18 of 18 Azure Sentinel Jobs in London

will evaluate application-generated logs, develop threat detection strategies and report findings to the Information Security team. This role requires deep expertise in Microsoft Azure security tools, log analytics and automation to enhance the customer's application anomaly detection capabilities. Key Responsibilities: Develop detailed threat models tailored … large portfolio of applications with varying threat categories Analyse logs generated by applications using Azure Log Analytics and Azure Sentinel to identify anomalies and potential threats Design, build and maintain KQL queries Implement automated alerting and reporting workflows through Azure Logic Apps ...

ownership and variety across the full defensive lifecycle. What You’ll Be Doing Lead investigations, triage and containment using SIEM/EDR (Microsoft Sentinel preferred) Harden IAM, PIM/PAM , Windows/Linux, endpoint baselines and identity services Strengthen M365 security : Defender for Endpoint/O365/Identity … Windows + Linux) Network security concepts (firewalls, IDS/IPS) Incident Response & Detection Hands-on IR: triage investigation containment recovery Experience with SIEM (Sentinel strongly preferred) Experience with EDR/XDR tools: Defender/CrowdStrike/SentinelOne Log analysis, packet captures, forensic investigation fundamentals Microsoft Security Defender suite ...

modern security architectures, solving complex technical challenges, and acting as a trusted technical partner. Technology Environment Microsoft Security Stack: Microsoft Defender XDR Microsoft Sentinel Microsoft Entra ID Microsoft Intune Microsoft Defender for Cloud Experience with alternative modern security platforms such as SentinelOne or CrowdStrike is advantageous. Cloud Platforms … Microsoft Azure (required) Exposure to AWS or GCP (desirable) Platforms & Infrastructure: Active Directory/Entra hybrid identity Windows Server and Linux Networking, VPNs, firewalls, endpoint management Tooling & Automation: KQL PowerShell API integrations Automation tooling Key Responsibilities Technical Delivery Lead technical discussions with customers, guiding architecture, design decisions ...

broad technical knowledge of a wide range of solutions such as ConnectWise, RMM systems (Asio/Addigy), Mac & Windows OS, Active Directory/Azure Active Directory, Virtual machines (Oracle & Hyper-V), Mac & Windows hardware build/deployment, printers/peripherals, cloud services (Microsoft 365, Google Workspace, Dropbox), Microsoft ...

investment bank based in London. *Inside IR35 - 3 days a week on-site** Key Responsibilities SIEM Management & Optimization: Design, implement, and maintain Microsoft Sentinel workspaces, connectors, analytics rules, and playbooks Develop advanced KQL queries for threat hunting and reporting Optimize SIEM performance, cost, and data retention policies Troubleshoot … further details - Alex Reeder Harvey Nash 3+ years in a Security Engineer, SOC Analyst, or similar role Hands-on experience with Microsoft Sentinel and KQL Strong knowledge of Active Directory, Windows/Linux systems, and cloud platforms (Azure, AWS, GCP) Proficiency in scripting (PowerShell, Python) Familiarity ...

from you.Experience2-4 years' experience in cloud security, pre-sales engineering, technical consulting, or security operations.Exposure to at least one major cloud provider (Azure, AWS, or GCP), with a willingness to broaden your expertise.Understanding of hybrid and on-premise security concepts.Awareness of key frameworks such … PlatformsExperience with some of the following is helpful (not all required):Microsoft Defender for Cloud, AWS Security Hub, GuardDuty, GCP Security Command Center.Microsoft Sentinel, AWS CloudTrail, Config, KMS, GCP Cloud Logging.CSPM: Prisma Cloud, Wiz, Orca, Lacework, CloudGuard.CIEM: SailPoint, Saviynt, Veza.Identity & Access ManagementAzure AD/Entra ...

London are looking for a seasoned Information Security Lead to be the authority across all Information Security and Cloud Infrastructure; ensuring Azure, Microsoft 365, and SaaS platforms are secure, resilient, and compliant. The role combines hands-on technical security expertise with risk management, governance, and assurance, supporting business … enablement, rather than day-to-day service desk operations. The ideal candidate will have strong technicals skills across the following: Microsoft Entra ID (Azure AD): Conditional Access, MFA, Passwordless authentication, Identity Protection, PIM, Phishing resistant MFA configurations Zero Trust architecture and least-privilege access models Identity governance, access ...

leading or mentoring SOC teams Strong knowledge of incident response and threat detection Experience with SIEM platforms such as LogRhythm, Splunk, or Microsoft Sentinel Familiarity with SOAR platforms, EDR/XDR tools (eg CrowdStrike, Defender, SentinelOne) and cloud security monitoring across Azure, AWS, or GCP Understanding ...

leading or mentoring SOC teams Strong knowledge of incident response and threat detection Experience with SIEM platforms such as LogRhythm, Splunk, or Microsoft Sentinel Familiarity with SOAR platforms, EDR/XDR tools (eg CrowdStrike, Defender, SentinelOne) and cloud security monitoring across Azure, AWS, or GCP Understanding ...

London are looking for a seasoned Information Security Lead to be the authority across all Information Security and Cloud Infrastructure; ensuring Azure, Microsoft 365, and SaaS platforms are secure, resilient, and compliant. The role combines hands-on technical security expertise with risk management, governance, and assurance, supporting business … enablement, rather than day-to-day service desk operations. The ideal candidate will have strong technicals skills across the following: Microsoft Entra ID (Azure AD): Conditional Access, MFA, Passwordless authentication, Identity Protection, PIM, Phishing resistant MFA configurations Zero Trust architecture and least-privilege access models Identity governance, access ...

experience: GlobalProtect, site-to-site IPsec VPNs, SSL decryption operations Advanced Threat Prevention tuning, WildFire analysis, DNS Security Cloud security/networking exposure: Azure/AWS/GCP, cloud-native firewalls, transit networking VM-Series deployments, Terraform/automation exposure SIEM integration experience: Splunk/Sentinel ...

have a current opportunity for a Head of Azure Platform Security on a permanent basis. The position will be based in London. For further information about this position please apply. Requirements Hands-on Azure cloud security architecture and implementation - Defender for Cloud, Policy-as-Code, RBAC … segmentation, NSG/UDR/NVA architecture, hub-spoke topology, and perimeter defence for hybrid environments WAF design, deployment, and operational tuning - Cloudflare, Azure Application Gateway, or equivalent; custom rule authoring and false-positive management at production scale Network flow log analysis and intrusion detection engineering - building detection ...

government organisation to recruit a Principal Cyber Security Engineer on a 2-year FTC. The role requires someone with a strong background in Azure infrastructure, as well as AWS experience and Windows Server knowledge. Key Responsibilities: Technically Proficient Implementing Security Controls Administration of SIEM tools and Security Controls … Sentinel, Defender, DarkTrace) Incident Response Security Operations Centre Vulnerability Management & Reporting Continuous Improvement Training & Awareness Secure Architecture Support Compliance and Framework Alignment Essential Skills: Experience with Microsoft Sentinel, Microsoft Defender for Endpoint/Cloud SIEM tools, threat intelligence platforms, and vulnerability management Technical experience securing Microsoft ...

pure new business role, ideal for someone with a passion for solving security challenges through Microsoft-aligned services such as Entra ID (Azure AD) , Microsoft Defender , Microsoft Sentinel , and broader IAM and managed security solutions . You’ll be part of a high-growth business that … with CISOs, Heads of Security, and IT leaders on identity protection , zero trust , threat detection , and compliance Own complex sales cycles around Microsoft Sentinel , Defender suite , Entra ID , and managed IAM Collaborate closely with technical consultants and presales to build tailored, value-led proposals Maintain a healthy, well ...

leadership/SOC management roles Strong hands-on knowledge of SIEM, SOAR and EDR technologies Experience with tools such as LogRhythm, Splunk, Microsoft Sentinel, Securonix Understanding of incident response frameworks and SOC operating models Experience working in enterprise or managed SOC environments Strong stakeholder communication and incident management … capabilities Desirable certifications: CISSP or CISM GIAC certifications (GCIH/GCIA/GCFA/GCTI/GMON) CEH or CompTIA CySA+ Azure security certifications (AZ-500/SC-200) This role is ideal for a senior SOC professional who enjoys leading security operations, improving detection capabilities, and working ...

managing a junior Security Analyst, within a wider infrastructure team managing the day to day IT environment. Our client is working in an Azure/M365 environment, so it is likely that your experience will reflect the Microsoft Security stack with tools such as Sentinel … security frameworks, such as PCI-DSS, GDPR and Cyber Essentials Technical skillset within the Microsoft Security Stack, including the likes of Sentinel, Defender and E5 Ability to manage and mentor a junior security analyst, acting as a technical point of escalation when needed Able to support ...

expanding its cyber security team and is looking for a Senior Cyber Security Engineer to help strengthen security across a hybrid infrastructure and Azure environment. This role sits within the prevent and protect pillar of the cyber function , focusing on implementing security controls and improving the organisation … into platforms, projects and cloud services across the business. What you will be doing Improving security across a hybrid infrastructure environment that includes Azure and on premise systemsDesigning and implementing security controls across identity, endpoint and infrastructure platformsSupporting infrastructure and technology projects by providing practical security guidanceStrengthening Azure ...

environment (5+ Years), responding to and containing the most high-profile, escalated incidents. Comprehensive knowledge of the Microsoft Security stack – Defender, Sentinel, E5 Security Suite, etc Proven experience building detection rules, fine-tuning and streamlining SOC tooling and capabilities. Experience working in cloud-native SOC environments – Azure ...