Senior Microsoft Sentinel / SIEM Engineer

Social network you want to login/join with:

Client: Cloud Decisions

Location: Stoke-on-Trent, United Kingdom

Job Category: Other

-

EU work permit required: Yes

3

31.05.2025

15.07.2025

Job Title: Senior Microsoft Sentinel / SIEM Engineer, to £85,000 + Benefits + Microsoft

Location: Fully Remote, UK

Company: Global Microsoft Managed MISA Partner

Role Overview:

This is a standout opportunity for a Microsoft Sentinel expert to work with a global security Microsoft powerhouse. You will join a Microsoft managed global partner, a prominent MISA member, and a trusted Security Depth Partner, giving you access to Microsoft’s security roadmap and support. You will work at the forefront of cyber defense, contributing to investigations involving nation-state threat actors and refining your skills in enterprise-scale log ingestion and Sentinel engineering.

Responsibilities:

• Own and optimize enterprise-wide log onboarding into Microsoft Sentinel
• Deploy standard and custom connectors, Function Apps, and parsers
• Handle log ingestion at scale across hybrid and multi-cloud environments
• Enhance custom Function Apps and ingestion pipelines
• Parse, normalize, and optimize log telemetry for accuracy and cost-efficiency
• Partner with IR teams on live attack responses
• Collaborate with Microsoft teams to develop detection capabilities
• Contribute to internal knowledge base and engineering standards

Requirements:

• Experience with building and integrating complex Microsoft Sentinel solutions
• Understanding of security telemetry across identity, endpoint, cloud, and network layers
• Experience with SIEM content development, KQL, analytics rules, and custom data connectors
• Scripting skills in Python, PowerShell, APIs, and Function Apps
• Background in cyber threat detection, incident response, or DFIR (a plus)
• Ability to work in fast-paced, customer-facing environments

Technical Skills:

• PowerShell, Python, REST APIs
• Log ingestion and parsing across multiple platforms (Azure, AWS, GCP, M365, Defender, Entra, Copilot, Carbon Black, Okta, Tier 1 Network vendors)
• Knowledge of MITRE ATT&CK, threat detection frameworks, IOC enrichment
• Problem-solving skills
• Sentinel/Log Analytics Cost Management and Data Optimization

Benefits:

• Access to Microsoft Sentinel product teams and early feature previews
• Involvement in real-world nation-state attack detection
• Opportunity to develop Sentinel expertise
• Part of a Microsoft Security elite MISA and Depth partner
• Exposure to multi-cloud detection and security automation
• Remote, flexible work environment with global team collaboration
• Career growth and recognition within a respected security consultancy