13 of 13 Azure Sentinel Jobs in the South East

will evaluate application-generated logs, develop threat detection strategies, and report findings to the Information Security team. This role requires deep expertise in Microsoft Azure security tools, log analytics, and automation to enhance the customer’s application anomaly detection capabilities. Key Responsibilities: Develop detailed threat models tailored … large portfolio of applications with varying threat categories. Analyze logs generated by applications using Azure Log Analytics and Azure Sentinel to identify anomalies and potential threats. Design, build, and maintain KQL queries to extract and correlate security-relevant data from logs. Implement automated alerting ...

broad technical knowledge of a wide range of solutions such as ConnectWise, RMM systems (Asio/Addigy), Mac & Windows OS, Active Directory/Azure Active Directory, Virtual machines (Oracle & Hyper-V), Mac & Windows hardware build/deployment, printers/peripherals, cloud services (Microsoft 365, Google Workspace, Dropbox), Microsoft ...

investment bank based in London. *Inside IR35 - 3 days a week on-site** Key Responsibilities SIEM Management & Optimization: Design, implement, and maintain Microsoft Sentinel workspaces, connectors, analytics rules, and playbooks Develop advanced KQL queries for threat hunting and reporting Optimize SIEM performance, cost, and data retention policies Troubleshoot … further details - Alex Reeder Harvey Nash 3+ years in a Security Engineer, SOC Analyst, or similar role Hands-on experience with Microsoft Sentinel and KQL Strong knowledge of Active Directory, Windows/Linux systems, and cloud platforms (Azure, AWS, GCP) Proficiency in scripting (PowerShell, Python) Familiarity ...

helping optimise IT systems and services. This is an exciting opportunity to work with a broad tech stack including Windows, Microsoft 365, Azure, networking tools, and security platforms. To thrive as an IT Support Advisor , you must have hands-on experience with Windows 10/11, Active Directory ...

from you.Experience2-4 years' experience in cloud security, pre-sales engineering, technical consulting, or security operations.Exposure to at least one major cloud provider (Azure, AWS, or GCP), with a willingness to broaden your expertise.Understanding of hybrid and on-premise security concepts.Awareness of key frameworks such … PlatformsExperience with some of the following is helpful (not all required):Microsoft Defender for Cloud, AWS Security Hub, GuardDuty, GCP Security Command Center.Microsoft Sentinel, AWS CloudTrail, Config, KMS, GCP Cloud Logging.CSPM: Prisma Cloud, Wiz, Orca, Lacework, CloudGuard.CIEM: SailPoint, Saviynt, Veza.Identity & Access ManagementAzure AD/Entra ...

Previously worked as a Threat Detection Engineer or in a similar role. Must have strong expertise in KQL. Hands-on experience with Microsoft Sentinel and Defender (Endpoint, Office 365). Familiarity with Microsoft Entra ID, including Identity Governance. Experience with Microsoft Purview, particularly DLP and data protection tools. … Exposure to cloud-native logging in Azure and Kubernetes environments. Understanding of “detection as code” or “everything as code” approaches, including CI/CD pipelines. Experience working with or alongside MSP SOC teams. Awareness of Agile methodologies and ways of working. Knowledge of attacker TTPs, threat modelling ...

Previously worked as a Threat Detection Engineer or in a similar role. Must have strong expertise in KQL. Hands-on experience with Microsoft Sentinel and Defender (Endpoint, Office 365). Familiarity with Microsoft Entra ID, including Identity Governance. Experience with Microsoft Purview, particularly DLP and data protection tools. … Exposure to cloud-native logging in Azure and Kubernetes environments. Understanding of “detection as code” or “everything as code” approaches, including CI/CD pipelines. Experience working with or alongside MSP SOC teams. Awareness of Agile methodologies and ways of working. Knowledge of attacker TTPs, threat modelling ...

government organisation to recruit a Principal Cyber Security Engineer on a 2-year FTC. The role requires someone with a strong background in Azure infrastructure, as well as AWS experience and Windows Server knowledge. Key Responsibilities: Technically Proficient Implementing Security Controls Administration of SIEM tools and Security Controls … Sentinel, Defender, DarkTrace) Incident Response Security Operations Centre Vulnerability Management & Reporting Continuous Improvement Training & Awareness Secure Architecture Support Compliance and Framework Alignment Essential Skills: Experience with Microsoft Sentinel, Microsoft Defender for Endpoint/Cloud SIEM tools, threat intelligence platforms, and vulnerability management Technical experience securing Microsoft ...

security operations Key Skills & Experience 1–2 years’ experience in a SOC Analyst or security monitoring role Experience working with SIEM platforms (Microsoft Sentinel beneficial) Understanding of common cyber threats and attacker techniques Exposure to Microsoft security technologies such as Defender or Azure security tools Strong ...

managing a junior Security Analyst, within a wider infrastructure team managing the day to day IT environment. Our client is working in an Azure/M365 environment, so it is likely that your experience will reflect the Microsoft Security stack with tools such as Sentinel … security frameworks, such as PCI-DSS, GDPR and Cyber Essentials Technical skillset within the Microsoft Security Stack, including the likes of Sentinel, Defender and E5 Ability to manage and mentor a junior security analyst, acting as a technical point of escalation when needed Able to support ...

Hemel Hempstead | Up to £65K | SC Cleared/EligibleA great role for a hands-on SOC Engineer with solid SIEM skills (Sentinel or Splunk) to join a small, tight-knit team of 5. You’ll be working on high-impact client environments, making sure monitoring and protective tooling … Engineering work with scope to grow your career. As the SOC Engineer, you will: Installing, configuring and supporting SOC tooling Managing SIEM platforms (Sentinel or Splunk) Building SIEM platforms Supporting threat intel, malware and security monitoring platforms Working with teams to assess risks, improve controls and apply changes ...

expanding its cyber security team and is looking for a Senior Cyber Security Engineer to help strengthen security across a hybrid infrastructure and Azure environment. This role sits within the prevent and protect pillar of the cyber function , focusing on implementing security controls and improving the organisation … into platforms, projects and cloud services across the business. What you will be doing Improving security across a hybrid infrastructure environment that includes Azure and on premise systemsDesigning and implementing security controls across identity, endpoint and infrastructure platformsSupporting infrastructure and technology projects by providing practical security guidanceStrengthening Azure ...

Cisco Nexus Switching, ASA/Firepower Fortinet (ideally certified), Check Point (CCSE/CCSM), Palo Alto Load balancing technologies AWS and/or Azure VMware (ESXi, vSAN) Windows & Linux Servers Network monitoring tools SIEM tooling (Defender/Sentinel) ITIL exposure (incident/change management) Server rack ...