1 to 25 of 43 Azure Sentinel Jobs in the UK

fixed-term contract paying £70,000 , offering full remote flexibility across the UK. The Opportunity You'll play a key role in stabilising and strengthening Microsoft 365 and Azure environments through a period of change. The role blends technical delivery with stakeholder engagement - you'll be as comfortable securing systems as you are guiding … users through new policies and controls. What You'll Be Doing Delivering and maintaining security across Microsoft 365 and Azure . Building and tuning detections in Microsoft Sentinel . Managing patching, malware protection, and vulnerability remediation . Supporting Cyber Essentials Plus and ongoing compliance programmes. Documenting changes, maintaining governance, and ensuring minimal disruption. Mentoring a service … desk engineer stepping into cyber security. What You'll Bring Strong experience with Microsoft 365 security, Defender, Intune, and Azure AD/Entra ID . Working knowledge of Azure Sentinel (SIEM) and KQL. Solid understanding of patch management and endpoint security. Previous involvement in Cyber Essentials Plus or ISO27001 accreditation. Clear communication skills, able More ❯

Knowledge of additional log forwarding/processing tools (e.g. Elastic Agent, Fluentd). Exposure to vulnerability management and threat intelligence platforms such as OpenCTI. Qualifications: Expert knowledge of Azure & Sentinel Proven experience as a Cyber Analyst with a focus on Security Operations. Strong expertise in using Elastic Stack, including Elasticsearch, Logstash, and Kibana. Familiarity with other More ❯

environment. Excellent communication and stakeholder engagement skills. Certifications (Preferred): CISSP, GIAC (GCIA/GCIH/GCFA), SC-200, or equivalent. Cloud Experience: Exposure to AWS and/or Azure environments. Security Clearance: You must hold, or be eligible to obtain, SC Clearance . Reference: ODI/N/SOC #oddi More ❯

forward to ensure the business makes the full use of the collaboration tools (Teams, SharePoint etc.). A good knowledge of the security features of 365 (Entra/Azure AD) is required to ensure the business leverages the maximum potential of cyber hygiene and GDPR best practice Understanding the importance of Identity Threat Management Experience or understanding of More ❯

Microsoft Sentinel Engineer Up to £70,000 DOE Remote – MUST be UK based Are you an experienced Microsoft Sentinel Engineer ready to take ownership of advanced security projects? Do you have strong 3rd-line level experience across Microsoft, Azure, networking, and cloud security? Would you like to join a fast-growing global consultancy where … The team currently numbers around 15 within a 60-person business and is expanding fast including the recent onboarding of a major financial services client. As a Microsoft Sentinel Engineer, you will design, implement, and optimise Sentinel solutions across enterprise environments. You will connect multiple data sources, write complex KQL queries, build automation playbooks, and work … combines engineering depth with real client interaction ideal for someone who enjoys both hands-on work and architectural thinking. What You Will Be Doing Design, configure, and deliver Sentinel SIEM solutions for enterprise clients. Develop and optimise automation rules, playbooks, and runbooks using Logic Apps and Power Automate. Write and fine-tune Kusto Query Language (KQL) queries to More ❯

Microsoft Sentinel Engineer Up to £70,000 DOE Remote – MUST be UK based Are you an experienced Microsoft Sentinel Engineer ready to take ownership of advanced security projects? Do you have strong 3rd-line level experience across Microsoft, Azure, networking, and cloud security? Would you like to join a fast-growing global consultancy where … The team currently numbers around 15 within a 60-person business and is expanding fast including the recent onboarding of a major financial services client. As a Microsoft Sentinel Engineer, you will design, implement, and optimise Sentinel solutions across enterprise environments. You will connect multiple data sources, write complex KQL queries, build automation playbooks, and work … combines engineering depth with real client interaction ideal for someone who enjoys both hands-on work and architectural thinking. What You Will Be Doing Design, configure, and deliver Sentinel SIEM solutions for enterprise clients. Develop and optimise automation rules, playbooks, and runbooks using Logic Apps and Power Automate. Write and fine-tune Kusto Query Language (KQL) queries to More ❯

to support a leading government client . The role is based in London and will need 2/3 days on site.Im looking for someone that has recent Sentinel and Defender experience and is a SME in this area Background skills required. • Policy Enforcement: Implement Conditional Access, MFA, and DLP policies. Maintain security posture using Secure Score and … of workload. • PowerShell Scripting: Automate routine tasks and configurations across O365 services • Policy Development: Support creation and enforcement of Council-wide O365 usage policies • Configure and maintain Sentinel workspaces aligned with Council tenancy and compliance requirements. • Integrate data sources including Defender for Endpoint, Defender for Identity, Office 365 audit logs, Azure AD, and third-party connectors. … Develop and implement playbooks and alert rules for automated incident response. • Collaborate with the Service Desk to triage and escalate Sentinel alerts. • Administer and maintain Microsoft 365 services including Exchange online, Exchange on prem and managing hybrid setup. • Administer and optimise Microsoft Defender XDR solutions including Defender for Cloud Apps, Defender for Office 365, and Defender for Identity. More ❯

and experienced Detection Engineer to expand our Managed Security Service Provider (MSSP) team. You will be responsible for developing and maturing detection coverage across our MSS customers (Splunk, Azure Sentinel, Chronicle SIEM). For this particular role we're primarily looking for someone with Sentinel detection engineering experience. Requirements This role sits within our …/YARA-L) Strong knowledge of scripting languages such as Python, Go or Shell Knowledge of Infrastructure as Code (IaC) tools e.g. bicep Experience with cloud platforms (AWS, Azure, GCP). Benefits What's in it for you? Our vision is to create a safe, inclusive digital world where people and organisations can thrive. Our values of Do More ❯

Proven experience in a 3rd Line/Senior Engineer role within an MSP or security-focused IT environment, supporting multiple clients and environments. Strong knowledge of Microsoft technologies (Azure, Microsoft 365, SharePoint, Intune/Entra) with a focus on security configuration, hardening and monitoring. In-depth understanding of networking, firewalls, VPNs, Windows Server, Active Directory and hybrid cloud … improvement of client security posture. Mentorship and leadership experience, providing cybersecurity guidance to junior engineers and Service Desk teams. Cyber Security & Centralised Services Manager - Desirable Certifications: Microsoft Certified: Azure Administrator/Solutions Expert CompTIA Security+, CISSP, CISM or equivalent cybersecurity qualification ITIL Foundation Vendor-specific certifications (Fortinet, SentinelOne, Datto, Mimecast, Huntress, etc.) Why Join the Company: Be part More ❯

hunt for threats, and enjoy taking ownership of complex challenges this role is for you. What Youll Do Lead on threat detection, hunting, and incident response, working with Azure/Defender, Sentinel, and third-party SOCs. Investigate alerts and coordinate responses with internal IT teams and external managed SOCs. Continuously monitor, enhance, and report on security … with ISO27001, GDPR, Cyber Essentials Plus, and other regulatory frameworks. What Were Looking For Proven experience in Cyber Security, Threat Intelligence, or SOC environments. Hands-on experience with Azure Security Center, Microsoft Sentinel, Defender ATP, M365 Security & Compliance, and KQL scripting. Knowledge of frameworks such as MITRE ATT&CK, NIST, CIS, NCSC, and Security Scorecard. Understanding More ❯

Workplace roadmap aligned with business goals. Lead technology selection and integration (e.g., Microsoft 365, Teams, Intune, Citrix). Manage Unified Endpoint Management (UEM) using Microsoft Intune, SCCM, and Azure AD. Oversee device lifecycle management, including provisioning, patching, and retirement (laptops, desktops, mobile, peripherals). Deploy and manage Azure Virtual Desktop (AVD) for remote and hybrid workforces. … Utilise Azure Autopilot for device provisioning and configuration. Integrate Azure Monitor, Log Analytics, and Sentinel for endpoint visibility and security. Leverage Azure AD Conditional Access and Identity Protection for secure access. Collaborate with InfoSec to enforce endpoint security policies. Ensure compliance with GDPR, ISO 27001, and internal governance. Lead initiatives to improve … Digital Experience Monitoring (DEM) tools. Administer and optimise Microsoft 365 ecosystem (Exchange, SharePoint, OneDrive). Drive adoption of collaboration platforms (Teams, Slack, Zoom). Integrate VDI solutions (Citrix, Azure Virtual Desktop) for remote access. Automate account provisioning via Azure AD and HR system integration. Assign appropriate roles and group memberships based on job function. Provision access More ❯

detection/prevention systems, endpoint protection, SIEM, and identity management platforms. Implement secure network architecture and enforce segmentation and least-privilege access controls. Support secure cloud environments across Azure, AWS, or GCP (e.g., IAM, security groups, encryption, KMS). Threat Detection & Incident Response Monitor and analyze security alerts and network traffic for threats or suspicious activity. Lead or … Computer Science, Networking, or a related field. Experience: 3+ years’ experience in cybersecurity, network engineering, or IT infrastructure security roles. Certifications (Preferred): CompTIA Security+, CEH, OSCP, CISSP, CCSP, Azure/AWS security certifications. Skills & Competencies Strong knowledge of network security (TCP/IP, VPNs, DNS, firewalls). Experience with SIEM tools (e.g., Splunk, Sentinel, QRadar) and More ❯

authority and governance for the effective use of technical security controls across the firm Act as an escalation point for threat hunting and security incidents Investigate alerts from Azure/Defender, IT monitoring systems, and 3rd-party SOC, helping to ensure critical assets remain secure Manage supplier relationships, report on control effectiveness, and support compliance with ISO … GDPR, and Cyber Essentials Plus Technology NIST, CIS, NCSC, Mitre Att&ck, Security Scorecard, M365/Azure Security Center Azure Security Center, SIEM, Defender ATP, M365 Security, Data Compliance and Governance, PIM & PAM Zscaler (ZTNA), Darktrace, Firewalls, NAC, Network segregation, remote access & wireless technologies Windows & KQL (MS Sentinel) scripting Cloud computing (IaaS, PaaS, SaaS More ❯

re working on an exciting opportunity with one of our clients with a rapidly transforming technical environment with lots of investment. They're looking to bring in an Azure Cyber Security Analyst to help drive their mission forward by protecting critical systems and embedding a robust security culture throughout the business. Key responsibilities for the Azure Cyber Security Analyst: As an Azure Cyber Security Analyst, you'll join a collaborative and multi-disciplinary security team that works across operations, assurance, and governance. This is a highly cross-functional role, perfect for someone with broad security expertise who enjoys variety and continual development. As the Azure Cyber Security Analyst y ou … wi ll take the lead on: Driving the use of Azure Cloud based security tools such as Defender and Sentinel Configure and manage alerts through Defender First and second line security operations, including vulnerability management Investigating and responding to security incidents Ensuring policies and procedures remain aligned to industry best practice Promoting security awareness and education More ❯

re working on an exciting opportunity with one of our clients with a rapidly transforming technical environment with lots of investment. They're looking to bring in an Azure Cyber Security Analyst to help drive their mission forward by protecting critical systems and embedding a robust security culture throughout the business. Key responsibilities for the Azure Cyber Security Analyst: As an Azure Cyber Security Analyst, you'll join a collaborative and multi-disciplinary security team that works across operations, assurance, and governance. This is a highly cross-functional role, perfect for someone with broad security expertise who enjoys variety and continual development. As the Azure Cyber Security Analyst y ou … wi ll take the lead on: Driving the use of Azure Cloud based security tools such as Defender and Sentinel Configure and manage alerts through Defender First and second line security operations, including vulnerability management Investigating and responding to security incidents Ensuring policies and procedures remain aligned to industry best practice Promoting security awareness and education More ❯

compliance needs. Develop and present tailored SIEM architecture and design strategies, ensuring alignment with client goals and industry best practices. Recommend the best-fit SIEM platform (e.g., Splunk, Sentinel, CS) based on client requirements, budget, and existing security infrastructure. SIEM Implementation & Configuration: Lead the design and configuration of SIEM solutions, ensuring integration with client systems and optimizing for … consulting, with the ability to communicate complex technical concepts clearly and effectively to clients. Technical Expertise Hands-on experience with at least one major SIEM platform (e.g. Splunk, Sentinel or QRadar) and familiarity with cloud security tools such as AWS GuardDuty, Azure Security Center, or Google Cloud Security. Background in client-facing roles or consulting, with More ❯

standards. Required Experience/Skills: 5 years’ experience in a SOC, security engineering, or cyber operations role. Strong hands-on experience with SIEM or EDR platforms (e.g., Microsoft Sentinel, Splunk, Defender, CrowdStrike, Elastic). Expertise in building and tuning detection rules, dashboards, and automation playbooks. Proficiency in scripting or automation (KQL, PowerShell, Python, or similar). Knowledge of … log management, APIs, data normalisation, and cloud security (Azure, AWS, or M365). Solid understanding of network, system, and identity security fundamentals. Excellent problem-solving skills and a passion for continuous improvement. Experience with SOAR platforms (e.g., Microsoft Sentinel Automation, Cortex XSOAR, Splunk SOAR). Knowledge of MITRE ATT&CK mapping and detection engineering frameworks. Infrastructure More ❯

Active Directory, Hyper-V and high availability failover clustering Microsoft Data Protection Manager PowerShell scripting and automation All round Microsoft Cloud Operations engineer Cloud Services, IaaS, PaaS, Microsoft Azure, including Site recovery (ASR) and M365, Exchange Online, OneDrive, Teams Azure networking (private endpoints, Azure firewalls, VPNs, IP Groups etc) Operations systems, Windows Desktop, Windows … Server and Linux Monitoring/Alerting/log Analytics, Sentinel Logic Apps API Management gateways Azure Application Proxies You must be eligible for security clearance living in the UK as a British Citizen. What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy More ❯

Active Directory, Hyper-V and high availability failover clustering Microsoft Data Protection Manager PowerShell scripting and automation All round Microsoft Cloud Operations engineer Cloud Services, IaaS, PaaS, Microsoft Azure, including Site recovery (ASR) and M365, Exchange Online, OneDrive, Teams Azure networking (private endpoints, Azure firewalls, VPNs, IP Groups etc) Operations systems, Windows Desktop, Windows … Server and Linux Monitoring/Alerting/log Analytics, Sentinel Logic Apps API Management gateways Azure Application Proxies You must be eligible for security clearance living in the UK as a British Citizen. What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy More ❯

Active eDV REQUIRED Key Responsibilities Lead the design, configuration, and delivery of SIEM, SOAR, and XDR platforms (e.g., Microsoft Sentinel, IBM QRadar, CrowdStrike Falcon). Architect and deploy cloud security solutions across Azure and AWS environments. Manage and optimise vulnerability management tools (e.g., Tenable.SC, Rapid7, Qualys). Support the development and operation of Cyber Security Operations … cross-functional teams to resolve security issues. Essential Skills & Experience Proven experience (10+ years) in Cyber Security Engineering, Architecture, or Operations . Strong background in Microsoft Security Stack (Sentinel, Defender, SOAR). Hands-on experience with CrowdStrike XDR , Tenable , Rapid7 , Qualys , and ForcePoint . Deep understanding of Cisco, Check Point, and Juniper network security. Expertise in cloud security … Azure & AWS) . Demonstrated success leading or building CSOCs or security programmes . Strong documentation and design skills (HLD/LLD). Excellent communication, stakeholder management, and project leadership. Certifications (Highly Desirable) CISM - Certified Information Security Manager Microsoft Certified: Azure Security Engineer CCNP/CCIE (Security/R&S) CCSA/CCSE (Checkpoint) JNCIA (Juniper) CEH More ❯

defence, helping to design and deliver solutions that strengthen resilience and enable smarter security operations. You will: Architect & Design : Build and evolve secure frameworks using Microsoft Security (Defender, Sentinel, Purview, Entra) and integrate Qualys vulnerability management for continuous threat detection and remediation. Automate & Innovate: Lead the charge on automation (SOAR, IaC, workflow automation) and embed Gen AI into … Expert, AZ-500, etc.). Strategic mindset, strong communication skills, and a passion for emerging tech. The following would also be of interest: Certifications in automation/cloud (Azure Solutions Architect, Terraform, GIAC), vulnerability management (Qualys, ISO 27001, NIST). Experience with SOAR, SIEM, XDR, and cloud-native security (especially Azure). Pre-sales or solution More ❯

experience developing Python scripts/systems Experience working directly with software engineering best practices: source control, unit testing, code reviews, design documentation, excellent debugging, troubleshooting skills. Experience with Azure (ideally), AWS or GCP, Docker, Kubernetes, and Helm. Experience of operationally managing software components once live, including; observability, logging, metrics, error reporting, debugging and live incident management. Experience with … Microsoft Sentinel, Microsoft's Defender and Purview suites and Microsoft Entra. Experience of SOAR tooling and automating security capabilities and operations. Experience in Threat Modelling. Ability to communicate with stakeholders and audiences outside your own team. Exposure to Agile working. Experience working in/with cross-functional teams consisting of engineers, product, UX and non-technical stakeholders. Desire More ❯

expert guidance across IT projects and infrastructure. Operational Oversight: Define and deploy control baselines, templates, and standards. Tooling & Effectiveness: Manage and monitor security operations tools such as Defender, Sentinel, Tenable, and CASB. Incident Response: Lead triage, coordinate crisis responses, and oversee post-incident reviews. Documentation & Governance: Maintain hardening guides, architecture diagrams, and lead working groups. Cross-Regional Alignment … in Information Security. Certifications such as Security+, CEH, CySA+, or Cloud Security Engineer. Extensive experience in cybersecurity, especially incident response and technical operations. Strong understanding of AWS and Azure cloud platforms. Familiarity with frameworks like NIST, ISO, COBIT, and OWASP. Proven success in leading and delivering security projects. Experience with PowerShell and automation. Consulting experience across IT and More ❯

expert guidance across IT projects and infrastructure. Operational Oversight: Define and deploy control baselines, templates, and standards. Tooling & Effectiveness: Manage and monitor security operations tools such as Defender, Sentinel, Tenable, and CASB. Incident Response: Lead triage, coordinate crisis responses, and oversee post-incident reviews. Documentation & Governance: Maintain hardening guides, architecture diagrams, and lead working groups. Cross-Regional Alignment … in Information Security. Certifications such as Security+, CEH, CySA+, or Cloud Security Engineer. Extensive experience in cybersecurity, especially incident response and technical operations. Strong understanding of AWS and Azure cloud platforms. Familiarity with frameworks like NIST, ISO, COBIT, and OWASP. Proven success in leading and delivering security projects. Experience with PowerShell and automation. Consulting experience across IT and More ❯

support efforts to retain security accreditations Required skills and experience of the Operations Analyst Broad experience as a Microsoft-focused Cloud Engineer or Operations Analyst Strong knowledge of Azure services, including IaaS, PaaS, ASR, and M365 (Exchange Online, Teams, OneDrive) Understanding of Azure networking components: private endpoints, Azure Firewall, VPNs, IP Groups Experience working … with Windows Server, Windows Desktop, and Linux environments Windows Server, Active Directory, Hyper-V PowerShell for automation and scripting. Experience with monitoring tools, Log Analytics, Sentinel and alerting platforms Familiarity with Logic Apps, API Management, and Azure Application Proxy Strong knowledge of LAN/WAN technologies including switching, routing, firewalls, MPLS, VRF, SD-WAN and DNS More ❯