1 to 25 of 46 Azure Sentinel Jobs in the UK

design" solutions are woven into the fabric of the entire ecosystem. Key Responsibilities Hybrid Architecture & Governance: Design and implement security controls across Azure, on-prem servers, and SaaS applications while maintaining hardening standards based on CIS and NIST benchmarks. Identity & Access Security: Define standards for Entra … overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic investigations. Infrastructure Hardening: Enforce secure baselines across virtualized environments (VMware/Hyper-V), Windows ...

secure-by-design" solutions are woven into the fabric of the entire ecosystem.Key Responsibilities Hybrid Architecture & Governance: Design and implement security controls across Azure, on-prem servers, and SaaS applications while maintaining hardening standards based on CIS and NIST benchmarks. Identity & Access Security: Define standards for Entra … overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic investigations. Infrastructure Hardening: Enforce secure baselines across virtualized environments (VMware/Hyper-V), Windows ...

Strong understanding of cloud and hybrid security environments, including Microsoft 365 and Azure. Strong operational expertise across EDR/XDR, SIEM (e.g., Microsoft Sentinel, Splunk), identity protection, and vulnerability management. Experience with security audits, compliance programmes, and regulated industry requirements. Excellent communication and influencing skills, with confidence engaging ...

terms of Business Outcomes rather than technical vulnerabilities. Multi-Cloud Security: Hands-on experience designing and securing estate consolidation across AWS and Azure, specifically focusing on identity federation and crosscloud security guardrails. Regulatory Alignment: Deep understanding of the FCA’s Operational Resilience and Consumer Duty requirements, ensuring security … threat modelling techniques (e.g., STRIDE, PASTA) at the design stage of the lifecycle. Security -as -Code: Familiarity with automated assurance tools (e.g., Terraform Sentinel, Azure Policy, AWS Config) to embed guardrails into CI/CD pipelines. Identity & Access Management (IAM): Advanced knowledge of Zero Trust principles ...

ownership and variety across the full defensive lifecycle. What You’ll Be Doing Lead investigations, triage and containment using SIEM/EDR (Microsoft Sentinel preferred) Harden IAM, PIM/PAM , Windows/Linux, endpoint baselines and identity services Strengthen M365 security : Defender for Endpoint/O365/Identity … Windows + Linux) Network security concepts (firewalls, IDS/IPS) Incident Response & Detection Hands-on IR: triage investigation containment recovery Experience with SIEM (Sentinel strongly preferred) Experience with EDR/XDR tools: Defender/CrowdStrike/SentinelOne Log analysis, packet captures, forensic investigation fundamentals Microsoft Security Defender suite ...

achieve. The Microsoft support team is integral to this approach and our success. To provide 3rd line support managing cloud infrastructure in Azure across design, implements and manages cloud solutions that span both on-premise and Azure environments, ensuring seamless integration and efficient resource utilization, often … using tools like Azure Hybrid Benefit for Bytes Microsoft Cloud customers. This will be filled by someone with proven 3rd-line support experience and hands-on experience of the Microsoft Hybrid Infrastructure, acting as an escalation point for incidents relating to their Azure cloud services ...

from the outset. What youll do Develop and implement security architectures aligned with enterprise strategy, regulations, and control standards, with a focus on Azure and hybrid cloud environments. Collaborate with Enterprise, Solution, and Cloud Architects to embed security in all designs, including application security and Azure-native services. Define and maintain security standards, guidelines, and reference architectures for Azure workloads, identity management (e.g., Entra ID), and secure application development. Deliver clear cybersecurity advice to technical and non-technical stakeholders on Azure security best practices, threat protection, and compliance. Champion 'Secure ...

modern security architectures, solving complex technical challenges, and acting as a trusted technical partner. Technology Environment Microsoft Security Stack: Microsoft Defender XDR Microsoft Sentinel Microsoft Entra ID Microsoft Intune Microsoft Defender for Cloud Experience with alternative modern security platforms such as SentinelOne or CrowdStrike is advantageous. Cloud Platforms … Microsoft Azure (required) Exposure to AWS or GCP (desirable) Platforms & Infrastructure: Active Directory/Entra hybrid identity Windows Server and Linux Networking, VPNs, firewalls, endpoint management Tooling & Automation: KQL PowerShell API integrations Automation tooling Key Responsibilities Technical Delivery Lead technical discussions with customers, guiding architecture, design decisions ...

reputable global client is seeking an experienced L3 SOC Analyst with expertise across Microsoft Security stack, including Microsoft XDR, Microsoft Defender, Sentinel, and the wider M365 security ecosystem. You'll be handling IR, threat detection, threat hunting, lead complex investigations and develop advanced detection content. What … manage high-severity security incidents from identification through containment, eradication, recovery, and post-incident reporting Perform advanced threat hunting using Microsoft Defender XDR, Sentinel, KQL, and other telemetry sources to identify emerging threats, anomalous behaviour, and undetected malicious activity Develop, tune, and maintain Sentinel analytics rules ...

support based role, ideally in the managed services space across the Microsoft technology stack Experience in Entra ID, Intune, and Azure. Knowledge of Sentinel, and Microsoft Defender. Experience working within a SOC environment would be advantageous. Demonstrable experience in forming collaborative working relationships with customers and other internal ...

nature of the clients supported, candidates must be eligible for SC and NPPV3 security clearance . Key Responsibilities Create, maintain, and optimise Microsoft Sentinel analytics rules, Logic Apps, and playbooks to support incident detection and response. Support and enhance integrations between Microsoft Sentinel and other security … MSSP environment, responding to security incidents for public sector customers in line with agreed SLAs. Essential Experience Hands-on experience with Microsoft Sentinel within a SOC or MSSP environment. Experience building and maintaining automation using Azure Logic Apps and Sentinel playbooks. Working knowledge ...

helping optimise IT systems and services. This is an exciting opportunity to work with a broad tech stack including Windows, Microsoft 365, Azure, networking tools, and security platforms. To thrive as an IT Support Advisor , you must have hands-on experience with Windows 10/11, Active Directory ...

investment bank based in London. *Inside IR35 - 3 days a week on-site** Key Responsibilities SIEM Management & Optimization: Design, implement, and maintain Microsoft Sentinel workspaces, connectors, analytics rules, and playbooks Develop advanced KQL queries for threat hunting and reporting Optimize SIEM performance, cost, and data retention policies Troubleshoot … further details - Alex Reeder Harvey Nash 3+ years in a Security Engineer, SOC Analyst, or similar role Hands-on experience with Microsoft Sentinel and KQL Strong knowledge of Active Directory, Windows/Linux systems, and cloud platforms (Azure, AWS, GCP) Proficiency in scripting (PowerShell, Python) Familiarity ...

PRTG). Microsoft Technologies Strong Windows Server (Apply online only)), AD, Group Policy, and systems admin. Working knowledge of Exchange Online. Experience with Azure AD and hybrid identity. Familiar with Intune and JAMF for device management. Solid Office 365 and Windows 10/11 admin skills. Virtualisation & Cloud … Skilled in Hyper-V and VMware (resource management, backups, failover). Exposure to Azure, AWS, GCP for migrations and optimisation. Communication Systems Experience with enterprise VoIP systems. Knowledge of IP CCTV setup, storage, and network integration. Backup & DR Proficient with Veeam for backup/replication. Experience ...

Experience in Security Operations, Incident Response, or similar role Strong understanding of networking, Windows/Linux, and cybersecurity fundamentals Experience with SIEM (e.g., Sentinel, Splunk), EDR tools, and vulnerability platforms Understanding of security frameworks (ISO 27001, NIST, CIS) Working knowledge of Microsoft InTune Familiarity with GDPR and data … protection requirements Great to have: Certifications such as Security+, CEH, GIAC Experience with cloud security (Azure/AWS/GCP) Exposure to AI/ML tools in security contexts Experience with MDM platforms and mobile security Skills & Attributes Strong analytical and problem-solving skills Clear and confident communication ...

will act as the highest escalation point within the support function, providing advanced troubleshooting, architectural guidance, and proactive improvement across AWS, Microsoft 365, Azure and core networking platforms. The successful candidate will play a critical role in ensuring stability, security, scalability, and performance across our digital services while … security posture Support Infrastructure as Code (e.g. CloudFormation/Terraform) Maintain compliance and security best practices (least privilege, logging, guardrails) 2. Microsoft 365 & Azure Advanced support for M365 (Exchange Online, SharePoint, OneDrive, Teams) Azure AD/Entra ID management including Conditional Access and Identity Protection Intune ...

validate fixes, and ensure closure in line with risk appetite. Improve security controls across IAM, network security, system hardening and vulnerability management (primarily Azure-focused). Embed security into Infrastructure‐as‐Code and CI/CD: work within Terraform-managed environments and automated pipelines so security is built … experience Security operations experience in a SaaS, cloud or regulated technology environment. Experience triaging and responding to security alerts using SIEM tooling (Microsoft Sentinel advantageous). Strong grounding in Azure security: identity & access management, network security, hardening and vulnerability management. Experience with vulnerability assessments/penetration ...

validate fixes, and ensure closure in line with risk appetite. Improve security controls across IAM, network security, system hardening and vulnerability management (primarily Azure-focused). Embed security into Infrastructure‐as‐Code and CI/CD: work within Terraform-managed environments and automated pipelines so security is built … experience Security operations experience in a SaaS, cloud or regulated technology environment. Experience triaging and responding to security alerts using SIEM tooling (Microsoft Sentinel advantageous). Strong grounding in Azure security: identity & access management, network security, hardening and vulnerability management. Experience with vulnerability assessments/penetration ...

objectives. Providing support to police forces for the onboarding and maintenance of system log sources. Configuring and maintaining the NMC central Microsoft Azure, Lighthouse and Sentinel platform. Developing, maintaining, and deploying detection rules and other SIEM content. Creating custom solutions using both low-code and traditional … development approaches. Providing support to forces for the configuration of Sentinel and log sources. Testing and implementing new Sentinel connectors. Working with wider NMC teams, contributing to Continual Service Improvement and innovations. Creating and maintaining technical design documentation. Working with the PDS design team and wider ...

monitoring and initial response for SOC customers in line with Intercitys Security Incident Response Framework. Investigate alerts generated by Microsoft Sentinel and Microsoft Defender for 365, identifying true positives and responding appropriately. Analyse multiple security data sources to detect malicious activity and support containment actions. Communicate clearly … recommend strategies to reduce risk across customer environments. Contribute to the ongoing development of the SOC service through: Tuning detection rules within Microsoft Sentinel Improving automation and ticket workflows Identify vulnerabilities within Microsoft Defender 365 and support customers in improving their overall security posture. Essential Experience & Knowledge: Strong ...

London are looking for a seasoned Information Security Lead to be the authority across all Information Security and Cloud Infrastructure; ensuring Azure, Microsoft 365, and SaaS platforms are secure, resilient, and compliant. The role combines hands-on technical security expertise with risk management, governance, and assurance, supporting business … enablement, rather than day-to-day service desk operations. The ideal candidate will have strong technicals skills across the following: Microsoft Entra ID (Azure AD): Conditional Access, MFA, Passwordless authentication, Identity Protection, PIM, Phishing resistant MFA configurations Zero Trust architecture and least-privilege access models Identity governance, access ...

prem LDAP applications, and outdated protocols like Kerberos and NTLM. Automation: Streamline operations by automating identity tasks using PowerShell, Microsoft Graph API, and Azure CLI. Governance & Compliance: Ensure all platforms meet hardening standards and assist with audit readiness for frameworks such as ISO 27001, GDPR, or PCI DSS. … What We’re Looking For Essential Experience: Expertise in Microsoft Identity: Proven track record with Azure Entra ID, Active Directory, and managing hybrid-to-cloud transitions. Device Management: Strong proficiency in Microsoft Intune/Endpoint Manager and modern Windows device transformation. Security Tooling: Hands-on experience deploying ...

provide architecture and solution governance. Key Responsibilities (Technology) Architect and deliver end-to-end infrastructure solutions across public, private, and hybrid cloud environments (Azure, AWS, GCP, VMware, OpenStack). Lead cloud transformation initiatives, including IT-as-a-Service strategies, workload migrations, and application modernization. Serve as a trusted … controls. Drive DevOps and automation practices using tools like Terraform, Ansible, PowerShell, and cloud management platforms. Manage and optimize virtual desktop infrastructure (Citrix, Azure Virtual Desktop) and enterprise collaboration tools (M365, O365, Intune). Lead technical workshops, training sessions, and stakeholder engagements to ensure successful adoption ...

Cyber Security Engineer Tech Focus: Azure/Microsoft 365/Purview/Defender/Sentinel Rate: Circa £400–£500/day Location: Fully Remote Duration: 6 Months This is a fantastic opportunity for a Cyber Security Engineer to join a small but growing Cloud/Azure team within a global organisation in the construction consultancy sector. The business has now fully moved into Azure Cloud and is looking to strengthen and mature its cyber security posture. You’ll be joining a highly skilled and well‐established security and cloud team that plays ...

Ready to lead complex security operations, shape detection strategy, and be the go-to expert for Microsoft Sentinel and Defender XDR? Join my international client and take ownership of advanced engineering, threat hunting, and incident response in a modern, cloud-first environment.? My client is an international Consultancy … engineering work for SIEM and XDR , escalated security incident response, and advanced threat hunting. What this job is really about Owning M icrosoft Sentinel and Defender XDR so they work for you, not the other way round: shaping the data, the rules, the playbooks, and the signal ...