1 to 25 of 78 Azure Sentinel Jobs in England

strategy, to developing Data & AI solutions, right through to providing a range of managed services. We are a Microsoft Solutions Partner, holding Specialisations in AI Platform on Microsoft Azure, Analytics on Microsoft Azure, Data Warehouse Migration to Microsoft Azure and Migrate Enterprise Applications to Microsoft Azure, as well as holding Solutions Partner … designations in Data & AI (Azure); Digital & App Innovation (Azure); Infrastructure (Azure) and Security. But it's not just about the badges. We are proud to be recognised as the winner of the 2024 Microsoft Community Response Partner of the Year award, reflecting our dedication to using technology for positive change. We are also a … Planning Analytics. With offices in York and Sheffield, and a team based throughout the UK – we champion creativity, innovation and collaboration in the workplace. The Role As an Azure Cloud Infrastructure Engineer, you will be responsible for designing, deploying, and managing cloud solutions on the Microsoft Azure platform. Your role will involve architecting cloud infrastructure, implementing More ❯

IT teams, franchisees, vendors, and regional leaders to drive security improvements. Contribute to the development of security programs and frameworks. Provide technical leadership in Microsoft-centric environments (Defender, Sentinel, Azure 365). Requirements: Proven experience in incident response and vulnerability management. Strong proficiency in Microsoft Defender, Sentinel, Azure 365, Tenable, Nessus. Ability … stakeholder engagement and executive reporting. Experience in Microsoft-centric security environments. Exposure to franchisee or third-party business models is a plus. Relevant certifications (e.g., CISSP, CISM, GIAC, Azure Security Engineer) are advantageous. If you want to bee part of a high-impact transformation in a global organization then apply today. More ❯

We’re looking for a hands-on technical expert to join our team and enhance our Microsoft Sentinel & Azure SIEM threat detection capabilities. The Role: Design, implement & tune advanced detection rules and analytics. Translate threat intelligence into actionable detection logic. Lead SIEM enhancements, integrations & content migration. Mentor junior engineers and drive best practices. Collaborate with IR … threat intel teams to refine detections. Skills: Proven experience in SIEM content development & threat detection. Strong expertise with Microsoft Sentinel, Azure & Logic Apps. Deep knowledge of MITRE ATT&CK, attacker TTPs & security principles. Strong analytical & problem-solving skills. More ❯

We’re looking for a hands-on technical expert to join our team and enhance our Microsoft Sentinel & Azure SIEM threat detection capabilities. The Role: Design, implement & tune advanced detection rules and analytics. Translate threat intelligence into actionable detection logic. Lead SIEM enhancements, integrations & content migration. Mentor junior engineers and drive best practices. Collaborate with IR … threat intel teams to refine detections. Skills: Proven experience in SIEM content development & threat detection. Strong expertise with Microsoft Sentinel, Azure & Logic Apps. Deep knowledge of MITRE ATT&CK, attacker TTPs & security principles. Strong analytical & problem-solving skills. More ❯

models will also be valuable in this role. What we would like from you Duration: 2-4 years of experience in a SOC or cybersecurity-related role. Technologies: Microsoft Azure, Entra ID, Intune, Azure Arc, Defender XDR, EDR, Azure Sentinel, Cloudflare, and Mimecast. IT environments: Including Windows, Linux, VMware, and AKS. Security More ❯

models will also be valuable in this role. What we would like from you Duration: 2-4 years of experience in a SOC or cybersecurity-related role. Technologies: Microsoft Azure, Entra ID, Intune, Azure Arc, Defender XDR, EDR, Azure Sentinel, Cloudflare, and Mimecast. IT environments: Including Windows, Linux, VMware, and AKS. Security More ❯

fixed-term contract paying £70,000 , offering full remote flexibility across the UK. The Opportunity You'll play a key role in stabilising and strengthening Microsoft 365 and Azure environments through a period of change. The role blends technical delivery with stakeholder engagement - you'll be as comfortable securing systems as you are guiding … users through new policies and controls. What You'll Be Doing Delivering and maintaining security across Microsoft 365 and Azure . Building and tuning detections in Microsoft Sentinel . Managing patching, malware protection, and vulnerability remediation . Supporting Cyber Essentials Plus and ongoing compliance programmes. Documenting changes, maintaining governance, and ensuring minimal disruption. Mentoring a service … desk engineer stepping into cyber security. What You'll Bring Strong experience with Microsoft 365 security, Defender, Intune, and Azure AD/Entra ID . Working knowledge of Azure Sentinel (SIEM) and KQL. Solid understanding of patch management and endpoint security. Previous involvement in Cyber Essentials Plus or ISO27001 accreditation. Clear communication skills, able More ❯

Sentinel SME - 6 months - Remote - Outside IR35 We are seeking an experienced Microsoft Sentinel SME for a 6-month contract to work directly with a key customer. This role involves designing and implementing advanced security playbooks, providing expert-level guidance, and delivering robust security monitoring and response solutions using Microsoft Sentinel. Key Responsibilities: Design, configure, and … optimize Microsoft Sentinel environments for effective security monitoring. Develop and maintain custom analytics rules, workbooks, and playbooks. Implement automation and orchestration of incident response using Sentinel and related tools. Act as the primary subject matter expert (SME) on Microsoft Sentinel for the customer. Collaborate with stakeholders to tailor Sentinel use cases to … the customer's security requirements. Provide ongoing support, tuning, and troubleshooting of Sentinel implementations. Ensure best practices for threat detection, incident response, and monitoring are applied. What You Will Ideally Bring: Deep, hands-on experience with Microsoft Sentinel and Azure security services. Strong understanding of SIEM concepts, log ingestion, and security operations workflows. Proven More ❯

Knowledge of additional log forwarding/processing tools (e.g. Elastic Agent, Fluentd). Exposure to vulnerability management and threat intelligence platforms such as OpenCTI. Qualifications: Expert knowledge of Azure & Sentinel Proven experience as a Cyber Analyst with a focus on Security Operations. Strong expertise in using Elastic Stack, including Elasticsearch, Logstash, and Kibana. Familiarity with other More ❯

environment. Excellent communication and stakeholder engagement skills. Certifications (Preferred): CISSP, GIAC (GCIA/GCIH/GCFA), SC-200, or equivalent. Cloud Experience: Exposure to AWS and/or Azure environments. Security Clearance: You must hold, or be eligible to obtain, SC Clearance . Reference: ODI/N/SOC #oddi More ❯

malware, phishing, and endpoint compromise Perform root cause analysis, containment, and recovery actions Tune detection rules and develop new use cases to improve response times Utilise Microsoft Defender, Sentinel, and Azure Security tools to detect and respond to threats Conduct post-incident reviews and recommend long-term prevention strategies Collaborate with infrastructure and security teams to … systems and processes Experience required Minimum 2 years in a SOC environment followed by recent hands-on incident response experience Strong working knowledge of SIEM and EDR tools (Sentinel, Defender, CrowdStrike, etc.) Solid understanding of Windows, Linux, and network security principles Experience with forensic or threat analysis techniques Familiarity with MITRE ATT&CK, NIST, or similar frameworks Desirable … malware, phishing, and endpoint compromise * Perform root cause analysis, containment, and recovery actions * Tune detection rules and develop new use cases to improve response times * Utilise Microsoft Defender, Sentinel, and Azure Security tools to detect and respond to threats * Conduct post-incident reviews and recommend long-term prevention strategies * Collaborate with infrastructure and security teams to More ❯

Microsoft Sentinel Engineer Up to £70,000 DOE Remote – MUST be UK based Are you an experienced Microsoft Sentinel Engineer ready to take ownership of advanced security projects? Do you have strong 3rd-line level experience across Microsoft, Azure, networking, and cloud security? Would you like to join a fast-growing global consultancy where … The team currently numbers around 15 within a 60-person business and is expanding fast including the recent onboarding of a major financial services client. As a Microsoft Sentinel Engineer, you will design, implement, and optimise Sentinel solutions across enterprise environments. You will connect multiple data sources, write complex KQL queries, build automation playbooks, and work … combines engineering depth with real client interaction ideal for someone who enjoys both hands-on work and architectural thinking. What You Will Be Doing Design, configure, and deliver Sentinel SIEM solutions for enterprise clients. Develop and optimise automation rules, playbooks, and runbooks using Logic Apps and Power Automate. Write and fine-tune Kusto Query Language (KQL) queries to More ❯

Microsoft Sentinel Engineer Up to £70,000 DOE Remote – MUST be UK based Are you an experienced Microsoft Sentinel Engineer ready to take ownership of advanced security projects? Do you have strong 3rd-line level experience across Microsoft, Azure, networking, and cloud security? Would you like to join a fast-growing global consultancy where … The team currently numbers around 15 within a 60-person business and is expanding fast including the recent onboarding of a major financial services client. As a Microsoft Sentinel Engineer, you will design, implement, and optimise Sentinel solutions across enterprise environments. You will connect multiple data sources, write complex KQL queries, build automation playbooks, and work … combines engineering depth with real client interaction ideal for someone who enjoys both hands-on work and architectural thinking. What You Will Be Doing Design, configure, and deliver Sentinel SIEM solutions for enterprise clients. Develop and optimise automation rules, playbooks, and runbooks using Logic Apps and Power Automate. Write and fine-tune Kusto Query Language (KQL) queries to More ❯

Proven experience in a 3rd Line/Senior Engineer role within an MSP or security-focused IT environment, supporting multiple clients and environments. Strong knowledge of Microsoft technologies (Azure, Microsoft 365, SharePoint, Intune/Entra) with a focus on security configuration, hardening and monitoring. In-depth understanding of networking, firewalls, VPNs, Windows Server, Active Directory and hybrid cloud … improvement of client security posture. Mentorship and leadership experience, providing cybersecurity guidance to junior engineers and Service Desk teams. Cyber Security & Centralised Services Manager - Desirable Certifications: Microsoft Certified: Azure Administrator/Solutions Expert CompTIA Security+, CISSP, CISM or equivalent cybersecurity qualification ITIL Foundation Vendor-specific certifications (Fortinet, SentinelOne, Datto, Mimecast, Huntress, etc.) Why Join the Company: Be part More ❯

Proven experience in a 3rd Line/Senior Engineer role within an MSP or security-focused IT environment, supporting multiple clients and environments. Strong knowledge of Microsoft technologies (Azure, Microsoft 365, SharePoint, Intune/Entra) with a focus on security configuration, hardening and monitoring. In-depth understanding of networking, firewalls, VPNs, Windows Server, Active Directory and hybrid cloud … improvement of client security posture. Mentorship and leadership experience, providing cybersecurity guidance to junior engineers and Service Desk teams. Cyber Security & Centralised Services Manager - Desirable Certifications: Microsoft Certified: Azure Administrator/Solutions Expert CompTIA Security+, CISSP, CISM or equivalent cybersecurity qualification ITIL Foundation Vendor-specific certifications (Fortinet, SentinelOne, Datto, Mimecast, Huntress, etc.) Why Join the Company: Be part More ❯

Proven experience in a 3rd Line/Senior Engineer role within an MSP or security-focused IT environment, supporting multiple clients and environments. Strong knowledge of Microsoft technologies (Azure, Microsoft 365, SharePoint, Intune/Entra) with a focus on security configuration, hardening and monitoring. In-depth understanding of networking, firewalls, VPNs, Windows Server, Active Directory and hybrid cloud … improvement of client security posture. Mentorship and leadership experience, providing cybersecurity guidance to junior engineers and Service Desk teams. Cyber Security & Centralised Services Manager - Desirable Certifications: Microsoft Certified: Azure Administrator/Solutions Expert CompTIA Security+, CISSP, CISM or equivalent cybersecurity qualification ITIL Foundation Vendor-specific certifications (Fortinet, SentinelOne, Datto, Mimecast, Huntress, etc.) Why Join the Company: Be part More ❯

to support a leading government client . The role is based in London and will need 2/3 days on site.Im looking for someone that has recent Sentinel and Defender experience and is a SME in this area Background skills required. • Policy Enforcement: Implement Conditional Access, MFA, and DLP policies. Maintain security posture using Secure Score and … of workload. • PowerShell Scripting: Automate routine tasks and configurations across O365 services • Policy Development: Support creation and enforcement of Council-wide O365 usage policies • Configure and maintain Sentinel workspaces aligned with Council tenancy and compliance requirements. • Integrate data sources including Defender for Endpoint, Defender for Identity, Office 365 audit logs, Azure AD, and third-party connectors. … Develop and implement playbooks and alert rules for automated incident response. • Collaborate with the Service Desk to triage and escalate Sentinel alerts. • Administer and maintain Microsoft 365 services including Exchange online, Exchange on prem and managing hybrid setup. • Administer and optimise Microsoft Defender XDR solutions including Defender for Cloud Apps, Defender for Office 365, and Defender for Identity. More ❯

bring: Proven experience leading or managing cyber and information security operations Strong grasp of frameworks such as ISO27001, NIST, GDPR and modern security tooling (e.g. Microsoft 365 Defender, Sentinel, Azure) Excellent communication and influencing skills — able to engage both technical and non-technical stakeholders A practical, business-focused approach to security leadership Why join: You’ll More ❯

hunt for threats, and enjoy taking ownership of complex challenges this role is for you. What Youll Do Lead on threat detection, hunting, and incident response, working with Azure/Defender, Sentinel, and third-party SOCs. Investigate alerts and coordinate responses with internal IT teams and external managed SOCs. Continuously monitor, enhance, and report on security … with ISO27001, GDPR, Cyber Essentials Plus, and other regulatory frameworks. What Were Looking For Proven experience in Cyber Security, Threat Intelligence, or SOC environments. Hands-on experience with Azure Security Center, Microsoft Sentinel, Defender ATP, M365 Security & Compliance, and KQL scripting. Knowledge of frameworks such as MITRE ATT&CK, NIST, CIS, NCSC, and Security Scorecard. Understanding More ❯

Workplace roadmap aligned with business goals. Lead technology selection and integration (e.g., Microsoft 365, Teams, Intune, Citrix). Manage Unified Endpoint Management (UEM) using Microsoft Intune, SCCM, and Azure AD. Oversee device lifecycle management, including provisioning, patching, and retirement (laptops, desktops, mobile, peripherals). Deploy and manage Azure Virtual Desktop (AVD) for remote and hybrid workforces. … Utilise Azure Autopilot for device provisioning and configuration. Integrate Azure Monitor, Log Analytics, and Sentinel for endpoint visibility and security. Leverage Azure AD Conditional Access and Identity Protection for secure access. Collaborate with InfoSec to enforce endpoint security policies. Ensure compliance with GDPR, ISO 27001, and internal governance. Lead initiatives to improve … Digital Experience Monitoring (DEM) tools. Administer and optimise Microsoft 365 ecosystem (Exchange, SharePoint, OneDrive). Drive adoption of collaboration platforms (Teams, Slack, Zoom). Integrate VDI solutions (Citrix, Azure Virtual Desktop) for remote access. Automate account provisioning via Azure AD and HR system integration. Assign appropriate roles and group memberships based on job function. Provision access More ❯

and lead on incident response. Conduct in-depth threat hunting, forensic investigations, and root cause analysis. Develop, test, and optimise detection use cases, rules, and playbooks within Microsoft Sentinel and Defender. Provide mentorship and guidance to junior SOC analysts, enhancing team capability. Collaborate with IT and OT teams to address unique security requirements across CNI environments. Drive improvements … compliance frameworks (NIS2, CAF, ISO 27001). Skills & Experience Required Extensive background in SOC operations, incident response, and threat hunting. Expertise with the Microsoft security stack, including: Microsoft Sentinel (SIEM/SOAR) Microsoft Defender for Endpoint, Identity, Cloud Apps, and Office 365 Microsoft Entra ID (Azure AD) Microsoft Purview (compliance and data protection) Strong knowledge of More ❯

detection/prevention systems, endpoint protection, SIEM, and identity management platforms. Implement secure network architecture and enforce segmentation and least-privilege access controls. Support secure cloud environments across Azure, AWS, or GCP (e.g., IAM, security groups, encryption, KMS). Threat Detection & Incident Response Monitor and analyze security alerts and network traffic for threats or suspicious activity. Lead or … Computer Science, Networking, or a related field. Experience: 3+ years’ experience in cybersecurity, network engineering, or IT infrastructure security roles. Certifications (Preferred): CompTIA Security+, CEH, OSCP, CISSP, CCSP, Azure/AWS security certifications. Skills & Competencies Strong knowledge of network security (TCP/IP, VPNs, DNS, firewalls). Experience with SIEM tools (e.g., Splunk, Sentinel, QRadar) and More ❯

detection/prevention systems, endpoint protection, SIEM, and identity management platforms. Implement secure network architecture and enforce segmentation and least-privilege access controls. Support secure cloud environments across Azure, AWS, or GCP (e.g., IAM, security groups, encryption, KMS). Threat Detection & Incident Response Monitor and analyze security alerts and network traffic for threats or suspicious activity. Lead or … Computer Science, Networking, or a related field. Experience: 3+ years’ experience in cybersecurity, network engineering, or IT infrastructure security roles. Certifications (Preferred): CompTIA Security+, CEH, OSCP, CISSP, CCSP, Azure/AWS security certifications. Skills & Competencies Strong knowledge of network security (TCP/IP, VPNs, DNS, firewalls). Experience with SIEM tools (e.g., Splunk, Sentinel, QRadar) and More ❯

detection/prevention systems, endpoint protection, SIEM, and identity management platforms. Implement secure network architecture and enforce segmentation and least-privilege access controls. Support secure cloud environments across Azure, AWS, or GCP (e.g., IAM, security groups, encryption, KMS). Threat Detection & Incident Response Monitor and analyze security alerts and network traffic for threats or suspicious activity. Lead or … Computer Science, Networking, or a related field. Experience: 3+ years’ experience in cybersecurity, network engineering, or IT infrastructure security roles. Certifications (Preferred): CompTIA Security+, CEH, OSCP, CISSP, CCSP, Azure/AWS security certifications. Skills & Competencies Strong knowledge of network security (TCP/IP, VPNs, DNS, firewalls). Experience with SIEM tools (e.g., Splunk, Sentinel, QRadar) and More ❯

authority and governance for the effective use of technical security controls across the firm Act as an escalation point for threat hunting and security incidents Investigate alerts from Azure/Defender, IT monitoring systems, and 3rd-party SOC, helping to ensure critical assets remain secure Manage supplier relationships, report on control effectiveness, and support compliance with ISO … GDPR, and Cyber Essentials Plus Technology NIST, CIS, NCSC, Mitre Att&ck, Security Scorecard, M365/Azure Security Center Azure Security Center, SIEM, Defender ATP, M365 Security, Data Compliance and Governance, PIM & PAM Zscaler (ZTNA), Darktrace, Firewalls, NAC, Network segregation, remote access & wireless technologies Windows & KQL (MS Sentinel) scripting Cloud computing (IaaS, PaaS, SaaS More ❯