1 to 25 of 61 Azure Sentinel Jobs in the UK

risk assessments, manage audits, and ensure compliance with GDPR and ISO 27001. Oversee security operations, including monitoring, threat detection, and incident response. Manage security tools and processes: SIEM (Azure Sentinel), firewalls, endpoint protection, and identity management. Ensure secure configuration, patch management, and vulnerability remediation. Lead incident response and recovery, including investigations and post-incident reviews. Deliver … Skills/Technologies- 3-7+ years in cybersecurity, IT security, or risk management. Strong knowledge of cybersecurity frameworks (Cyber Essentials, ISO 27001). Hands-on experience with: Azure Sentinel and other SIEM tools Microsoft 365 security Azure-hosted environments Proven ability in incident response, compliance programs, and risk management. More ❯

enabling their team to excel in their roles. Your new role This is a cloud-focused infrastructure position where your primary responsibility will be supporting and enhancing the Microsoft Azure environment. You'll play a key role in designing and deploying secure, resilient Azure infrastructure and services that underpin the organisation's operations. Your day-to … day work will involve managing and administering a wide range of Azure resources, including compute, storage, networking, identity, and security services. You'll also be responsible for automating infrastructure provisioning, using Infrastructure as Code tools such as Terraform or ARM templates, to ensure efficiency and consistency across deployments. Monitoring the performance and availability of cloud services will be … remediation, and system hardening processes, ensuring that the cloud environment remains robust and secure. In addition, you'll support the migration of workloads from on-premises infrastructure to Azure, helping the organisation take full advantage of cloud capabilities. Maintaining robust disaster recovery and backup strategies across all Azure environments will also be a key focus, ensuring More ❯

profile client based in Central Cardiff. This key leadership and technical role is responsible for the strategic and hands-on management of the organization's Microsoft 365 and Azure security environments . The successful candidate will combine deep technical expertise with leadership skills to ensure the robust protection of corporate data, systems, and identities, driving a Zero Trust … take charge of incident management and response to all security events and breaches. Also responsible for vendor security assessments. Identity & Access Management (IAM): Expertly manage Microsoft Entra ID (Azure AD), implementing Conditional Access and Zero Trust principles, and managing PIM/JIT access, MFA, and passwordless authentication. Microsoft 365 Security: Configure and monitor the entire Microsoft 365 Defender … Suite, implement DLP/AIP, manage Microsoft Purview for governance and compliance, and secure SharePoint, OneDrive, and Teams. Azure Security Engineering: Design and implement security controls including RBAC, Managed Identities, Network Security Groups, Azure Firewall, Key Vaults, and compliance frameworks using Azure Policy/Blueprints. Threat Detection & Incident Response: Utilize Microsoft Sentinel More ❯

fixed-term contract paying £70,000 , offering full remote flexibility across the UK. The Opportunity You'll play a key role in stabilising and strengthening Microsoft 365 and Azure environments through a period of change. The role blends technical delivery with stakeholder engagement - you'll be as comfortable securing systems as you are guiding … users through new policies and controls. What You'll Be Doing Delivering and maintaining security across Microsoft 365 and Azure . Building and tuning detections in Microsoft Sentinel . Managing patching, malware protection, and vulnerability remediation . Supporting Cyber Essentials Plus and ongoing compliance programmes. Documenting changes, maintaining governance, and ensuring minimal disruption. Mentoring a service … desk engineer stepping into cyber security. What You'll Bring Strong experience with Microsoft 365 security, Defender, Intune, and Azure AD/Entra ID . Working knowledge of Azure Sentinel (SIEM) and KQL. Solid understanding of patch management and endpoint security. Previous involvement in Cyber Essentials Plus or ISO27001 accreditation. Clear communication skills, able More ❯

reporting for stakeholders. Identify automation and workflow enhancements. Essential Skills Strong experience with Microsoft Defender platforms. Incident investigation skills across endpoint, identity, and cloud. Understanding of Microsoft 365, Azure, and Zero Trust. Skilled in ASR rules, AV baselines, and KQL analytics. Desirable Skills Experience with Microsoft Sentinel. Understanding of MITRE ATT and CK. Exposure to red team activities. More ❯

forward to ensure the business makes the full use of the collaboration tools (Teams, SharePoint etc.). A good knowledge of the security features of 365 (Entra/Azure AD) is required to ensure the business leverages the maximum potential of cyber hygiene and GDPR best practice Understanding the importance of Identity Threat Management Experience or understanding of More ❯

Analyst Are you passionate about building secure cloud environments and driving proactive security solutions? We re looking for a highly skilled Information Security Analyst with strong expertise in Azure cloud security, Microsoft Sentinel, and Tenable to join a growing security team. As an Information Security Analyst, you will play a key role in safeguarding cloud environments. … organisation. This is a hands-on role suited to someone who enjoys solving complex security challenges and driving continuous improvement. Key Responsibilities Lead the design and implementation of Azure security best practices, policies, and controls. Manage and optimise Microsoft Sentinel SIEM, including rule creation, use-case development, automation, and threat hunting. Oversee vulnerability management activities using … Continuously assess cloud environments for misconfigurations, threats, and compliance gaps. Prepare security reports, dashboards, and metrics for leadership and stakeholders. Skills & Experience Required Strong hands-on experience with Azure Security Centre, Azure AD, Defender for Cloud, and cloud security architecture. Proven expertise in Microsoft Sentinel SIEM administration, threat detection, and automation (KQL experience desirable More ❯

Analyst Are you passionate about building secure cloud environments and driving proactive security solutions? We’re looking for a highly skilled Information Security Analyst with strong expertise in Azure cloud security, Microsoft Sentinel, and Tenable to join a growing security team. As an Information Security Analyst, you will play a key role in safeguarding cloud environments. … organisation. This is a hands-on role suited to someone who enjoys solving complex security challenges and driving continuous improvement. Key Responsibilities Lead the design and implementation of Azure security best practices, policies, and controls. Manage and optimise Microsoft Sentinel SIEM, including rule creation, use-case development, automation, and threat hunting. Oversee vulnerability management activities using … Continuously assess cloud environments for misconfigurations, threats, and compliance gaps. Prepare security reports, dashboards, and metrics for leadership and stakeholders. Skills & Experience Required Strong hands-on experience with Azure Security Centre, Azure AD, Defender for Cloud, and cloud security architecture. Proven expertise in Microsoft Sentinel SIEM administration, threat detection, and automation (KQL experience desirable More ❯

Analyst Are you passionate about building secure cloud environments and driving proactive security solutions? We’re looking for a highly skilled Information Security Analyst with strong expertise in Azure cloud security, Microsoft Sentinel, and Tenable to join a growing security team. As an Information Security Analyst, you will play a key role in safeguarding cloud environments. … organisation. This is a hands-on role suited to someone who enjoys solving complex security challenges and driving continuous improvement. Key Responsibilities Lead the design and implementation of Azure security best practices, policies, and controls. Manage and optimise Microsoft Sentinel SIEM, including rule creation, use-case development, automation, and threat hunting. Oversee vulnerability management activities using … Continuously assess cloud environments for misconfigurations, threats, and compliance gaps. Prepare security reports, dashboards, and metrics for leadership and stakeholders. Skills & Experience Required Strong hands-on experience with Azure Security Centre, Azure AD, Defender for Cloud, and cloud security architecture. Proven expertise in Microsoft Sentinel SIEM administration, threat detection, and automation (KQL experience desirable More ❯

Security Analyst Are you passionate about building secure cloud environments and driving proactive security solutions? Were looking for a highly skilled Information Security Analyst with strong expertise in Azure cloud security, Microsoft Sentinel, and Tenable to join a growing security team. As an Information Security Analyst, you will play a key role in safeguarding cloud environments. … organisation. This is a hands-on role suited to someone who enjoys solving complex security challenges and driving continuous improvement. Key Responsibilities Lead the design and implementation of Azure security best practices, policies, and controls. Manage and optimise Microsoft Sentinel SIEM, including rule creation, use-case development, automation, and threat hunting. Oversee vulnerability management activities using … Continuously assess cloud environments for misconfigurations, threats, and compliance gaps. Prepare security reports, dashboards, and metrics for leadership and stakeholders. Skills & Experience Required Strong hands-on experience with Azure Security Centre, Azure AD, Defender for Cloud, and cloud security architecture. Proven expertise in Microsoft Sentinel SIEM administration, threat detection, and automation (KQL experience desirable More ❯

Engineering. This is a hybrid role at London office with a requirement to be in the office based on the business need. The Role: Agentic AI for Security & Sentinel Advanced Capabilities Lead the adoption and integration of Agentic AI for Security to enable autonomous threat detection, adaptive response, and continuous security posture improvement. Architect and optimise Microsoft Sentinel for SIEM, UEBA, and threat intelligence integration, leveraging Microsoft Sentinel Model Context Protocol (MCP) for advanced context-aware analytics and automation. Develop and maintain security analytics and data pipelines within Sentinel Data Lake to support large-scale threat detection, incident response, and threat hunting, while optimizing cost and enabling Agentic AI-driven security operations. … Integrate and automate security workflows using Microsoft Sentinel Graph for unified threat intelligence, incident correlation, and automated response. Microsoft Cloud Security Architecture & Strategy Design and implement Microsoft Cloud Security Architectures for Azure, AWS, OCI, GCP and hybrid cloud environments. Ensure Defender XDR and Defender for Cloud are optimised for advanced threat detection and response. Develop enterprise More ❯

Microsoft Sentinel Engineer Up to £70,000 DOE Remote – MUST be UK based Are you an experienced Microsoft Sentinel Engineer ready to take ownership of advanced security projects? Do you have strong 3rd-line level experience across Microsoft, Azure, networking, and cloud security? Would you like to join a fast-growing global consultancy where … The team currently numbers around 15 within a 60-person business and is expanding fast including the recent onboarding of a major financial services client. As a Microsoft Sentinel Engineer, you will design, implement, and optimise Sentinel solutions across enterprise environments. You will connect multiple data sources, write complex KQL queries, build automation playbooks, and work … combines engineering depth with real client interaction ideal for someone who enjoys both hands-on work and architectural thinking. What You Will Be Doing Design, configure, and deliver Sentinel SIEM solutions for enterprise clients. Develop and optimise automation rules, playbooks, and runbooks using Logic Apps and Power Automate. Write and fine-tune Kusto Query Language (KQL) queries to More ❯

to support a leading government client . The role is based in London and will need 2/3 days on site.Im looking for someone that has recent Sentinel and Defender experience and is a SME in this area Background skills required. • Policy Enforcement: Implement Conditional Access, MFA, and DLP policies. Maintain security posture using Secure Score and … of workload. • PowerShell Scripting: Automate routine tasks and configurations across O365 services • Policy Development: Support creation and enforcement of Council-wide O365 usage policies • Configure and maintain Sentinel workspaces aligned with Council tenancy and compliance requirements. • Integrate data sources including Defender for Endpoint, Defender for Identity, Office 365 audit logs, Azure AD, and third-party connectors. … Develop and implement playbooks and alert rules for automated incident response. • Collaborate with the Service Desk to triage and escalate Sentinel alerts. • Administer and maintain Microsoft 365 services including Exchange online, Exchange on prem and managing hybrid setup. • Administer and optimise Microsoft Defender XDR solutions including Defender for Cloud Apps, Defender for Office 365, and Defender for Identity. More ❯

Proven experience in a 3rd Line/Senior Engineer role within an MSP or security-focused IT environment, supporting multiple clients and environments. Strong knowledge of Microsoft technologies (Azure, Microsoft 365, SharePoint, Intune/Entra) with a focus on security configuration, hardening and monitoring. In-depth understanding of networking, firewalls, VPNs, Windows Server, Active Directory and hybrid cloud … improvement of client security posture. Mentorship and leadership experience, providing cybersecurity guidance to junior engineers and Service Desk teams. Cyber Security & Centralised Services Manager - Desirable Certifications: Microsoft Certified: Azure Administrator/Solutions Expert CompTIA Security+, CISSP, CISM or equivalent cybersecurity qualification ITIL Foundation Vendor-specific certifications (Fortinet, SentinelOne, Datto, Mimecast, Huntress, etc.) Why Join the Company: Be part More ❯

hunt for threats, and enjoy taking ownership of complex challenges this role is for you. What Youll Do Lead on threat detection, hunting, and incident response, working with Azure/Defender, Sentinel, and third-party SOCs. Investigate alerts and coordinate responses with internal IT teams and external managed SOCs. Continuously monitor, enhance, and report on security … with ISO27001, GDPR, Cyber Essentials Plus, and other regulatory frameworks. What Were Looking For Proven experience in Cyber Security, Threat Intelligence, or SOC environments. Hands-on experience with Azure Security Center, Microsoft Sentinel, Defender ATP, M365 Security & Compliance, and KQL scripting. Knowledge of frameworks such as MITRE ATT&CK, NIST, CIS, NCSC, and Security Scorecard. Understanding More ❯

with monitoring tools (SolarWinds, Nagios, PRTG). Microsoft Technologies Strong Windows Server (Apply online only)), AD, Group Policy, and systems admin. Working knowledge of Exchange Online. Experience with Azure AD and hybrid identity. Familiar with Intune and JAMF for device management. Solid Office 365 and Windows 10/11 admin skills. Virtualisation & Cloud Skilled in Hyper-V and … VMware (resource management, backups, failover). Exposure to Azure, AWS, GCP for migrations and optimisation. Communication Systems Experience with enterprise VoIP systems. Knowledge of IP CCTV setup, storage, and network integration. Backup & DR Proficient with Veeam for backup/replication. Experience in DR planning, failover, and resilience testing. Security & Compliance Strong grasp of cybersecurity (firewalls, EPP, vulnerabilities, threat … detection). Understanding of ISO 27001 and GDPR; audit support experience. Familiar with SIEM tools (Splunk, Sentinel). Operating Systems & Automation Working knowledge of Linux (Ubuntu, CentOS). Scripting with PowerShell, Bash, Python. Familiar with ITSM platforms (ServiceNow, Freshservice). Soft Skills Strong analytical and problem-solving ability. Excellent communicator across technical/non-technical teams. Highly organised More ❯

SOC Analyst/TTP/Threats/Monitoring/Detection/ZTNA/Sentinel/Splunk. Superb London based client have an Urgent role, Inside IR35, Hybrid Remote and Onsite for an experienced SOC Analyst/TTP/Threats Monitoring/Detection/ZTNA/Sentinel/Splunk. If you have worked in a busy SOC … Detection please get in touch. This role will see youinvestigating suspicious activity, validating detections etc, threat hunting etc. Experience with XDR Software, Crowdstrike, Carbon Black, Mitre Attack, KQL, Microsoft Azure, Sentinel, Qualys IDS Web proxies etc please get in touch. Full details on request. More ❯

direct reports Essential Experience & Knowledge Experience in Security Operations, Incident Response, or similar role Strong understanding of networking, Windows/Linux, and cybersecurity fundamentals Experience with SIEM (e.g., Sentinel, Splunk), EDR tools, and vulnerability platforms Understanding of security frameworks (ISO 27001, NIST, CIS) Working knowledge of Microsoft InTune Familiarity with GDPR and data protection requirements Desirable Certifications such … as Security+, CEH, GIAC Experience with cloud security (Azure/AWS/GCP) Exposure to AI/ML tools in security contexts Experience with MDM platforms and mobile security Skills & Attributes Strong analytical and problem-solving skills Clear and confident communication skills Ability to work independently and collaborate effectively Detail-focused, adaptable, and proactive Motivated by learning and More ❯

direct reports Essential Experience & Knowledge Experience in Security Operations, Incident Response, or similar role Strong understanding of networking, Windows/Linux, and cybersecurity fundamentals Experience with SIEM (e.g., Sentinel, Splunk), EDR tools, and vulnerability platforms Understanding of security frameworks (ISO 27001, NIST, CIS) Working knowledge of Microsoft InTune Familiarity with GDPR and data protection requirements Desirable Certifications such … as Security+, CEH, GIAC Experience with cloud security (Azure/AWS/GCP) Exposure to AI/ML tools in security contexts Experience with MDM platforms and mobile security Skills & Attributes Strong analytical and problem-solving skills Clear and confident communication skills Ability to work independently and collaborate effectively Detail-focused, adaptable, and proactive Motivated by learning and More ❯

authority and governance for the effective use of technical security controls across the firm Act as an escalation point for threat hunting and security incidents Investigate alerts from Azure/Defender, IT monitoring systems, and 3rd-party SOC, helping to ensure critical assets remain secure Manage supplier relationships, report on control effectiveness, and support compliance with ISO … GDPR, and Cyber Essentials Plus Technology NIST, CIS, NCSC, Mitre Att&ck, Security Scorecard, M365/Azure Security Center Azure Security Center, SIEM, Defender ATP, M365 Security, Data Compliance and Governance, PIM & PAM Zscaler (ZTNA), Darktrace, Firewalls, NAC, Network segregation, remote access & wireless technologies Windows & KQL (MS Sentinel) scripting Cloud computing (IaaS, PaaS, SaaS More ❯

Engineer - SIEM, KQL- sought by investment bank based in London. *Inside IR35 - 3 days a week on-site** Key Responsibilities SIEM Management & Optimization: Design, implement, and maintain Microsoft Sentinel workspaces, connectors, analytics rules, and playbooks Develop advanced KQL queries for threat hunting and reporting Optimize SIEM performance, cost, and data retention policies Troubleshoot log ingestion and parsing issues … team exercises. Please apply within for further details - Alex Reeder Harvey Nash 3+ years in a Security Engineer, SOC Analyst, or similar role Hands-on experience with Microsoft Sentinel and KQL Strong knowledge of Active Directory, Windows/Linux systems, and cloud platforms (Azure, AWS, GCP) Proficiency in scripting (PowerShell, Python) Familiarity with security frameworks (MITRE More ❯

Engineer - SIEM, KQL- sought by investment bank based in London. *Inside IR35 - 3 days a week on-site** Key Responsibilities SIEM Management & Optimization: Design, implement, and maintain Microsoft Sentinel workspaces, connectors, analytics rules, and playbooks Develop advanced KQL queries for threat hunting and reporting Optimize SIEM performance, cost, and data retention policies Troubleshoot log ingestion and parsing issues … team exercises. Please apply within for further details - Alex Reeder Harvey Nash 3+ years in a Security Engineer, SOC Analyst, or similar role Hands-on experience with Microsoft Sentinel and KQL Strong knowledge of Active Directory, Windows/Linux systems, and cloud platforms (Azure, AWS, GCP) Proficiency in scripting (PowerShell, Python) Familiarity with security frameworks (MITRE More ❯

baselines. Support architectural governance, project reviews, and digital assurance. Maintain the technical security roadmap and drive improvements across tooling and capabilities. Operate and optimise core security tools (Defender, Sentinel, Tenable, CASB) and track control adoption through KPIs and dashboards. Lead and document security initiatives, including hardening guides, architecture diagrams, and evidence packs. Chair the Cyber Security Working Group … equivalent experience plus relevant security certifications (Security+, CEH, CySA+, Cloud Security Engineer). Significant experience in cyber security operations or incident response. Hands-on expertise with Microsoft Defender, Sentinel, Tenable, CASB, and cloud security (AWS/Azure). Proven security project delivery, PowerShell automation skills, and familiarity with IR frameworks. Consulting-style experience providing advisory support More ❯

Active Directory, Hyper-V and high availability failover clustering Microsoft Data Protection Manager PowerShell scripting and automation All round Microsoft Cloud Operations engineer Cloud Services, IaaS, PaaS, Microsoft Azure, including Site recovery (ASR) and M365, Exchange Online, OneDrive, Teams Azure networking (private endpoints, Azure firewalls, VPNs, IP Groups etc) Operations systems, Windows Desktop, Windows … Server and Linux Monitoring/Alerting/log Analytics, Sentinel Logic Apps API Management gateways Azure Application Proxies You must be eligible for security clearance living in the UK as a British Citizen. What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy More ❯

Active Directory, Hyper-V and high availability failover clustering Microsoft Data Protection Manager PowerShell scripting and automation All round Microsoft Cloud Operations engineer Cloud Services, IaaS, PaaS, Microsoft Azure, including Site recovery (ASR) and M365, Exchange Online, OneDrive, Teams Azure networking (private endpoints, Azure firewalls, VPNs, IP Groups etc) Operations systems, Windows Desktop, Windows … Server and Linux Monitoring/Alerting/log Analytics, Sentinel Logic Apps API Management gateways Azure Application Proxies You must be eligible for security clearance living in the UK as a British Citizen. What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy More ❯