Social network you want to login/join with:
Senior Microsoft Sentinel / SIEM Engineer, Bristol
Client: Cloud Decisions
Location: Bristol, United Kingdom
Job Category: Other
EU work permit required: Yes
Job Views: 3
Posted: 31.05.2025
Expiry Date: 15.07.2025
Job Description:
Job Title: Senior Microsoft Sentinel / SIEM Engineer
Salary: Up to £85,000 + Benefits + Microsoft
Location: Fully Remote, UK
About the Role:
This is a standout opportunity for a Microsoft Sentinel expert to join a global security Microsoft powerhouse. You'll work with a Microsoft managed global partner, a prominent MISA member, a team with Security MVPs, and a Microsoft Verified Safe XDR Solution Partner. The role offers unparalleled access to Microsoft's security roadmap, previews, and frontline support.
You'll be at the forefront of cyber defence, working on investigations involving nation-state threat actors and refining enterprise-scale log ingestion and Sentinel integration engineering. This includes ingesting complex logs from various cloud and data sources and learning as you go.
Responsibilities:
* Own and optimise enterprise-wide log onboarding into Microsoft Sentinel
* Deploy standard and custom connectors, Function Apps, and parsers
* Enhance log ingestion pipelines and custom Function Apps
* Parse, normalise, and optimise log telemetry for accuracy and cost efficiency
* Partner with IR teams on real attacks to tune rules
* Collaborate with Microsoft teams to develop detection capabilities
* Contribute to internal knowledge base and engineering standards
Requirements:
* Experience with building and integrating complex Microsoft Sentinel solutions
* Understanding of security telemetry across identity, endpoint, cloud, and network
* Experience with SIEM content development, KQL, rules, and data connectors
* Scripting skills: Python, PowerShell, APIs, Function Apps
* Background in cyber threat detection, incident response, or DFIR is a plus
* Ability to work in fast-paced, customer-facing environments
Technical Skills:
* PowerShell, Python, REST APIs
* Log ingestion and parsing across multi-platforms (Azure, AWS, GCP, M365, Defender, Entra, Copilot, Carbon Black, Okta, Tier 1 Network vendors)
* MITRE ATT&CK, threat detection frameworks, IOC enrichment
* Problem-solving skills
* Sentinel/Log Analytics Cost Management and Data Optimisation
Benefits:
* Access to Microsoft Sentinel product teams and early feature previews
* Involvement in real-world nation-state attack detection
* Opportunity to enhance Sentinel mastery
* Part of a Microsoft Security elite MISA and Depth partner
* Exposure to multi-cloud detection and security automation
* Fully remote, flexible work culture with global collaboration
* Recognition, career growth within a respected security consultancy
#J-18808-Ljbffr