SIEM Engineer

An exciting opportunity has arisen at an award-winning Microsoft Partner for a SIEM Engineer. The business is a fast-growing, industry-leading managed service and managed security service provider, delivering to mid-sized and large enterprise clients.

This is a fantastic opportunity for a SIEM Engineer to continue developing their expertise in security platforms at an established Microsoft Partner. The company places strong emphasis on staff development, offering support for training and professional certifications. You’ll also gain exposure to cutting-edge technologies, working across security operations and cyberspace.

This is a predominantly remote role; however, you must be based in the UK to be considered. Due to government-based clients, this role also requires eligibility to obtain SC Clearance.

• Create, maintain, and optimise Logic Apps and Sentinel playbooks to automate incident detection and response workflows in Microsoft Sentinel.
• Develop and implement API integrations between Microsoft Sentinel and other systems to enhance data collection, cross-system communication, and automation.
• Leverage APIs to streamline security operations and increase SOC efficiency.
• Design and deploy automated workflows to handle routine SOC tasks, including alert enrichment, notifications, and data gathering.
• Work closely with security analysts and engineers to design automation solutions that improve the overall security posture.
• Monitor and maintain automation tools to ensure they function as expected, identifying opportunities for further improvements.

Skills & Experience

• Hands-on experience with Microsoft Sentinel: proven track record in developing playbooks, automation workflows, and incident response processes within Microsoft Sentinel.
• Experience in building and maintaining workflows with Azure Logic Apps to automate processes.
• Strong experience in API development and integration.
• Proficiency in KQL, JSON, and PowerShell.
• Good written and verbal communication skills.
• Technical understanding of IT infrastructure – Microsoft 365 suite, Defender XDR, Entra ID (Azure Active Directory), Azure Portal.

Please note that if you are NOT a passport holder of the country for the vacancy you might need a work permit. Check our Blog for more information.

Bank or payment details should not be provided when applying for a job. Eurojobs.com is not responsible for any external website content. All applications should be made via the 'Apply now' button.

Created on 31/05/2025 by JR United Kingdom