Social network you want to login/join with:
Microsoft Security (Sentinel) Automation & Detection Engineer, Cambridge
Client:
Location:
Cambridge, United Kingdom
Job Category:
Other
-
EU work permit required:
Yes
Job Reference:
98bd29698e8a
Job Views:
30
Posted:
22.06.2025
Expiry Date:
06.08.2025
Job Description:
Role Overview: Utilizing knowledge of security operations, incident response, and detection engineering, you will be responsible for delivering Microsoft SIEM detections and security automations. The successful candidate should be proficient in automation and orchestration tools (SOAR platforms, scripting languages like Python, PowerShell, KQL) and experienced with integrating security tools (SIEM, EDR, firewalls) APIs and Case Management tools for data enrichment.
Key Skills and Experience:
* Experience contributing to large-scale, sprint-based security automation and detection engineering projects in a SOC or Cyber Defense environment.
* Recent hands-on experience with managing and implementing Microsoft Sentinel log sources and detections, including Sentinel Content Hub, Sentinel Analytics, Sentinel Automation, Azure Event Hub, Azure Logic Apps, Azure Function Apps.
* Experience in Sentinel/Analytics Rules/Logic App automations and KQL.
* At least 5 years in a technical role in security operations or security software development.
* Strong understanding of security operations, automation processes, detection engineering, and SIEM management.
* Experience with cloud security tools and their integration into SOC operations.
Responsibilities:
* Lead migration of log sources into Microsoft Sentinel SIEM.
* Develop security automations, logging, and SIEM detections to enhance operational efficiency and incident response.
* Design and maintain automated workflows and playbooks for incident response, threat hunting, threat intelligence, and vulnerability management.
* Collaborate with analysts to automate repetitive tasks.
* Work with Threat Intelligence, Incident Response, and Attack Surface teams to build and tune SIEM detections.
* Evaluate and improve automation solutions for performance and scalability.
* Partner with vendors and service providers for automation integrations.
Desirable Skills and Experience:
* Vendor-specific certifications for SOAR platforms.
* Ability to develop long-term automation strategies.
* Strong communication skills to translate technical concepts for diverse audiences.
* Meticulous attention to accuracy, reliability, and security in workflows.
#J-18808-Ljbffr