Senior Microsoft Sentinel / SIEM Engineer

Social network you want to login/join with:

Client: Cloud Decisions

Location: Northampton, United Kingdom

Job Category: Other

EU work permit required: Yes

Job Views: 5

Posted: 06.06.2025

Expiry Date: 21.07.2025

Job Title:

To £85,000 + Benefits + Microsoft

Fully Remote, UK

(*Global Microsoft Managed MISA Partner

+ complex Sentinel Engineering/Integration)

This is a standout opportunity for a Microsoft Sentinel expert to step into a high-impact, technically advanced role with a global security Microsoft powerhouse.

You'll be joining a Microsoft managed global partner, a prominent MISA member, a team with Security MVPs and a Microsoft Verified Safe XDR Solution Partner, and a trusted Security Depth Partner.

This role provides unparalleled access to Microsoft’s security product roadmap, previews, and frontline support.

Work at the forefront of cyber defense, contributing to investigations involving nation-state threat actors (including IR, CH, and NK based campaigns) while developing your skills in enterprise-scale log ingestion and Sentinel integration engineering, working with complex logs from various cloud and data sources.

Own and optimize enterprise-wide log onboarding into Microsoft Sentinel—deploying connectors, Function Apps, and parsers to build tailored SIEM solutions for threat detection and response.

• Log ingestion at scale across hybrid and multi-cloud environments
• Enhance custom Function Apps and ingestion pipelines
• Parse, normalize, and optimize log telemetry for precision and cost control
• Partner with IR teams on real attacks, tuning rules against live threats
• Collaborate with Microsoft teams to develop detection capabilities
• Contribute to internal knowledge base and engineering standards

• Experience with complex Microsoft Sentinel deployment at SMC and enterprise levels
• Understanding of security telemetry across identity, endpoint, cloud, and network layers
• Skills in SIEM content development, including KQL, rules, and connectors
• Scripting and engineering skills: Python, PowerShell, APIs, Function Apps
• Background in cyber threat detection, incident response, or DFIR is a plus
• Ability to work in fast-paced, customer-facing environments

• PowerShell, Python, REST APIs
• Log ingestion and parsing across platforms (Azure, AWS, GCP, M365, Defender, Entra, Copilot, Carbon Black, Okta, Network vendors)
• MITRE ATT&CK, threat detection frameworks, IOC enrichment
• Resourcefulness and problem-solving skills are crucial
• Sentinel/Log Analytics cost management and data optimization

• Access to Microsoft Sentinel product teams and early feature previews
• Involvement in real-world nation-state attack detection
• Opportunities to develop Sentinel expertise
• Part of a Microsoft Security elite MISA and Depth partner
• Exposure to multi-cloud detection and security automation
• Fully remote, flexible work culture with global collaboration
• Recognition, career growth within a global Microsoft security consultancy