26 to 41 of 41 Azure Sentinel Jobs in London

Conduct advanced threat hunting using the Microsoft Security Stack. Build, optimise and maintain workbooks, rules, analytics etc. Correlate data across Microsoft 365 Defender, Azure Defender and Sentinel. Perform root cause analysis and post-incident reporting. Aid in mentoring and upskilling Level 1 and 2 SOC analysts. Required Skills … The ability to achieve UK Security Clearance (SC) - existing clearance ideal. (Sorry no visa applications) Current experience working with a SOC environment Microsoft Sentinel: Development and tuning of custom analytic rules. Workbook creation and dashboarding. Automation using Playbooks and SOAR integration. Kusto Query Language (KQL): Writing complex, efficient … detection. Correlating data across key tables (e.g., SignInLogs, SecurityEvent, OfficeActivity, DeviceEvents). Developing custom detection rules, optimising performance, and reducing false positives. Supporting Sentinel Workbooks, Alerts, and Playbooks through advanced KQL use. Deep understanding of incident response, threat intelligence and adversary techniques (MITRE ATT&CK framework). Strong More ❯

implementation of new detections and improvements to existing detections. Leveraging in-house knowledge to enrich and benefit the SIEM and SOC (e.g. managing Sentinel watchlists, assisting with triage, sharing knowledge of our technical estate with the MSP analysts, etc.) Assisting with incident investigation and insider threat monitoring. Producing … You will have some of the following skills and experience: Experience in Cyber Threat Intelligence Experience in Threat Hunting Experience with the Microsoft Sentinel SIEM/SOAR platform Proficient in writing KQL Strong understanding of threat intelligence principles and practices. Strong understanding of security risk management Understanding of … security standards Understanding of modern cloud technologies Ideally experience with the Microsoft Defender suite, Microsoft Entra and Microsoft Purview Ideally experience with Microsoft Azure Exposure to Agile working Ability to translate between technical and non-technical teams Desire to be part of a small fast-paced team Relevant More ❯

security controls, policies and technologies effectively protect the organisation's assets, infrastructure and data. They are using the MS Security Stack including Defender, Sentinel and Entra ID, and are very ahead-of-the-curve in their respective sector. The ideal candidate will have come from a hands-on … UK, with travel into London around once or twice a month (expenses-paid). Responsibilities: Implement and manage security controls for Microsoft and Azure infrastructure. Lead vulnerability management and incident response. Enhance security monitoring and IAM with Microsoft tools. Drive security architecture and ensure endpoint security. Support M … maintain compliance. Requirements: Experience in a Cyber Security leadership-level role Proven experience with the MS Security Stack including Defender (Endpoint, Identity, Cloud), Sentinel (SIEM), Entra ID Security Features, and Purview Knowledge of Azure Security controls, including Azure Firewall, Key Vault, Conditional Access, and More ❯

who is looking to take on a Senior role whilst still being very hands on. Experience required Familiar with NIST, ISO 27001, ITIL Azure - 5 years experience Info Sec (Azure AD, Defender, Sentinel) Audits and report writing Assessments Vulnerability Management and Pen Testing Zero More ❯

who is looking to take on a Senior role whilst still being very hands on. Experience required Familiar with NIST, ISO 27001, ITIL Azure - 5 years experience Info Sec (Azure AD, Defender, Sentinel) Audits and report writing Assessments Vulnerability Management and Pen Testing Zero More ❯

Citi's Cloud Incident Response (Cloud IR) team seeks a Senior Vice President of Microsoft 365 (M365) and Azure Incident Response to lead and oversee the organization's incident response operations within the M365 environment. You will work closely with stakeholders to ensure effective security incident response with … organization through critical security challenges within the M365 ecosystem. Responsibilities: Own and lead Citi's response to security incidents in our M365 and Azure platforms Build and sustain a high-performing security operations team skilled in managing M365 incidents Collaborate with relevant engineering teams to gain an in … depth and accurate understanding of Citi's M365 landscape Proactively identify gaps in M365/Azure Incident Response capabilities (processes, procedures and playbooks) and take ownership to deliver and mature these continually Ensure readiness for various incident response scenarios based on historical data but also proactively identifying new More ❯

architecture. Participates in high-level estimation. About You: Skills & Experience: Experience with architecture frameworks such as TOGAF, Zachman, etc. Established experience with Microsoft Azure organization management such as Contoso, Subscriptions, Landing Zones, Service Principals, Managed Identities, B2C, Entra, Monitor, Roles, Policy, etc. is preferred. Established experience with Microsoft … Azure resources (ACA, ACR, Functions, Logic Apps, Health Data Services, APIM) is preferred. Experience with Microsoft security tools such as Sentinel, WAF, DDoS Protection, Bastion, etc. is preferred. Experience with Amazon Web Services (AWS S3, EC2, Lambda, Step Functions, Event Hub, Log Analytics, IAM, API Gateway … SDLC as per IEC62304 is desired. Experience with end-to-end DevOps (from requirements to implementation to production to operations) tools such as Azure DevOps, GitHub, etc. is desired. Possess an understanding of Risk Management, Disaster Recovery, Business Continuity, IT Security Architecture, and IT Regulatory Compliance. Experience with More ❯

our clients cloud and physical infrastructure by developing and maintaining scalable, proactive security controls, processes, and tools. Key Responsibilities: Secure physical and Microsoft Azure cloud infrastructure using modern, risk-based approaches. Design, implement, and maintain security controls, templates, and baselines for cloud environments. Automate repetitive tasks to enhance … Deploy and manage tools such as Microsoft Defender for Cloud, Defender for Endpoint, and Nessus. Collaborate with our outsourced SOC team to enhance Sentinel SIEM, runbooks, and threat detection. Lead investigations into security incidents and conduct proactive threat hunting. Manage endpoint security, patching, vulnerability scanning, and system hardening. … infrastructure practices. Participate in a 1-in-6 on-call rota after completing probation. Key Requirements: Hands-on knowledge of SIEM platforms (preferably Sentinel), EDR, and vulnerability management. Familiarity with frameworks like Cyber Essentials Plus and ISO 27001. Experience in securing hybrid cloud environments (Microsoft Azure More ❯

end-to-end delivery of security tools engineering projects, from requirements gathering through deployment and validation. Integrate SOC tooling with cloud platforms (AWS, Azure, GCP), log sources and other enterprise systems. Establish automation and orchestration pipelines to improve detection, response and remediation workflows. Skills 8+ years in Cyber … Security, with 5+ years in SOC or security engineering roles. Deep expertise in security technologies such as: SIEM: Splunk, Microsoft Sentinel, Exabeam, LogRhythm etc. SOAR: Palo Alto XSOAR, Splunk SOAR, IBM Resilient etc. EDR/NDR: CrowdStrike, SentinelOne, Darktrace, Vectra etc. Strong experience in scripting (e.g. Python, PowerShell More ❯

end-to-end delivery of security tools engineering projects, from requirements gathering through deployment and validation. Integrate SOC tooling with cloud platforms (AWS, Azure, GCP), log sources and other enterprise systems. Establish automation and orchestration pipelines to improve detection, response and remediation workflows. Skills 8+ years in Cyber … Security, with 5+ years in SOC or security engineering roles. Deep expertise in security technologies such as: SIEM: Splunk, Microsoft Sentinel, Exabeam, LogRhythm etc. SOAR: Palo Alto XSOAR, Splunk SOAR, IBM Resilient etc. EDR/NDR: CrowdStrike, SentinelOne, Darktrace, Vectra etc. Strong experience in scripting (e.g. Python, PowerShell More ❯

industry best practices to ensure cutting-edge, effective solutions for clients. Microsoft Security Architect Key Skills Required: Certifications and experience in AWS, GCP & Azure CISSP or other relevant security certifications Agile environment experience Entra ID Microsoft Intune Purview (Data Loss Prevention, Sensitivity Labels, Insider Risk) Microsoft Defender XDR … Endpoint, Identity Cloud App, Office and Microsoft Sentinel) Exchange Online (where migrating from secure email gateway solutions) Additional Skills & Attributes Ability to apply structured thinking, simplifying complex problems into component parts, to the resolution of project challenges Workshop skill for conveying information to customers, lead meetings and provide More ❯

industry best practices to ensure cutting-edge, effective solutions for clients. Microsoft Security Architect Key Skills Required: Certifications and experience in AWS, GCP & Azure CISSP or other relevant security certifications Agile environment experience Entra ID Microsoft Intune Purview (Data Loss Prevention, Sensitivity Labels, Insider Risk) Microsoft Defender XDR … Endpoint, Identity Cloud App, Office and Microsoft Sentinel) Exchange Online (where migrating from secure email gateway solutions) Additional Skills & Attributes Ability to apply structured thinking, simplifying complex problems into component parts, to the resolution of project challenges Workshop skill for conveying information to customers, lead meetings and provide More ❯

stakeholders. Strong problem-solving skills and attention to detail. Ability to work independently and as part of a collaborative team. Relevant certifications (e.g. Azure, Intune, O365, Sentinel, Networking). Experience with ITSM tools and frameworks (e.g., ITIL). Familiarity with managed services contracts and service level More ❯

stakeholders. Strong problem-solving skills and attention to detail. Ability to work independently and as part of a collaborative team. Relevant certifications (e.g. Azure, Intune, O365, Sentinel, Networking). Experience with ITSM tools and frameworks (e.g., ITIL). Familiarity with managed services contracts and service level More ❯

sales capacity designing network and security solutions Knowledge of key networking and security vendors such as Palo Alto, Fortinet, Sophos, Microsoft Defender/Sentinel, Cisco and HPe Aruba Familiarity with cloud security platforms (Azure, AWS) and hybrid environments Exposure to network segmentation, zero trust architectures, and More ❯

sales capacity designing network and security solutions Knowledge of key networking and security vendors such as Palo Alto, Fortinet, Sophos, Microsoft Defender/Sentinel, Cisco and HPe Aruba Familiarity with cloud security platforms (Azure, AWS) and hybrid environments Exposure to network segmentation, zero trust architectures, and More ❯