The Role
* Deploy, configure, and maintain Microsoft Sentinel for real-time threat monitoring and response.
* Create and fine-tune analytics rules, workbooks and playbooks in Sentinel.
* Integrate various data sources into Sentinel (e.g. Azure logs, on-prem logs, third-party tools).
* Manage incident response workflows and automate responses using SOAR capabilities.
* Conduct regular threat hunting and proactively identify indicators of compromise (IOCs).
* Work with security analysts to investigate and respond to alerts and incidents.
* Develop dashboards and reports for stakeholders.
* Ensure compliance with regulatory and organisational security policies.
Skills
* Proven experience with Microsoft Sentinel and Azure Security technologies.
* Proficiency in Kusto Query Language (KQL) for building custom detection rules and workbooks.
* Strong understanding of SIEM/SOAR principles and security operations.
* Familiarity with Microsoft Defender XDR, Azure Monitor and Azure Security Center.
* Experience with incident response and threat intelligence tools.
* Excellent communication and documentation skills.
* Security certifications are a plus (e.g. SC-200, AZ-500, CISSP, CEH).
**Some time will be required onsite in London**