Job Title:
Senior Microsoft Sentinel / SIEM Engineer, Lincoln
Client: Cloud Decisions
Location: Lincoln, United Kingdom
Job Category: Other
EU work permit required: Yes
Job Views: 3
Posted: 31.05.2025
Expiry Date: 15.07.2025
Job Description:
This is a high-impact role for a Microsoft Sentinel expert in a global security Microsoft partner. You will work on enterprise-scale log ingestion, custom Sentinel integration, and contribute to investigations involving nation-state threat actors. The role offers exposure to Microsoft’s security roadmap, security previews, and frontline support, with opportunities to enhance your skills in complex log management and SIEM solutions.
The Role
* Own and optimize enterprise log onboarding into Microsoft Sentinel
* Deploy connectors, Function Apps, and parsers for tailored SIEM solutions
* Manage log ingestion across hybrid and multi-cloud environments
* Enhance custom ingestion pipelines and parsers
* Partner with IR teams on live threat investigations
* Collaborate with Microsoft teams on detection capabilities
* Contribute to internal knowledge bases and engineering standards
Requirements
* Experience with Microsoft Sentinel at SMC and enterprise levels
* Understanding of security telemetry across identity, endpoint, cloud, and network
* Skills in SIEM content development (KQL, analytics rules, connectors)
* Scripting skills in Python, PowerShell, APIs, Function Apps
* Background in threat detection, incident response, or DFIR (preferred)
* Ability to work in fast-paced, customer-facing environments
Technical Skills
* PowerShell, Python, REST APIs
* Log ingestion and parsing across Azure, AWS, GCP, M365, Defender, Entra, Copilot, Carbon Black, Okta, and network vendors
* Knowledge of MITRE ATT&CK, threat detection frameworks, IOC enrichment
* Problem-solving skills
* Cost management and data optimization in Sentinel
Benefits
* Access to Microsoft Sentinel product teams and early features
* Involvement in real-world nation-state attack detection
* Opportunities to develop Sentinel expertise
* Part of a Microsoft Security elite MISA and Depth partner
* Exposure to multi-cloud detection and security automation
* Fully remote, flexible work culture
* Career growth within a global Microsoft security consultancy
#J-18808-Ljbffr