20 of 20 Remote/Hybrid Azure Sentinel Jobs in the UK

effective manner. Specifically you will: Support the rest of the security operations team to monitor, triage and investigate alerts and incidents within Sentinel Conduct initial incident triage, determining scope, urgency and appropriate actions to mitigate threats. Participate in the incident response process, assisting with investigation and remediation. Support … appreciation of how new security solutions can impact delivery. Experience with general security technologies and capabilities including Microsoft E5 technologies such as Azure Sentinel and the various Defender products would be a distinct advantage, as would exposure to automation and familiarity with Python to help streamline ...

nature of the clients supported, candidates must be eligible for SC and NPPV3 security clearance . Key Responsibilities Create, maintain, and optimise Microsoft Sentinel analytics rules, Logic Apps, and playbooks to support incident detection and response. Support and enhance integrations between Microsoft Sentinel and other security … MSSP environment, responding to security incidents for public sector customers in line with agreed SLAs. Essential Experience Hands-on experience with Microsoft Sentinel within a SOC or MSSP environment. Experience building and maintaining automation using Azure Logic Apps and Sentinel playbooks. Working knowledge ...

will positively shape our future. What are the day-to-day tasks? Security Engineering & Automation Architect and implement security controls across Microsoft 365, Azure, Dynamics 365, Kubernetes (AKS), and AI/ML workloads. Lead the design and deployment of conditional access, Defender for Cloud, Purview DLP, Azure … related services. Integrate security into DevOps pipelines, CI/CD, infrastructure-as-code, and container workflows. Automate threat detection and response using Microsoft Sentinel SOAR, custom playbooks, and telemetry pipelines. Platform Security Oversight Own and optimise endpoint security through Intune, ensuring device compliance and integration with Zero Trust. ...

skills, the ability to engage with both technical and executive stakeholders, and a strong understanding of cloud-native security solutions-particularly within the Azure ecosystem. Key Responsibilities Design and develop end-to-end enterprise security architectures, including infrastructure, data ingestion pipelines, and cloud security posture components. Lead … implementation and optimization of Microsoft security technologies such as Sentinel , Defender XDR , SOAR , and integrations involving DevOps (IDE/CI/CD) and Cribl . Develop advanced security analytics, threat intelligence models, and monitoring capabilities for cloud and hybrid environments. Work closely with engineering, DevOps, and security operations ...

experience Windows Server installation & configuration Virtualisation Vulnerability Scanning tools such as Qualys Cloud Platforms Experience with private & public cloud such as AWS & Azure Security Experience with MDM, MFA, Email filtering, Next generation firewalls & Anti-Virus solutions, SIEM Solutions such as Sentinel Skills An ability to work ...

security operations roles. Hands-on SIEM engineering and detection tuning experience. Proven ownership of complex incident response and investigations. Cloud security experience across Azure and AWS. Experience automating SOC workflows and response processes. Threat hunting experience beyond basic log review. Comfortable engaging directly with technical stakeholders. Able … prioritise and operate effectively under pressure. Useful but not essential Microsoft Sentinel experience. Container or Kubernetes environments. CI/CD security tooling exposure. Red or purple team experience. Why this opportunity Senior ownership and autonomy. Modern cloud-first environment. Strong investment in tooling and automation. Opportunity to genuinely ...

environment, focused on practical remediation and customer outcomes. The ideal candidate will have strong experience across Windows Server, Microsoft 365/Azure, and modern security technologies, and will be comfortable switching between customer meetings, technical design sessions, and hands-on engineering work when required. Key responsibilities and accountabilities … vulnerabilities and configuration weaknesses through practical changes and clear technical guidance. Assist with the deployment and improvement of security controls across Microsoft 365, Azure, and on-premises infrastructure. Work with Consulting and Security Operations teams to prioritise remediation activity based on risk and customer impact. Contribute to improving ...

environment, focused on practical remediation and customer outcomes. The ideal candidate will have strong experience across Windows Server, Microsoft 365/Azure, and modern security technologies, and will be comfortable switching between customer meetings, technical design sessions, and hands-on engineering work when required. Key responsibilities and accountabilities … vulnerabilities and configuration weaknesses through practical changes and clear technical guidance. Assist with the deployment and improvement of security controls across Microsoft 365, Azure, and on-premises infrastructure. Work with Consulting and Security Operations teams to prioritise remediation activity based on risk and customer impact. Contribute to improving ...

detection strategy and roadmap, aligning initiatives with KPIs and contractual requirements. Develop, optimise, and maintain high-fidelity detections using Splunk , Microsoft Sentinel , KQL , SPL , and Python for automation and Detection as Code. Work closely with cloud platforms ( AWS and Azure ) to enhance detection capabilities in hybrid … with day-to-day responsibilities. Essential Skills and Experience: SC clearance required to start; DV sponsorship available. Proven expertise with Splunk and Microsoft Sentinel SIEM platforms. Strong programming skills in Python , with experience developing automation and Detection as Code pipelines. Proficiency in KQL and SPL for creating efficient ...

vulnerability management and coordinate remediation activities. Provide technical security guidance to IT teams and project stakeholders. Profile Experience with Microsoft security stacks (Defender, Sentinel, Entra ID, etc.). Experience in networking, firewalls, routers/switches, and cloud infrastructure (Azure preferred). Experience with vulnerability management ...

vulnerability management and coordinate remediation activities. Provide technical security guidance to IT teams and project stakeholders. Profile Experience with Microsoft security stacks (Defender, Sentinel, Entra ID, etc.). Experience in networking, firewalls, routers/switches, and cloud infrastructure (Azure preferred). Experience with vulnerability management ...

Intelligence Analyst, Threat Intelligence Analyst or Threat Hunting role Strong understanding of cyber threats, malware and adversary TTPs Hands-on experience with Microsoft Sentinel and Defender XDR Good working knowledge of KQL (Kusto Query Language) Strong understanding of the MITRE ATT&CK framework Experience investigating IOCs and real … Intelligence Analyst , not rigid office attendance. Keywords Cyber Threat Intelligence Analyst, Threat Intelligence Analyst, Cyber Threat Analyst, Threat Hunter, Cyber Security Analyst, Microsoft Sentinel, Defender XDR, KQL, Kusto Query Language, SIEM, EDR, MITRE ATT&CK, Threat Hunting, Cyber Threat Intelligence, Malware Analysis, IOCs, OSINT, SOC, Incident Response, Blue ...

experience: GlobalProtect, site-to-site IPsec VPNs, SSL decryption operations Advanced Threat Prevention tuning, WildFire analysis, DNS Security Cloud security/networking exposure: Azure/AWS/GCP, cloud-native firewalls, transit networking VM-Series deployments, Terraform/automation exposure SIEM integration experience: Splunk/Sentinel ...

ability to prioritise under pressure. Aware of how security decisions impact operations and customer outcomes. Familiarity with ISO 27001, Cyber Essentials, Microsoft Defender, Azure, Fortinet, Mimecast, Sentinel or similar platforms. SIEM: Microsoft Sentinel, CrowdStrike Next-Gen SIEM Ability to meet vetting requirements (BS7858). ...

infrastructure Define and apply security architecture patterns , including Zero Trust and defence-in-depth strategies Lead security design for cloud-based solutions (AWS, Azure, and/or GCP) Architect and govern identity and access management (IAM) , including authentication, authorisation, and privileged access Design secure network architectures covering encryption … enterprise systems Solid understanding of Zero Trust , defence-in-depth, and modern security patterns Hands-on experience designing security for cloud platforms (AWS, Azure, and/or GCP) Deep knowledge of IAM , authentication, authorisation, and privileged access management Strong background in network security , encryption, and key management Experience ...

looking for a hands-on DevSecOps Engineer to take ownership of application and cloud security across a modern, Azure-first product environment. This is a product-focused security role, sitting at the intersection of development, DevOps and security, helping teams understand why vulnerabilities exist … understanding vulnerabilities at a low level and advising development teams on remediation Work closely with DevOps to ensure secure configuration and deployment within Azure (including Azure Front Door, WAF, Defender for Cloud, Sentinel) Support and interpret results from ITHC (UK Government-standard) penetration tests ...

looking for a hands-on DevSecOps Engineer to take ownership of application and cloud security across a modern, Azure-first product environment. This is a product-focused security role, sitting at the intersection of development, DevOps and security, helping teams understand why vulnerabilities exist … understanding vulnerabilities at a low level and advising development teams on remediation Work closely with DevOps to ensure secure configuration and deployment within Azure (including Azure Front Door, WAF, Defender for Cloud, Sentinel) Support and interpret results from ITHC (UK Government-standard) penetration tests ...

workshops. Must-Have Certifications (at least 2): SC-100 (Cybersecurity Architect) SC-200 (Security Operations Analyst) SC-400 (Information Protection Administrator) AZ-500 (Azure Security Engineer) Key Skills: Microsoft Defender Suite (Endpoint, Identity, Cloud Apps) Microsoft Sentinel (analytics rules, SOAR playbooks) Microsoft Purview DSPM (classification, labels ...

essential, but Cyber Strategy is a must. Key Technical skills for the Head of Cyber Security role should include: Microsoft Defender and Sentinel Tessian (Proofpoint) Mimecast MS E5 Security Suite Strong analytical skills with the ability to efficiently troubleshoot and diagnose technical faults Good working knowledge … systems Competent knowledge of iOS and Android operating systems Good understanding of virtual server infrastructure (VMWare) Good working knowledge of on premise and Azure Active Directory Awareness of Group Policy Management and Azure Microsoft Endpoint Manager Good understanding of Citrix XenApp/XenDesktop/ ...

cyber security. It's a hands-on, varied role where you'll help design, maintain, and secure a mix of on-premise and Azure environments. You'll work across servers, networks, storage, and security tools, contributing to infrastructure projects as well as cyber initiatives such as vulnerability management … skills we're looking for: Strong background across servers, networks, and SAN/NAS storage Experience designing and maintaining secure hybrid infrastructure (Azure ideal) Hands-on experience with security tools (Defender, Sentinel, Tenable, Zscaler etc.) Palo Alto deployment/configuration experience is a must Good understanding ...