Senior Security Engineer/Architect - Perm - Up to £110,000 + benefits
Must already hold or be eligible for SC level security clearance
Remote first or Hybrid - London based office
An established organisation is seeking a Senior Security Engineer to help shape and enhance the security posture of the environments it supports. This role operates at the intersection of deep technical expertise, advisory ownership, and real-world security impact.
The successful candidate will work closely with customers, engineers, and operational security teams to deliver meaningful improvements across identity, detection engineering, endpoint security, and cloud security posture. This is a hands-on role involving the design and implementation of modern security architectures, solving complex technical challenges, and acting as a trusted technical partner.
Technology Environment
Microsoft Security Stack:
Microsoft Defender XDR
Microsoft Sentinel
Microsoft Entra ID
Microsoft Intune
Microsoft Defender for Cloud
Experience with alternative modern security platforms such as SentinelOne or CrowdStrike is advantageous.
Cloud Platforms:
Microsoft Azure (required)
Exposure to AWS or GCP (desirable)
Platforms & Infrastructure:
Active Directory / Entra hybrid identity
Windows Server and Linux
Networking, VPNs, firewalls, endpoint management
Tooling & Automation:
KQL
PowerShell
API integrations
Automation tooling
Key Responsibilities
Technical Delivery
Lead technical discussions with customers, guiding architecture, design decisions, and best practice implementations.
Own the end-to-end delivery of security solutions.
Design and implement detections, automation workflows, and runbooks.
Conduct technical assessments across identity, endpoint, cloud posture, logging, and security operations.
Develop, optimise, and tune KQL queries for detection engineering and threat hunting.
Review and enhance security configurations across cloud and SIEM/SOAR platforms.
Manage engagements through architecture, deployment, tuning, documentation, and customer enablement.
Identify security gaps and recommend improvements across logging, identity, endpoint hardening, cloud posture, and threat detection.
Platform & Engineering
Understand how endpoints, servers, domain controllers, and cloud workloads operate, and how security controls integrate with them.
Support remediation of misconfigurations and optimisation of security deployments.
Leverage scripting, APIs, and automation to streamline repeatable tasks.
Integrate firewalls, EDR platforms, logging pipelines, and SIEM/SOAR tooling.
Customer & Collaboration
Act as a trusted technical advisor to security and engineering stakeholders.
Communicate complex technical concepts clearly to both technical and non-technical audiences.
Translate customer requirements into actionable technical plans and deliverables.
Collaborate with internal engineering, SOC, and platform teams to improve processes and share insights.
Contribute to knowledge articles, design documentation, runbooks, and reusable delivery patterns.
Required Experience
Strong, demonstrable experience across the Microsoft security ecosystem.
Solid understanding of identity and endpoint security fundamentals.
Proven experience writing and tuning detection logic (e.g., KQL) for detection engineering and threat hunting scenarios.
Excellent communication and customer-facing skills, with the ability to lead discussions and influence outcomes.
Ability to work autonomously, solve complex problems, and deliver high-quality technical solutions.
Desirable Experience
Automation experience (PowerShell, Python, API integrations) and/or systems administration background.
Familiarity with security frameworks and incident response methodologies.
Experience working with logging pipelines (e.g., AMA, Syslog, Cribl, SIEM tooling).
Exposure to non-Microsoft security platforms such as CrowdStrike, SentinelOne, or Tenable.
Experience producing architecture documents, diagrams, and technical design proposals.
Background in an MSSP, consultancy, or customer-facing engineering environment.
What the Role Offers
Ownership of technical direction across engagements with the ability to influence customer security posture.
A blend of architecture, engineering, advisory, and hands-on implementation work.
Exposure to a diverse range of environments, threat models, and operational challenges.
TPBN1_UKTJ