Leeds, West Yorkshire, England, United Kingdom Hybrid / WFH Options
4Square Recruitment Ltd
you’ll be at the heart of the managed SOC services, monitoring, investigating, and responding to security incidents across client environments. You’ll leverage Microsoft Sentinel, Defender XDR, and KQL to detect threats, improve detection rules, and help clients stay secure. What You’ll Do: Monitor and analyse security alerts in Microsoft Sentinel & Defender XDR Investigate and respond to incidents … threats, and suspicious activity Develop and optimize KQL queries, analytics rules, and automation playbooks Assist in onboarding new clients into Sentinel (connectors, log sources, playbooks) Collaborate with engineers and clients to enhance security visibility Contribute to threat hunting, detection tuning, and SOC process improvements Skills You’ll Need: 2-5+ years in a SOC, threat detection, or incident response … role Hands-on experience with Microsoft Sentinel (KQL, analytics rules, Logic Apps) Knowledge of Microsoft Defender XDR suite (Defender for Endpoint, Cloud, Identity) Understanding of MITRE ATT&CK, SIEM best practices, and security operations Strong analytical & communication skills (explaining risks to clients is key!) Bonus if you have: Microsoft certs (SC-200, SC-100, AZ-500) Experience with automation (Logic More ❯
Microsoft Sentinel and Microsoft 365 Defender (Endpoint, Identity, Cloud, etc.). Respond to incidents - quickly, accurately, and with technical depth - following industry-standard IR playbooks. Threat hunt using advanced KQL queries; develop custom analytics rules and fine-tune existing detections. Onboard new clients into Sentinel, integrating data connectors and building automation playbooks (Logic Apps). Create and maintain clear documentation … refinement, and operational enhancements. What You Bring Must-Have Experience: 2-5+ years in a SOC or threat detection role. Proven, hands-on Microsoft Sentinel expertise - including custom KQL, analytics rule creation, playbook development, and connector integration. Solid grasp of the Microsoft Defender XDR suite (Defender for Endpoint, Cloud, Identity, etc.). Familiarity with MITRE ATT&CK , SIEM fundamentals More ❯
Leeds, Yorkshire, United Kingdom Hybrid / WFH Options
BAE Systems (New)
and cybersecurity researchers to identify analytics, threat intelligence, and tradecraft that benefit the Blue Team. Communicate funding and prioritization suggestions and lead implementation when needed. Develop complex, anomaly-based KQL analytics and playbooks for detection in M365, Linux, and Windows environments. Review open-source research on threats affecting cloud services and VMs, prioritizing and implementing relevant findings. Research vulnerabilities, produce … control systems. Experience in developing malware and anomaly detections. Use of statistical methods for anomaly detection. Proficiency with Microsoft Sentinel and/or XDR. Strong skills in writing complex KQL analytics/searches. Awareness of current security threats. Ability to prioritize threats effectively. Understanding factors affecting detection effectiveness. Threat hunting or SOC analyst certifications preferred. Life at BAE Systems Digital More ❯
