Job Description
Job Title: SOC Analyst - Microsoft Sentinel Specialist
Location: Leeds
Reports To: SOC Manager / Head of Managed Security Services
Package: £55,000 - £60,000
About Us
We're a top-tier cybersecurity MSP and trusted advisor to organizations across industries, delivering cutting-edge security solutions and 24/7 protection. With a strong focus on Microsoft security technologies, we're growing fast - and looking for skilled SOC Analysts to help drive our Microsoft Sentinel-powered operations.
The Opportunity
This is not your average SOC role. As a Microsoft Sentinel Specialist, you'll be front and center in our managed SOC, leading the charge in threat detection, incident response, and security monitoring across client environments.
You'll bring deep expertise in Microsoft Sentinel and the wider Defender XDR suite, working directly with clients and internal teams to detect real threats, fine-tune detection logic, and elevate visibility across complex infrastructures.
What You'll Do
* Monitor and investigate security alerts in Microsoft Sentinel and Microsoft 365 Defender (Endpoint, Identity, Cloud, etc.).
* Respond to incidents - quickly, accurately, and with technical depth - following industry-standard IR playbooks.
* Threat hunt using advanced KQL queries; develop custom analytics rules and fine-tune existing detections.
* Onboard new clients into Sentinel, integrating data connectors and building automation playbooks (Logic Apps).
* Create and maintain clear documentation, client reports, and actionable runbooks.
* Collaborate with client stakeholders and internal engineers to optimize detection coverage and incident resolution.
* Drive continuous improvement through automation, process refinement, and operational enhancements.
What You Bring
Must-Have Experience:
* 2-5+ years in a SOC or threat detection role.
* Proven, hands-on Microsoft Sentinel expertise - including custom KQL, analytics rule creation, playbook development, and connector integration.
* Solid grasp of the Microsoft Defender XDR suite (Defender for Endpoint, Cloud, Identity, etc.).
* Familiarity with MITRE ATT&CK, SIEM fundamentals, and security best practices.
* Confident communicator and problem-solver, capable of working both independently and in a team.
Bonus Points For:
* Microsoft certs: SC-200, SC-100, AZ-500.
* Automation skills (Logic Apps, Power Automate).
* Knowledge of compliance frameworks: ISO 27001, NIST, Cyber Essentials.
* Experience with other SIEMs (Splunk, QRadar, etc.).
* Scripting (PowerShell, Python) for custom detection/response workflows.
Eames Consulting is acting as an Employment Agency in relation to this vacancy.