1 to 25 of 49 Azure Sentinel Jobs

discipline. Proven ability to adapt quickly to emerging threats or new information, shifting focus as needed. Demonstrated expertise in Microsoft 365 Defender and Azure Sentinel for detecting, investigating, and responding to suspicious behaviors and anomalous activities. Familiarity with endpoint security solutions and security infrastructure, including … Working knowledge of cloud based web and email filtering solutions such as , Zscaler, Mimecast, Proofpoint, or Cisco. Experience with securing cloud environments (AWS, Azure, GCP), including configuration management, identity and access controls, monitoring, and incident response. Familiarity with cloud security tools (e.g., Microsoft Defender for Cloud, AWS Security ...

including network redesign, platform hardening, and workload migration. Design, implement, and optimise Identity & Access Management (IAM) solutions (e.g., Okta, Microsoft Entra ID/Azure AD, Ping Identity). Implement and support secure remote access and VPN solutions (e.g., Palo Alto Global Protect, Cisco AnyConnect, Zscaler ZPA). Implement ...

ownership and variety across the full defensive lifecycle. What You’ll Be Doing Lead investigations, triage and containment using SIEM/EDR (Microsoft Sentinel preferred) Harden IAM, PIM/PAM , Windows/Linux, endpoint baselines and identity services Strengthen M365 security : Defender for Endpoint/O365/Identity … Windows + Linux) Network security concepts (firewalls, IDS/IPS) Incident Response & Detection Hands-on IR: triage investigation containment recovery Experience with SIEM (Sentinel strongly preferred) Experience with EDR/XDR tools: Defender/CrowdStrike/SentinelOne Log analysis, packet captures, forensic investigation fundamentals Microsoft Security Defender suite ...

passion for cybersecurity Willingness to learn Familiarity with security monitoring in cloud environments, especially Microsoft Azure. Experience with SIEM platforms, such as Microsoft Sentinel or Rapid7. Comfortable working in a collaborative, 24/7 shift-based SOC environments Desireable: Role: SOC AnalystLocation: Birmingham & LeedsWork Pattern: Hybrid ...

Harvey Nash are now inviting candidates to apply for the role of Senior SIEM Engineer, (Sentinel). Running until the end of March 2026 (could extend) Daily rate of £600 - £700 Inside of IR35 Some onsite work required at our clients Reading location Must have current Security Clearance … e.g., PowerShell, Python). Strong Security Orchestration, Automation and Response (SOAR) knowledge. Team leadership experience with great collaboration and stakeholder management skills Technologies: Sentinel Azure KQL LogRhythm SC Clearance Please submit your CV today for consideration. ...

Harvey Nash are now inviting candidates to apply for the role of Senior SIEM Engineer, (Sentinel). Apply fast, check the full description by scrolling below to find out the full requirements for this role. Running until the end of March 2026 (could extend) Daily rate … PowerShell, Python). Strong Security Orchestration, Automation and Response (SOAR) knowledge. xkybehq Team leadership experience with great collaboration and stakeholder management skills Technologies: Sentinel Azure KQL LogRhythm SC Clearance Please submit your CV today for consideration. ...

will positively shape our future. What are the day-to-day tasks? Security Engineering & Automation Architect and implement security controls across Microsoft 365, Azure, Dynamics 365, Kubernetes (AKS), and AI/ML workloads. Lead the design and deployment of conditional access, Defender for Cloud, Purview DLP, Azure … related services. Integrate security into DevOps pipelines, CI/CD, infrastructure-as-code, and container workflows. Automate threat detection and response using Microsoft Sentinel SOAR, custom playbooks, and telemetry pipelines. Platform Security Oversight Own and optimise endpoint security through Intune, ensuring device compliance and integration with Zero Trust. ...

nature of the clients supported, candidates must be eligible for SC and NPPV3 security clearance . Key Responsibilities Create, maintain, and optimise Microsoft Sentinel analytics rules, Logic Apps, and playbooks to support incident detection and response. Support and enhance integrations between Microsoft Sentinel and other security … MSSP environment, responding to security incidents for public sector customers in line with agreed SLAs. Essential Experience Hands-on experience with Microsoft Sentinel within a SOC or MSSP environment. Experience building and maintaining automation using Azure Logic Apps and Sentinel playbooks. Working knowledge ...

London are looking for a seasoned Information Security Lead to be the authority across all Information Security and Cloud Infrastructure; ensuring Azure, Microsoft 365, and SaaS platforms are secure, resilient, and compliant. The role combines hands-on technical security expertise with risk management, governance, and assurance, supporting business … enablement, rather than day-to-day service desk operations. The ideal candidate will have strong technicals skills across the following: Microsoft Entra ID (Azure AD): Conditional Access, MFA, Passwordless authentication, Identity Protection, PIM, Phishing resistant MFA configurations Zero Trust architecture and least-privilege access models Identity governance, access ...

monitoring and initial response for SOC customers in line with Intercitys Security Incident Response Framework. Investigate alerts generated by Microsoft Sentinel and Microsoft Defender for 365, identifying true positives and responding appropriately. Analyse multiple security data sources to detect malicious activity and support containment actions. Communicate clearly … recommend strategies to reduce risk across customer environments. Contribute to the ongoing development of the SOC service through: Tuning detection rules within Microsoft Sentinel Improving automation and ticket workflows Identify vulnerabilities within Microsoft Defender 365 and support customers in improving their overall security posture. Essential Experience & Knowledge: Strong ...

skills, the ability to engage with both technical and executive stakeholders, and a strong understanding of cloud-native security solutions-particularly within the Azure ecosystem. Key Responsibilities Design and develop end-to-end enterprise security architectures, including infrastructure, data ingestion pipelines, and cloud security posture components. Lead … implementation and optimization of Microsoft security technologies such as Sentinel , Defender XDR , SOAR , and integrations involving DevOps (IDE/CI/CD) and Cribl . Develop advanced security analytics, threat intelligence models, and monitoring capabilities for cloud and hybrid environments. Work closely with engineering, DevOps, and security operations ...

experience Windows Server installation & configuration Virtualisation Vulnerability Scanning tools such as Qualys Cloud Platforms Experience with private & public cloud such as AWS & Azure Security Experience with MDM, MFA, Email filtering, Next generation firewalls & Anti-Virus solutions, SIEM Solutions such as Sentinel Skills An ability to work ...

security operations roles. Hands-on SIEM engineering and detection tuning experience. Proven ownership of complex incident response and investigations. Cloud security experience across Azure and AWS. Experience automating SOC workflows and response processes. Threat hunting experience beyond basic log review. Comfortable engaging directly with technical stakeholders. Able … prioritise and operate effectively under pressure. Useful but not essential Microsoft Sentinel experience. Container or Kubernetes environments. CI/CD security tooling exposure. Red or purple team experience. Why this opportunity Senior ownership and autonomy. Modern cloud-first environment. Strong investment in tooling and automation. Opportunity to genuinely ...

environment, focused on practical remediation and customer outcomes. The ideal candidate will have strong experience across Windows Server, Microsoft 365/Azure, and modern security technologies, and will be comfortable switching between customer meetings, technical design sessions, and hands-on engineering work when required. Key responsibilities and accountabilities … vulnerabilities and configuration weaknesses through practical changes and clear technical guidance. Assist with the deployment and improvement of security controls across Microsoft 365, Azure, and on-premises infrastructure. Work with Consulting and Security Operations teams to prioritise remediation activity based on risk and customer impact. Contribute to improving ...

environment, focused on practical remediation and customer outcomes. The ideal candidate will have strong experience across Windows Server, Microsoft 365/Azure, and modern security technologies, and will be comfortable switching between customer meetings, technical design sessions, and hands-on engineering work when required. Key responsibilities and accountabilities … vulnerabilities and configuration weaknesses through practical changes and clear technical guidance. Assist with the deployment and improvement of security controls across Microsoft 365, Azure, and on-premises infrastructure. Work with Consulting and Security Operations teams to prioritise remediation activity based on risk and customer impact. Contribute to improving ...

structured support environment with familiarity with the ITIL framework Microsoft & Endpoint Technologies Expert knowledge of Windows 10/11 Microsoft 365, Intune, Autopilot, Azure AD Group Policy, Intune Configuration Policies, Microsoft Sentinel Server & Virtualisation Microsoft Windows Server 2012–2022 Virtualisation technologies, particularly Proxmox or Microsoft Hyper … Cloud Technologies Public cloud solutions with hands-on experience in Azure or AWS Solution implementation, migration, and ongoing support Networking & Security LAN/WLAN/WAN technologies Strong understanding of DNS, DHCP, VPNs, and security best practices Firewall exposure including Sophos, Cisco, Fortinet, and PF Sense Automation & Virtualisation ...

London are looking for a seasoned Information Security Lead to be the authority across all Information Security and Cloud Infrastructure; ensuring Azure, Microsoft 365, and SaaS platforms are secure, resilient, and compliant. The role combines hands-on technical security expertise with risk management, governance, and assurance, supporting business … enablement, rather than day-to-day service desk operations. The ideal candidate will have strong technicals skills across the following: Microsoft Entra ID (Azure AD): Conditional Access, MFA, Passwordless authentication, Identity Protection, PIM, Phishing resistant MFA configurations Zero Trust architecture and least-privilege access models Identity governance, access ...

Ready to lead complex security operations, shape detection strategy, and be the go-to expert for Microsoft Sentinel and Defender XDR? Join my international client and take ownership of advanced engineering, threat hunting, and incident response in a modern, cloud-first environment.? My client is an international Consultancy … engineering work for SIEM and XDR , escalated security incident response, and advanced threat hunting. What this job is really about Owning M icrosoft Sentinel and Defender XDR so they work for you, not the other way round: shaping the data, the rules, the playbooks, and the signal ...

detection strategy and roadmap, aligning initiatives with KPIs and contractual requirements. Develop, optimise, and maintain high-fidelity detections using Splunk , Microsoft Sentinel , KQL , SPL , and Python for automation and Detection as Code. Work closely with cloud platforms ( AWS and Azure ) to enhance detection capabilities in hybrid … with day-to-day responsibilities. Essential Skills and Experience: SC clearance required to start; DV sponsorship available. Proven expertise with Splunk and Microsoft Sentinel SIEM platforms. Strong programming skills in Python , with experience developing automation and Detection as Code pipelines. Proficiency in KQL and SPL for creating efficient ...

experience: GlobalProtect, site-to-site IPsec VPNs, SSL decryption operations Advanced Threat Prevention tuning, WildFire analysis, DNS Security Cloud security/networking exposure: Azure/AWS/GCP, cloud-native firewalls, transit networking VM-Series deployments, Terraform/automation exposure SIEM integration experience: Splunk/Sentinel ...

goal: delivering an exceptional customer experience with speed and precision. Responsibilities: Be fast: Monitor alerts and events using tools like Microsoft Sentinel and PRTG, spotting issues before they become problems. Stay curious : Triage security and infrastructure incidents, follow playbooks, and keep things moving to resolution. Go further … DHCP). Windows/Linux systems or firewalls. Security tools (SIEM, antivirus, vulnerability scanners). Scripting (PowerShell, Python). Cloud platforms (Azure, AWS). Entry requirements: an A-Level in ICT OR an International Baccalaureate at Level 3 ICT OR an A-Level 3 apprenticeship in a similar ...

incident response, and threat hunting across a Microsoft-centric SIEM and XDR environment. This is a hands-on L3 role focused on Microsoft Sentinel and the Microsoft Defender XDR suite, acting as a technical authority within the SOC and supporting the ongoing expansion of security tooling and controls. … Responsibilities: Engineering and optimising Microsoft Sentinel, including log onboarding, connectors, parsers, and data normalisation Monitoring and optimising Sentinel and Defender licensing and ingestion costs Designing automated response and SOAR workflows using Sentinel playbooks Leading complex incident investigations and advanced threat response Proactive threat hunting ...

infrastructure Define and apply security architecture patterns , including Zero Trust and defence-in-depth strategies Lead security design for cloud-based solutions (AWS, Azure, and/or GCP) Architect and govern identity and access management (IAM) , including authentication, authorisation, and privileged access Design secure network architectures covering encryption … enterprise systems Solid understanding of Zero Trust , defence-in-depth, and modern security patterns Hands-on experience designing security for cloud platforms (AWS, Azure, and/or GCP) Deep knowledge of IAM , authentication, authorisation, and privileged access management Strong background in network security , encryption, and key management Experience ...

infrastructure. Solid understanding of security architecture patterns, zero trust principles, and Defence-in-depth strategies Experience designing security solutions in cloud environments (AWS, Azure, and/or GCP) Strong knowledge of identity and access management (IAM), authentication, authorization, and privileged access Experience with network security, encryption, key management … threat modelling Experience designing for security resilience. Desirable Skills: Hands-on experience with cloud security services and tooling (e.g. AWS Security Hub, Azure Defender, Sentinel) Experience with container and Kubernetes security (image scanning, runtime protection, policy enforcement) Exposure to regulated or highly secure enterprise environments Security ...

Intelligence Analyst, Threat Intelligence Analyst or Threat Hunting role Strong understanding of cyber threats, malware and adversary TTPs Hands-on experience with Microsoft Sentinel and Defender XDR Good working knowledge of KQL (Kusto Query Language) Strong understanding of the MITRE ATT&CK framework Experience investigating IOCs and real … Intelligence Analyst , not rigid office attendance. Keywords Cyber Threat Intelligence Analyst, Threat Intelligence Analyst, Cyber Threat Analyst, Threat Hunter, Cyber Security Analyst, Microsoft Sentinel, Defender XDR, KQL, Kusto Query Language, SIEM, EDR, MITRE ATT&CK, Threat Hunting, Cyber Threat Intelligence, Malware Analysis, IOCs, OSINT, SOC, Incident Response, Blue ...