2 of 2 Remote Cyber Threat Jobs in Leicestershire

security previews, and frontline support. You'll work at the sharp end of cyber defence, directly contributing to investigations involving nation-state threat actors (including IR, CH, and NK based campaigns) while refining your craft across enterprise-scale log ingestion and customised Sentinel integration engineering that will … wide log onboarding into Microsoft Sentinel – deploying standard and custom connectors, Function Apps, and parsers to build tailored SIEM solutions that drive real-world threat detection and response. Log ingestion at scale across numerous hybrid and multi-cloud environments Enhance custom Function Apps and ingestion pipelines Parse, normalise, and … optimise log telemetry to ensure precision and cost control Partner with IR teams on real attacks – tuning rules against live threat actor activity Sync closely with Microsoft teams to build cutting-edge detection capabilities Contribute to internal knowledge base and help shape engineering standards What's needed? Experience building More ❯

and strengthen security operations at scale. A key position within a world-class MSSP, leveraging Microsoft Sentinel, Defender for Endpoint, and KQL to enhance threat detection, response, and security automation. Responsibilities include developing automated security workflows, streamlining investigations, and advancing proactive defense strategies. Key Responsibilities: Design and implement automation … for enhanced security operations. Monitor and respond to security incidents and alerts, ensuring the protection of our clients’ data and infrastructure. Conduct in-depth threat hunting and forensic investigations using KQL. Optimize security processes with Defender for Endpoint to detect, contain, and remediate threats. Collaborate with security analysts, engineers … contribute to the overall SIEM architecture. Experience required: Proven experience working with Microsoft Sentinel and Defender for Endpoint. Strong proficiency in KQL for deep threat hunting and security analytics. Knowledge of SIEM automation, playbooks, and integrations. Experience in cybersecurity operations, threat detection, and incident response. Passion for security More ❯