22 of 22 Remote/Hybrid Azure Sentinel Jobs in the UK

will evaluate application-generated logs, develop threat detection strategies, and report findings to the Information Security team. This role requires deep expertise in Microsoft Azure security tools, log analytics, and automation to enhance the customer’s application anomaly detection capabilities. Key Responsibilities: Develop detailed threat models tailored … large portfolio of applications with varying threat categories. Analyze logs generated by applications using Azure Log Analytics and Azure Sentinel to identify anomalies and potential threats. Design, build, and maintain KQL queries to extract and correlate security-relevant data from logs. Implement automated alerting ...

Strong understanding of cloud and hybrid security environments, including Microsoft 365 and Azure. Strong operational expertise across EDR/XDR, SIEM (e.g., Microsoft Sentinel, Splunk), identity protection, and vulnerability management. Experience with security audits, compliance programmes, and regulated industry requirements. Excellent communication and influencing skills, with confidence engaging ...

expected to work with a high degree of autonomy. What You Will Be Doing Monitoring and analysing threat data from Microsoft Defender and Sentinel and translating findings into clear, actionable outcomes Reviewing and implementing Microsoft and third party security recommendations across a broad and complex technology estate Managing … delivering security improvements through formal change management processes, ensuring changes are properly scoped, approved and tracked Maintaining security standards across Azure, M365, Active Directory, Dynamics, Power Apps and SQL environments Aligning security posture against ISO 27001, NIST, NCSC, CISA and Cyber Essentials+ frameworks Producing reports and dashboards ...

achieve. The Microsoft support team is integral to this approach and our success. To provide 3rd line support managing cloud infrastructure in Azure across design, implements and manages cloud solutions that span both on-premise and Azure environments, ensuring seamless integration and efficient resource utilization, often … using tools like Azure Hybrid Benefit for Bytes Microsoft Cloud customers. This will be filled by someone with proven 3rd-line support experience and hands-on experience of the Microsoft Hybrid Infrastructure, acting as an escalation point for incidents relating to their Azure cloud services ...

Microsoft Sentinel Engineer Up to £70,000 DOE Remote – UK Are you an experienced Microsoft Sentinel Engineer ready to take ownership of advanced security projects? Do you have strong 3rd-line level experience across Microsoft, Azure, networking, and cloud security? Would you like … within a 60-person business and is expanding fast including the recent onboarding of a major financial services client. As a Microsoft Sentinel Engineer, you will design, implement, and optimise Sentinel solutions across enterprise environments. You will connect multiple data sources, write complex KQL queries, build ...

modern security architectures, solving complex technical challenges, and acting as a trusted technical partner. Technology Environment Microsoft Security Stack: Microsoft Defender XDR Microsoft Sentinel Microsoft Entra ID Microsoft Intune Microsoft Defender for Cloud Experience with alternative modern security platforms such as SentinelOne or CrowdStrike is advantageous. Cloud Platforms … Microsoft Azure (required) Exposure to AWS or GCP (desirable) Platforms & Infrastructure: Active Directory/Entra hybrid identity Windows Server and Linux Networking, VPNs, firewalls, endpoint management Tooling & Automation: KQL PowerShell API integrations Automation tooling Key Responsibilities Technical Delivery Lead technical discussions with customers, guiding architecture, design decisions ...

from you.Experience2-4 years' experience in cloud security, pre-sales engineering, technical consulting, or security operations.Exposure to at least one major cloud provider (Azure, AWS, or GCP), with a willingness to broaden your expertise.Understanding of hybrid and on-premise security concepts.Awareness of key frameworks such … PlatformsExperience with some of the following is helpful (not all required):Microsoft Defender for Cloud, AWS Security Hub, GuardDuty, GCP Security Command Center.Microsoft Sentinel, AWS CloudTrail, Config, KMS, GCP Cloud Logging.CSPM: Prisma Cloud, Wiz, Orca, Lacework, CloudGuard.CIEM: SailPoint, Saviynt, Veza.Identity & Access ManagementAzure AD/Entra ...

Cloud Security Engineer (Azure/M365) | SC Clearance needed | Remote + Client Visits We're working with a growing, security-focused organisation that is investing heavily into its cloud security capability and looking to bring in a Cloud Security Engineer to support both internal platforms and client environments. … work in Cheltenham office if preferred. The Role: You'll play a key role in designing, improving and maintaining cloud security across Azure and Microsoft 365, working closely with technical teams and stakeholders to ensure environments are secure, compliant and continuously improving. This is a hands-on position ...

objectives. Providing support to police forces for the onboarding and maintenance of system log sources. Configuring and maintaining the NMC central Microsoft Azure, Lighthouse and Sentinel platform. Developing, maintaining, and deploying detection rules and other SIEM content. Creating custom solutions using both low-code and traditional … development approaches. Providing support to forces for the configuration of Sentinel and log sources. Testing and implementing new Sentinel connectors. Working with wider NMC teams, contributing to Continual Service Improvement and innovations. Creating and maintaining technical design documentation. Working with the PDS design team and wider ...

London are looking for a seasoned Information Security Lead to be the authority across all Information Security and Cloud Infrastructure; ensuring Azure, Microsoft 365, and SaaS platforms are secure, resilient, and compliant. The role combines hands-on technical security expertise with risk management, governance, and assurance, supporting business … enablement, rather than day-to-day service desk operations. The ideal candidate will have strong technicals skills across the following: Microsoft Entra ID (Azure AD): Conditional Access, MFA, Passwordless authentication, Identity Protection, PIM, Phishing resistant MFA configurations Zero Trust architecture and least-privilege access models Identity governance, access ...

Previously worked as a Threat Detection Engineer or in a similar role. Must have strong expertise in KQL. Hands-on experience with Microsoft Sentinel and Defender (Endpoint, Office 365). Familiarity with Microsoft Entra ID, including Identity Governance. Experience with Microsoft Purview, particularly DLP and data protection tools. … Exposure to cloud-native logging in Azure and Kubernetes environments. Understanding of “detection as code” or “everything as code” approaches, including CI/CD pipelines. Experience working with or alongside MSP SOC teams. Awareness of Agile methodologies and ways of working. Knowledge of attacker TTPs, threat modelling ...

Previously worked as a Threat Detection Engineer or in a similar role. Must have strong expertise in KQL. Hands-on experience with Microsoft Sentinel and Defender (Endpoint, Office 365). Familiarity with Microsoft Entra ID, including Identity Governance. Experience with Microsoft Purview, particularly DLP and data protection tools. … Exposure to cloud-native logging in Azure and Kubernetes environments. Understanding of “detection as code” or “everything as code” approaches, including CI/CD pipelines. Experience working with or alongside MSP SOC teams. Awareness of Agile methodologies and ways of working. Knowledge of attacker TTPs, threat modelling ...

Cyber Security Engineer Tech Focus: Azure/Microsoft 365/Purview/Defender/Sentinel Rate: Circa £500/day Inside IR35 Location: Fully Remote Duration: 6 Months This is a fantastic opportunity for a Cyber Security Engineer to join a small but growing Cloud/… Azure team within a global organisation in the construction consultancy sector. The business has now fully moved into Azure Cloud and is looking to strengthen and mature its cyber security posture. You’ll be joining a highly skilled and well‐established security and cloud team that ...

government organisation to recruit a Principal Cyber Security Engineer on a 2-year FTC. The role requires someone with a strong background in Azure infrastructure, as well as AWS experience and Windows Server knowledge. Key Responsibilities: Technically Proficient Implementing Security Controls Administration of SIEM tools and Security Controls … Sentinel, Defender, DarkTrace) Incident Response Security Operations Centre Vulnerability Management & Reporting Continuous Improvement Training & Awareness Secure Architecture Support Compliance and Framework Alignment Essential Skills: Experience with Microsoft Sentinel, Microsoft Defender for Endpoint/Cloud SIEM tools, threat intelligence platforms, and vulnerability management Technical experience securing Microsoft ...

Strong leadership and team management capability * Expertise in Incident Response and Vulnerability Management processes * Hands-on experience with Microsoft security technologies (Defender suite, Sentinel) * Experience developing and maintaining operational security procedures and documentation * Alert tuning and optimisation to reduce false positives * Ability to define, measure, and report … automation techniques (SOAR tools, scripting) * Understanding of threat intelligence and proactive threat hunting * Strong communication and stakeholder engagement skills DESIRABLE * Familiarity with Azure and AWS security operations * Understanding of regulatory and compliance requirements in operational security * Certifications such as CISSP, CISM or equivalent TO BE CONSIDERED: Please either ...

leadership/SOC management roles Strong hands-on knowledge of SIEM, SOAR and EDR technologies Experience with tools such as LogRhythm, Splunk, Microsoft Sentinel, Securonix Understanding of incident response frameworks and SOC operating models Experience working in enterprise or managed SOC environments Strong stakeholder communication and incident management … capabilities Desirable certifications: CISSP or CISM GIAC certifications (GCIH/GCIA/GCFA/GCTI/GMON) CEH or CompTIA CySA+ Azure security certifications (AZ-500/SC-200) This role is ideal for a senior SOC professional who enjoys leading security operations, improving detection capabilities, and working ...

will: • Lead and schedule the SOC Engineering team across onboarding and live service activity • Own technical delivery during customer onboarding and transition • Oversee Sentinel connector deployment, Defender integration, rule tuning and SOAR playbooks • Ensure structured service handover into SOC operations with clear documentation • Act as escalation point … logic, automation and enrichment capability • Drive engineering standards, reporting clarity and workload discipline • Coach and develop junior engineers • Maintain technical authority across Microsoft Sentinel, Defender suite, Entra ID and Azure security architecture What Success Looks Like • Onboarding delivered on time with validated integrations • Clean handover into ...

security operations Key Skills & Experience 1–2 years’ experience in a SOC Analyst or security monitoring role Experience working with SIEM platforms (Microsoft Sentinel beneficial) Understanding of common cyber threats and attacker techniques Exposure to Microsoft security technologies such as Defender or Azure security tools Strong ...

expanding its cyber security team and is looking for a Senior Cyber Security Engineer to help strengthen security across a hybrid infrastructure and Azure environment. This role sits within the prevent and protect pillar of the cyber function , focusing on implementing security controls and improving the organisation … into platforms, projects and cloud services across the business. What you will be doing Improving security across a hybrid infrastructure environment that includes Azure and on premise systemsDesigning and implementing security controls across identity, endpoint and infrastructure platformsSupporting infrastructure and technology projects by providing practical security guidanceStrengthening Azure ...

Cisco Nexus Switching, ASA/Firepower Fortinet (ideally certified), Check Point (CCSE/CCSM), Palo Alto Load balancing technologies AWS and/or Azure VMware (ESXi, vSAN) Windows & Linux Servers Network monitoring tools SIEM tooling (Defender/Sentinel) ITIL exposure (incident/change management) Server rack ...

+ on call worth approx. £4k - £6k, excellent benefits) Skills: Cisco, Networking projects, SD-WAN, VLAN, Static & Dynamic Routing, Azure vWAN, Driving Licence We are looking to recruit a Network Engineer for a leading public sector organisation based in Warwick. This is an excellent opportunity for a Network … Required: Proven experience in network project delivery , not just day-to-day support. Strong knowledge of Cisco, SD-WAN, VLAN, Static & Dynamic Routing, Azure vWAN . Experience with Avaya telephony (desirable but not essential). Familiarity with AWS, Zscaler, SolarWinds, Sentinel . Ability to write ...

innovation, challenge existing approaches and support both internally delivered and third-party services. Essential Skills & Experience required: Substantial knowledge of Cisco, Avaya telephony, Azure, AWS, zScaler, SolarWinds and Sentinel gained through significant experience within similar size organisations. Strong knowledge of network Monitoring & Management alongside Supplier Management … experience. Strong Knowledge of SD Wan, VLAN Azure vWan. Strong Knowledge of Static and Dynamic routing. Successful in applying industry best practice with a knowledge of ISO 20000 (Service Management) and ITSM. Authoring of Technical Design documents and Service artefacts. Can demonstrate experience of supporting, building and maintain ...