Senior SIEM Engineer / Technical SME
Location: Guildford, UK (Remote with rare visits to office). 6‑month contract position.
Role description
Technical SME in the Cybersecurity space.
Key responsibilities
* Kusto Query Language (KQL) – expert level.
* Develop and maintain high‑fidelity detection rules using KQL.
* Utilize KQL for detection engineering, analytics, and threat‑hunting.
Microsoft Sentinel
* Act as the technical SME.
* Hands‑on experience with analytics rules, connectors, and workbooks.
* Ensure platform reliability and data quality.
* Coordinate the end‑to‑end onboarding of log sources into Sentinel.
Key skills/knowledge/experience
* Expert in KQL.
* Technical SME for Sentinel set up.
* Strong understanding of cloud and on‑premises logging (Windows, Linux, application, DB, identity).
* Experience onboarding data using AMA, DCRs, syslog/CEF, and Event Hub integrations.
* Comfortable using AI assisted tooling (e.g., Copilot for Security) to enhance productivity.
#J-18808-Ljbffr