / SIEM Engineer

Salary: Up to £85,000 + Benefits + Microsoft

Location: Fully Remote, UK

Company: Global Microsoft Managed MISA Partner

Specialization: Complex Sentinel Engineering/Integration

This is a standout opportunity for a Microsoft Sentinel expert to step into a high-impact, technically advanced role with a global security Microsoft powerhouse.

You will join a Microsoft managed global partner, a prominent MISA member, with Security MVPs, a Microsoft Verified Safe XDR Solution Partner, and a trusted Security Depth Partner. This role provides unparalleled access to Microsoft's security product roadmap, previews, and frontline support.

Work at the forefront of cyber defense, directly involved in investigations involving nation-state threat actors (including IR, CH, and NK campaigns), while honing your skills in enterprise-scale log ingestion and Sentinel integration engineering. You will handle complex logs from various cloud and data sources and learn continuously.

Own and optimize enterprise-wide log onboarding into Microsoft Sentinel—deploy connectors, Function Apps, and parsers to build tailored SIEM solutions for threat detection and response.

• Scale log ingestion across hybrid and multi-cloud environments
• Enhance custom Function Apps and ingestion pipelines
• Parse, normalize, and optimize log telemetry for precision and cost efficiency
• Partner with IR teams on live attacks, tuning rules against active threats
• Collaborate with Microsoft teams on detection capabilities
• Contribute to knowledge base and engineering standards

• Experience with complex Microsoft Sentinel deployment at SMC and enterprise levels
• Understanding of security telemetry across identity, endpoint, cloud, and network layers
• Proficiency in SIEM content development: KQL, analytics rules, custom connectors
• Scripting skills: Python, PowerShell, APIs, Function Apps
• Background in cyber threat detection, incident response, or DFIR (a plus)
• Ability to work in fast-paced, customer-facing environments

• PowerShell, Python, REST APIs
• Log ingestion and parsing across Azure, AWS, GCP, M365, Defender, Entra, Copilot, Carbon Black, Okta, Tier 1 Network vendors
• MITRE ATT&CK, threat frameworks, IOC enrichment
• Self-reliance and problem-solving skills
• Sentinel/Log Analytics Cost Management and Data Optimization

• Direct access to Microsoft Sentinel product teams and early feature previews
• Participation in real-world nation-state attack detection
• Opportunities to develop Sentinel expertise
• Part of a Microsoft Security elite MISA and Depth partner
• Exposure to multi-cloud detection and advanced automation
• Remote, flexible work culture with a global team
• Recognition, career growth within a respected security consultancy