1 to 25 of 436 Azure Sentinel Jobs in the UK excluding London

for a new challenge? Do you have a background in Cyber Security with a strong understanding of security technologies, including SIEM, EDR, firewalls, VPNs, and cloud security (AWS, Azure, GCP) in an MSP or similar environment, along with hands-on experience with Splunk/MS Sentinel/QRadar and KQL? Here at ARM we are recruiting … . 4yrs+ of experience in a cybersecurity role within an MSP or similar environment. Strong understanding of security technologies, including SIEM, EDR, firewalls, VPNs, and cloud security (AWS, Azure, GCP). Strong hands-on experience with Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and Detection Rule languages such as KQL. Hands-on experience with threat More ❯

will lead the design and implementation of security frameworks within a Microsoft-centric environment. The ideal candidate will have extensive hands-on experience in Microsoft 365, Entra ID (Azure AD), Microsoft Intune, Defender Suite, and Zero Trust Security Architecture. This role will focus on identity security, endpoint management, compliance, and cloud security, ensuring a secure and scalable IT … Virtual Desktop Infrastructure (VDI) is a plus. Your key responsibilities will include: 1. Microsoft Security & Identity Management Design and implement Zero Trust Security Architecture within Microsoft 365 and Azure environments. Manage Entra ID (Azure AD), Conditional Access, Multi-Factor Authentication (MFA), and Privileged Access Management (PAM). Optimize Microsoft Intune for endpoint security, compliance, and mobile … Microsoft Defender Suite (Defender for Office 365, Defender for Endpoint, Defender for Cloud Apps) for advanced threat protection. Strengthen cloud security posture by managing security configurations across Microsoft Azure environments. 3. Security Automation & Incident Response Automate security workflows with Power Automate, Power Apps, and Microsoft Defender XDR. Deploy Microsoft Sentinel (SIEM) for threat detection, log analysis More ❯

experience. 4+ years in a cybersecurity role, preferably within an MSP or fast-paced environment. Strong hands-on experience with SIEM, EDR, VPNs, firewalls, and cloud platforms (AWS, Azure, GCP). Expertise in Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and KQL. Proven skills in threat detection, incident response, and forensic analysis. Knowledge of SOAR More ❯

experience. 4+ years in a cybersecurity role, preferably within an MSP or fast-paced environment. Strong hands-on experience with SIEM, EDR, VPNs, firewalls, and cloud platforms (AWS, Azure, GCP). Expertise in Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and KQL. Proven skills in threat detection, incident response, and forensic analysis. Knowledge of SOAR More ❯

experience. 4+ years in a cybersecurity role, preferably within an MSP or fast-paced environment. Strong hands-on experience with SIEM, EDR, VPNs, firewalls, and cloud platforms (AWS, Azure, GCP). Expertise in Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and KQL. Proven skills in threat detection, incident response, and forensic analysis. Knowledge of SOAR More ❯

experience. 4+ years in a cybersecurity role, preferably within an MSP or fast-paced environment. Strong hands-on experience with SIEM, EDR, VPNs, firewalls, and cloud platforms (AWS, Azure, GCP). Expertise in Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and KQL. Proven skills in threat detection, incident response, and forensic analysis. Knowledge of SOAR More ❯

an initial 6-month contract in a Work from Office (WFO) role. This role will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCI DSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure … approach to integrating security across their software delivery lifecycle. A key part of this position will also involve mentoring an internal engineer, developing structured security policies, and managing Sentinel, Defender and SOAR solutions for automated threat response. Additionally, the role requires liaising with third-party support partners to coordinate security solutions, manage incidents, and enhance overall cybersecurity posture. … Responsibilities Infrastructure Security: Architect and secure Azure-based infrastructure using Terraform, ensuring adherence to security best practices by developing, maintaining, and optimizing Terraform code. DevOps Pipeline Development and Maintenance: Design, develop, and optimize Azure DevOps pipelines with security embedded at every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and More ❯

an initial 6-month contract in a Work from Office (WFO) role. This role will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCI DSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure … approach to integrating security across their software delivery lifecycle. A key part of this position will also involve mentoring an internal engineer, developing structured security policies, and managing Sentinel, Defender and SOAR solutions for automated threat response. Additionally, the role requires liaising with third-party support partners to coordinate security solutions, manage incidents, and enhance overall cybersecurity posture. … Responsibilities Infrastructure Security: Architect and secure Azure-based infrastructure using Terraform, ensuring adherence to security best practices by developing, maintaining, and optimizing Terraform code. DevOps Pipeline Development and Maintenance: Design, develop, and optimize Azure DevOps pipelines with security embedded at every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and More ❯

professional with a solid foundation in threat detection and response, looking to deepen your impact in a dynamic IT environment? Do you have hands-on experience with Microsoft Sentinel and Microsoft Defender, and a passion for protecting systems and data from evolving threats? We’re seeking an IT Security Analyst to join our innovative and fast-growing team … role in maintaining and enhancing the security of our cloud and on-premises environments. Your responsibilities will include: Safeguard our infrastructure; implement and maintain security controls across Microsoft Azure, Microsoft 365, and on-premises systems Act as a point of contact for security-related queries, providing guidance and training to end-users and technical teams Maintain clear, comprehensive … date documentation of security policies, procedures, incident response plans, and system configurations Work closely with our Security Operations Centre to monitor and investigate security alerts generated by Microsoft Sentinel and Microsoft Defender Collaborate with our SoC to develop, refine, and optimize detection rules and custom alerts, ensuring alerting mechanisms are aligned with evolving threat landscapes while reducing false More ❯

Knowledge and experience of hybrid cloud environments with a particular emphasis on EntraID/M365 Knowledge and experience of these technologies is a key requirement: Microsoft EntraID/Azure Microsoft Defender 365 (including Microsoft Defender XDR) Microsoft Sentinel Microsoft Active Directory Microsoft Intune VMWare Experience in as many of these technologies/areas as possible is More ❯

able to obtain SC Clearance or already hold SC clearance. Must have a good understanding on Incident Response approaches Must have knowledge and hands-on knowledge of Microsoft Sentinel (or any SIEM tool). Strong verbal and written English communication. Strong interpersonal and presentation skills. Strong analytical skills Must have good understanding on network traffic flows and able … and Change Management. Ability to work with minimal levels of supervision. Threat Hunting & Detection (IOC & IOA Analysis, TTP Profiling, Cyber Kill Chain) SIEM Fine-Tuning & Optimisation (QRadar, Splunk, Sentinel, ArcSight) Incident Response & Forensics (MITRE ATT&CK, DFIR, Log Analysis) Threat Intelligence Analysis Security Analytics & Automation (SOAR, YARA Rules, Sigma Rules) Malware Analysis & Reverse Engineering Network & Endpoint Security Monitoring … a SOC/NOC environment. Preferably holds Cyber Security Certification e.g. ISC2 CISSP, GIAC, SC-200, Certified SOC Analyst Experience with Cloud platforms (AWS and/or Microsoft Azure) Excellent knowledge of Microsoft Office products, especially Excel and Word Reports to Security Director - NTT DATA UK Security Practice Client Delivery Director - NTT DATA UK Managed Services Who we More ❯

of assignment: 6 months contract InsideIR35 Role Description: We are seeking a highly skilled and experienced SOC L3 Analyst with strong engineering knowledge and deep expertise in Microsoft Sentinel and the Microsoft Defender suite. The ideal candidate will take a lead role in advanced threat detection, incident response, detection engineering, and security monitoring, while also optimizing license consumption … in a Level 3 SOC role Key Responsibilities: Advanced Threat Detection & Incident Response - Investigate and analyze complex security incidents escalated from L1/L2 SOC analysts. - Leverage Microsoft Sentinel (SIEM) and Microsoft Defender XDR to conduct in-depth incident response. - Correlate multi-source telemetry (network, endpoint, identity, cloud) to identify and contain threats. Threat Hunting & Detection Engineering - Perform … and hunting queries. - Apply the MITRE ATT&CK framework to build coverage and improve threat visibility. Security Engineering & Platform Management - Onboard and integrate new data sources into Microsoft Sentinel, ensuring accurate log ingestion and parsing. - Build and manage data connectors, custom log parsers, and normalization schemas. - Collaborate with cloud and infrastructure teams to onboard telemetry from endpoints, identity More ❯

/or Splunk Cloud), firewalls, and other core security products. (e.g. Crowdstrike, Carbon Black, Splunk, and/or the Microsoft security technologies) A solid working knowledge of Windows Azure Active … Directory, Windows OS, Mac OS, Virtualization, SQL Server, networking protocols, certificates, virtual and physical client/servers. Some hands-on experience with one or more of the following: Microsoft Azure Sentinel, Microsoft 365 Defender, and Azure Defender suite of security solutions (i.e. Defender for Endpoint, Defender for Identity, Defender for Office365, MSFT Cloud App … Security), Azure Active Directory, Azure Security Center, Azure Log Analytics, and M365 suite of solutions. AZ-500 and MS-500 Certifications are very welcome but not a strict requirement. Ability to work well with diverse teams. Provide product and service demonstrations. Ability to work independently or as an active member of a team About More ❯

/or Splunk Cloud), firewalls, and other core security products. (e.g. Crowdstrike, Carbon Black, Splunk, and/or the Microsoft security technologies) A solid working knowledge of Windows Azure Active … Directory, Windows OS, Mac OS, Virtualization, SQL Server, networking protocols, certificates, virtual and physical client/servers. Some hands-on experience with one or more of the following: Microsoft Azure Sentinel, Microsoft 365 Defender, and Azure Defender suite of security solutions (i.e. Defender for Endpoint, Defender for Identity, Defender for Office365, MSFT Cloud App … Security), Azure Active Directory, Azure Security Center, Azure Log Analytics, and M365 suite of solutions. AZ-500 and MS-500 Certifications are very welcome but not a strict requirement. Ability to work well with diverse teams. Provide product and service demonstrations. Ability to work independently or as an active member of a team About More ❯

/or Splunk Cloud), firewalls, and other core security products. (e.g. Crowdstrike, Carbon Black, Splunk, and/or the Microsoft security technologies) A solid working knowledge of Windows Azure Active … Directory, Windows OS, Mac OS, Virtualization, SQL Server, networking protocols, certificates, virtual and physical client/servers. Some hands-on experience with one or more of the following: Microsoft Azure Sentinel, Microsoft 365 Defender, and Azure Defender suite of security solutions (i.e. Defender for Endpoint, Defender for Identity, Defender for Office365, MSFT Cloud App … Security), Azure Active Directory, Azure Security Center, Azure Log Analytics, and M365 suite of solutions. AZ-500 and MS-500 Certifications are very welcome but not a strict requirement. Ability to work well with diverse teams. Provide product and service demonstrations. Ability to work independently or as an active member of a team About More ❯

with security tools for Windows, Linux, and Mac environments. Strong understanding of network protocols and technologies (e.g. VPN, TLS, DMZ). Practical knowledge of cloud security across AWS, Azure, or GCP (e.g. CloudTrail, Sentinel). Experience with endpoint protection, DLP, IDS/IPS, MFA, and content filtering. Familiarity with SIEM platforms and vulnerability management tools. Exposure More ❯

Social network you want to login/join with: Senior Microsoft Sentinel/SIEM Engineer, Southampton Client: Cloud Decisions Location: Southampton, United Kingdom Job Category: Other EU work permit required: Yes Job Views: 5 Posted: 06.06.2025 Expiry Date: 21.07.2025 Job Description: Job Title: Senior Microsoft Sentinel/SIEM Engineer Salary: Up to £85,000 + Benefits … + Microsoft Location: Fully Remote, UK Company: Global Microsoft Managed MISA Partner Specialization: Complex Sentinel Engineering/Integration The Opportunity This is a standout opportunity for a Microsoft Sentinel expert to step into a high-impact, technically advanced role with a global security Microsoft powerhouse. You'll join a Microsoft managed global partner, a prominent MISA … the forefront of cyber defense, contributing to investigations involving nation-state threat actors (including IR, CH, and NK campaigns), and refining skills in enterprise-scale log ingestion and Sentinel integration engineering, handling complex logs from various cloud and data sources. The Role Own and optimize enterprise-wide log onboarding into Microsoft Sentinel Deploy standard and custom More ❯

Social network you want to login/join with: Senior Microsoft Sentinel/SIEM Engineer, Crawley, West Sussex Client: Cloud Decisions Location: Crawley, West Sussex, United Kingdom Job Category: Other EU work permit required: Yes Job Views: 6 Posted: 06.06.2025 Expiry Date: 21.07.2025 Job Description: Job Title: Senior Microsoft Sentinel/SIEM Engineer - Up to … + Benefits + Microsoft Location: Fully Remote, UK Company: Global Microsoft Managed MISA Partner Specialization: Complex Sentinel Engineering/Integration The Opportunity This is a standout opportunity for a Microsoft Sentinel expert to step into a high-impact, technically advanced role with a global security Microsoft powerhouse. You will join a Microsoft managed global partner, a … cyber defense, contributing to investigations involving nation-state threat actors (including IR, CH, and NK campaigns). You will refine your skills in enterprise-scale log ingestion and Sentinel integration engineering, handling complex logs from numerous cloud and data sources. The Role Own and optimize enterprise-wide log onboarding into Microsoft Sentinel Deploy standard and custom More ❯

Social network you want to login/join with: Senior Microsoft Sentinel/SIEM Engineer, Slough Client: Cloud Decisions Location: Slough, United Kingdom Job Category: Other EU work permit required: Yes Job Views: 3 Posted: 31.05.2025 Expiry Date: 15.07.2025 Job Description: Job Title: Senior Microsoft Sentinel/SIEM Engineer Salary: Up to £85,000 + Benefits … + Microsoft Location: Fully Remote, UK Company: Global Microsoft Managed MISA Partner This is a standout opportunity for a Microsoft Sentinel expert to step into a high-impact, technically advanced role with a global security Microsoft powerhouse. You'll be joining a Microsoft managed global partner, a prominent MISA member, a team with Security MVPs, and a Microsoft … defence, directly contributing to investigations involving nation-state threat actors (including IR, CH, and NK based campaigns) while refining your skills across enterprise-scale log ingestion and customised Sentinel integration engineering. This role offers opportunities to ingest complex logs from various cloud and data sources and to learn and adapt as you go. The Role You'll own More ❯

Job Description Short Description Our client is looking for a skilled and experienced Sentinel Engineer to join their cybersecurity team Bullet Points Fully remote if the candidate stays further than 80 miles from Maidenhead £60-80k neg per annum + benefits + bonus Minimum of 10 yrs engineering, with 5+ years in cybersecurity engineering This role is … will be a key MSS team member. You will be responsible for deploying, configuring and managing security solutions within the Microsoft Defender suite, Microsoft Purview, Microsoft Entra ID (Azure AD), Intune, and Privileged Management (PIM). You will be skilled in tuning, optimising, and troubleshooting Microsoft security solutions to counter new threats, ensure smooth business operations, and establish … of experience in cyber security with a focus on Microsoft security products. Hands-on expertise in Microsoft Defender (MDE, MDO, MDI, MDCA, MDC), Microsoft Purview, Microsoft Entra ID (Azure AD), Intune, PIM, and B2B access configurations (GDAP, Cross-Tenant Access, Lighthouse). Strong understanding of Windows, Azure, and M365 security architectures. Knowledge of security monitoring and More ❯

five years working in an Infrastructure Services role, preferably in structured, managed ICT service environments in a senior engineering capacity - SC Clearance/Ability to gain SC Clearance - Azure networking (private endpoints, Azure firewalls, VPNs, IP Groups etc) - Monitoring/Alerting/log Analytics - Azure AD (Entra)/Local AD - Windows Server, Active Directory … scripting and automation - SD-WAN - SAN Storage: (e.g., HPE Nimble) - Microsoft Windows Server OS - IaaS (Windows/Linux) Desirable experience - IT/Related Degree - Microsoft O365 Administrator - Microsoft Azure Administrator - CCNA - MCSA/MCSE - ITIL Foundation V3+ - AWS - Sentinel - Logic Apps - API Mgmt. gateways - Intune and Autopilot - Application Proxies - Data management Gateways - Microsoft Data Protection Manager More ❯

filtering, etc.) Perform vulnerability scans and recommend remediation Deliver client security assessments and reports Support compliance initiatives (ISO 27001, Cyber Essentials, etc.) Tech Environment: Microsoft 365 Defender, Intune, Azure Security Center Firewalls: Palo Alto, Fortinet, SonicWall SIEM: Sentinel, Splunk, or equivalent EDR/XDR solutions (Sophos, CrowdStrike, Defender) Scripting knowledge (PowerShell preferred) What We’re Looking More ❯

filtering, etc.) Perform vulnerability scans and recommend remediation Deliver client security assessments and reports Support compliance initiatives (ISO 27001, Cyber Essentials, etc.) Tech Environment: Microsoft 365 Defender, Intune, Azure Security Center Firewalls: Palo Alto, Fortinet, SonicWall SIEM: Sentinel, Splunk, or equivalent EDR/XDR solutions (Sophos, CrowdStrike, Defender) Scripting knowledge (PowerShell preferred) What We’re Looking More ❯

filtering, etc.) Perform vulnerability scans and recommend remediation Deliver client security assessments and reports Support compliance initiatives (ISO 27001, Cyber Essentials, etc.) Tech Environment: Microsoft 365 Defender, Intune, Azure Security Center Firewalls: Palo Alto, Fortinet, SonicWall SIEM: Sentinel, Splunk, or equivalent EDR/XDR solutions (Sophos, CrowdStrike, Defender) Scripting knowledge (PowerShell preferred) What We’re Looking More ❯

filtering, etc.) Perform vulnerability scans and recommend remediation Deliver client security assessments and reports Support compliance initiatives (ISO 27001, Cyber Essentials, etc.) Tech Environment: Microsoft 365 Defender, Intune, Azure Security Center Firewalls: Palo Alto, Fortinet, SonicWall SIEM: Sentinel, Splunk, or equivalent EDR/XDR solutions (Sophos, CrowdStrike, Defender) Scripting knowledge (PowerShell preferred) What We’re Looking More ❯