Social network you want to login/join with:
Senior Microsoft Sentinel / SIEM Engineer, Bolton, Greater Manchester
Client: Cloud Decisions
Location: Bolton, Greater Manchester, United Kingdom
Job Category: Other
EU work permit required: Yes
Job Views:
3
Posted:
31.05.2025
Expiry Date:
15.07.2025
Job Description:
Job Title:
To £85,000 + Benefits + Microsoft
Fully Remote, UK
(*Global Microsoft Managed MISA Partner)
+ complex Sentinel Engineering/Integration
The Opportunity
This is a standout opportunity for a Microsoft Sentinel expert to step into a high-impact, technically advanced role with a global security Microsoft powerhouse.
You'll be joining a Microsoft managed global partner, a prominent MISA member, a team with Security MVPs and a Microsoft Verified Safe XDR Solution Partner, and a trusted Security Depth Partner.
In short, giving you unparalleled access to Microsoft’s security product roadmap, security previews, and frontline support.
You'll work at the forefront of cyber defense, directly contributing to investigations involving nation-state threat actors (including IR, CH, and NK-based campaigns) while refining your skills across enterprise-scale log ingestion and customized Sentinel integration engineering, which will challenge and develop your expertise, allowing you to ingest complex logs from various cloud and data sources and learn as you go.
The Role
You'll own and optimize enterprise-wide log onboarding into Microsoft Sentinel—deploying standard and custom connectors, Function Apps, and parsers to build tailored SIEM solutions that drive threat detection and response.
* Log ingestion at scale across hybrid and multi-cloud environments
* Enhance custom Function Apps and ingestion pipelines
* Parse, normalize, and optimize log telemetry for accuracy and cost-efficiency
* Partner with IR teams on live attacks – tuning rules against active threat actor campaigns
* Collaborate with Microsoft teams to develop advanced detection capabilities
* Contribute to internal knowledge base and help establish engineering standards
Requirements
* Experience building and integrating complex Microsoft Sentinel solutions at SMC and enterprise levels
* Understanding of security telemetry across identity, endpoint, cloud, and network layers
* Experience in SIEM content development, including KQL, analytics rules, and custom data connectors
* Scripting and engineering skills – Python, PowerShell, APIs, Function Apps
* Background in cyber threat detection, incident response, or DFIR is advantageous
* Ability to work in fast-paced, customer-facing environments
Technical Skills:
* PowerShell, Python, REST APIs
* Log ingestion and parsing across multiple platforms (Azure/AWS/GCP, M365, Defender, Entra, Copilot, Carbon Black, Okta, Tier 1 Network vendors)
* MITRE ATT&CK, threat detection frameworks, IOC enrichment
* Problem-solving skills are essential
* Sentinel/Log Analytics Cost Management and Data Optimization
What’s In It for You?
* Direct access to Microsoft Sentinel product teams and early feature previews
* Involvement in real-world nation-state attack detection
* Opportunity to expand and refine your Sentinel expertise
* Be part of a Microsoft Security elite MISA and Depth partner
* Exposure to multi-cloud detection and advanced security automation
* Fully remote, flexible work culture with global team collaboration
* Recognition, career growth, and development within a respected global Microsoft security consultancy
#J-18808-Ljbffr