risk, prioritise remediation, and strengthen their overall cloud security posture. You'll work with a variety of leading cloud security platforms including Orca Security, Microsoft Defender XDR, MicrosoftSentinel, Microsoft Purview and the broader Microsoft 365 security suite. In this role, you will support the design and implementation of cloud-native security solutions, perform in-depth security assessments … roadmaps, aligning with regulatory, compliance, or cloud governance frameworks (e.g. NIST, ISO, CIS). Conduct gap analysis and risk assessments aligned to cloud security frameworks (e.g., CIS Benchmarks, Azure Well-Architected Framework). Support pre-sales efforts, including solution scoping, client demos, and bid/tender responses where required. While this is a hybrid role, there may be … Security Stack, including Defender for Endpoint, Defender for Identity, Defender for Office 365, Microsoft Defender for Cloud Apps, and Microsoft Defender for Cloud. Hands-on experience with MicrosoftAzure security controls and services; equivalent exposure to GCP or AWS is also acceptable. Proficiency with CSPM, CNAPP, or vulnerability management platforms. Sound understanding of cloud security design principles, including More ❯
overseeing the organisation's IT operations, ensuring the stability, continuity, security, and efficiency of its technology platforms within a global commercial insurance environment. While Microsoft technologies (Microsoft 365, Azure, Exchange Online) form a core part of the infrastructure, the role also encompasses broader enterprise IT systems, multi layered networking, security, data management, and third-party platforms that support … and data. Oversee the adoption of zero-trust security principles to enhance protection across cloud platforms. Manage identity and access management (IAM) in a cloud-first environment, including Azure AD, MFA, Conditional Access, SSO, and Privileged Access Management (PAM). Lead threat monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel … and API security for robust protection across all assets Define, manage and maintain accurate DR and BCP plans for the infrastructure area with biannual tests. Technical Experience MicrosoftAzure Infrastructure design and administration, including topology, Azure networking, services, and component knowledge, Microsoft AD (Entra), Server and SQL experience, O365 administration and design Global Software Patching and More ❯
overseeing the organisation's IT operations, ensuring the stability, continuity, security, and efficiency of its technology platforms within a global commercial insurance environment. While Microsoft technologies (Microsoft 365, Azure, Exchange Online) form a core part of the infrastructure, the role also encompasses broader enterprise IT systems, multi layered networking, security, data management, and third-party platforms that support … and data. • Oversee the adoption of zero-trust security principles to enhance protection across cloud platforms. • Manage identity and access management (IAM) in a cloud-first environment, including Azure AD, MFA, Conditional Access, SSO, and Privileged Access Management (PAM). • Lead threat monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel … and API security for robust protection across all assets • Define, manage and maintain accurate DR and BCP plans for the infrastructure area with biannual tests. Technical Experience • MicrosoftAzure Infrastructure design and administration, including topology, Azure networking, services, and component knowledge, • Microsoft AD (Entra), Server and SQL experience, • O365 administration and design • Global Software Patching and More ❯
years’ experience within a similar support based role, ideally in the managed services space across the Microsoft technology stack Experience in Entra ID, Intune, and Azure. Knowledge of Sentinel, and Microsoft Defender. Experience working within a SOC environment would be advantageous. Demonstrable experience in forming collaborative working relationships with customers and other internal stakeholders. Confidence in effectively communicating More ❯
deal shaping. • Develop and maintain long-term strategic client relationships. • Design, implement, and integrate security, incident, and event management solutions into Security Operations, with a particular interest in Azure Sentinel. • Understand threat modelling, risk, and how to mitigate risks concerning applications from internal and external threat actors. • Have a deep understanding of incident response processes and techniques for More ❯
and booking couriers for client equipment is desirable. Broad technical knowledge should include solutions such as ConnectWise, RMM systems (Asio/Addigy), Mac & Windows OS, Active Directory/Azure Active Directory, Virtual machines (Oracle & Hyper-V), hardware build/deployment, printers/peripherals, cloud services (Microsoft 365, Google Workspace, Dropbox), Microsoft MDM Software (Intune, Addigy, Jamf, Apple Business More ❯
e.g., CISSP, CCSP, CCNA, SABSA). Desirable Skills: Experience with cloud, on-prem, SaaS, PaaS, and IaaS environments. Security incident response background. Coding/scripting ability. Familiarity with Azure Sentinel. Benefits: £5,400 car allowance 25 days annual leave with the option to purchase additional days Private medical insurance Life assurance Pension scheme Generous flexible benefits fund Salary More ❯
overseeing the organisation's IT operations, ensuring the stability, continuity, security, and efficiency of its technology platforms within a global commercial insurance environment. While Microsoft technologies (Microsoft 365, Azure, Exchange Online) form a core part of the infrastructure, the role also encompasses broader enterprise IT systems, multi layered networking, security, data management, and third-party platforms that support … and data. Oversee the adoption of zero-trust security principles to enhance protection across cloud platforms. Manage identity and access management (IAM) in a cloud-first environment, including Azure AD, MFA, Conditional Access, SSO, and Privileged Access Management (PAM). Lead threat monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel … and API security for robust protection across all assets Define, manage and maintain accurate DR and BCP plans for the infrastructure area with biannual tests. Technical Experience MicrosoftAzure Infrastructure design and administration, including topology, Azure networking, services, and component knowledge, Microsoft AD (Entra), Server and SQL experience, O365 administration and design Global Software Patching and More ❯
customers, conducting occasional site visits, and helping optimise IT systems and services. This is an exciting opportunity to work with a broad tech stack including Windows, Microsoft 365, Azure, networking tools, and security platforms. To thrive as an IT Support Advisor , you must have hands-on experience with Windows 10/11, Active Directory, Microsoft 365, Intune, and More ❯
response pipelines, integrate advanced threat intelligence, and lead the use of behavioural analytics and attack simulation across our environment. Your technical breadth will span modern cloud-native stacks (Azure, GCP), serverless and containerised architectures, and a wide range of security tooling including DLP, SIEM, CNAPP, and XDR, and tools such as Wiz, Darktrace, Microsoft Defender, Intune, and Sentinel. More ❯
decisions. Additionally, you will provide solutions to problems for your immediate team and across multiple teams. Key Requirements: Detailed Hands On SIEM support including policy updates (KQL/Sentinel) Hands On cyber escalations from L1 support Deep dive into data analysis and tools Incident Responder during a MIM Ensuring all SOC processes and docs are current SC Clearance … required Key Skills: SOC SIEM MS AzureSentinel Cyber Incident/Threat Security Breach Operations More ❯
City of London, London, United Kingdom Hybrid / WFH Options
Ntrinsic Consulting
decisions. Additionally, you will provide solutions to problems for your immediate team and across multiple teams. Key Requirements: Detailed Hands On SIEM support including policy updates (KQL/Sentinel) Hands On cyber escalations from L1 support Deep dive into data analysis and tools Incident Responder during a MIM Ensuring all SOC processes and docs are current SC Clearance … required Key Skills: SOC SIEM MS AzureSentinel Cyber Incident/Threat Security Breach Operations More ❯
Engineer - SIEM, KQL- sought by investment bank based in London. *Inside IR35 - 3 days a week on-site** Key Responsibilities SIEM Management & Optimization: Design, implement, and maintain MicrosoftSentinel workspaces, connectors, analytics rules, and playbooks Develop advanced KQL queries for threat hunting and reporting Optimize SIEM performance, cost, and data retention policies Troubleshoot log ingestion and parsing issues … YARA rules, STIX, and YAML Participation in red/purple team exercises. 3+ years in a Security Engineer, SOC Analyst, or similar role Hands-on experience with MicrosoftSentinel and KQL Strong knowledge of Active Directory, Windows/Linux systems, and cloud platforms (Azure, AWS, GCP) Proficiency in scripting (PowerShell, Python) Familiarity with security frameworks (MITRE More ❯
compliance needs. Develop and present tailored SIEM architecture and design strategies, ensuring alignment with client goals and industry best practices. Recommend the best-fit SIEM platform (e.g., Splunk, Sentinel, CS) based on client requirements, budget, and existing security infrastructure. SIEM Implementation & Configuration: Lead the design and configuration of SIEM solutions, ensuring integration with client systems and optimizing for … consulting, with the ability to communicate complex technical concepts clearly and effectively to clients. Technical Expertise Hands-on experience with at least one major SIEM platform (e.g. Splunk, Sentinel or QRadar) and familiarity with cloud security tools such as AWS GuardDuty, Azure Security Center, or Google Cloud Security. Background in client-facing roles or consulting, with More ❯
of some of the following skills, then LETS TALK! Previous experience in a similar role, championing Cloud Operations, DevOps and SRE principles, approaches, and best practices. Experience with Azure DevOps CI/CD Pipelines (or equivalent tooling). Experience of working within an Agile working environment. Defining Infrastructure as Code with all of, or either, Azure Bicep, ARM or Terraform. Excellent experience using Azure in a broad sense i.e: Designing and developing small infrastructures (limited to single systems)Networking infrastructure concepts such as Azure DNS, Azure Firewalls, ExpressRoute, Virtual WANs and vNet Peering.Provisioning of Azure hosted databasesWorking with a hybrid Azure tenant with some … infrastructure in physical data centres Active Directory Identity and Access ManagementPlatform as a Service featuresLogging, Monitoring and Alerting, including Monitor, Alerts, Dashboards, Sentinel; Defender What you'll get in return In return, you will be rewarded with ongoing career development and training, an industry-leading pension scheme and 35 days holiday plus bank holidays. What you need to More ❯
Operations Centre (SOC) environment, managing high volumes of incidents. Deep technical expertise in Microsoft security tools and solutions, including but not limited to Microsoft Defender, E5/A5, Sentinel, and Azure Security. Strong analytical and problem-solving skills, with the ability to make sound decisions under pressure. Demonstrated experience in incident detection, triage, containment, and remediation. More ❯
five years working in an Infrastructure Services role, preferably in structured, managed ICT service environments in a senior engineering capacity - SC Clearance/Ability to gain SC Clearance - Azure networking (private endpoints, Azure firewalls, VPNs, IP Groups etc) - Monitoring/Alerting/log Analytics - Azure AD (Entra)/Local AD - Windows Server, Active Directory … scripting and automation - SD-WAN - SAN Storage: (e.g., HPE Nimble) - Microsoft Windows Server OS - IaaS (Windows/Linux) Desirable experience - IT/Related Degree - Microsoft O365 Administrator - MicrosoftAzure Administrator - CCNA - MCSA/MCSE - ITIL Foundation V3+ - AWS - Sentinel - Logic Apps - API Mgmt. gateways - Intune and Autopilot - Application Proxies - Data management Gateways - Microsoft Data Protection Manager More ❯
such as Infrastructure and Architecture within an agile environment. This position supports the bank's Security, Digital, and Cloud strategies. Duties and responsibilities Experience with SIEM tools (MS Sentinel advantageous) Understanding of Web technologies and Web Application Firewalls (WAF) Knowledge of Windows Server infrastructure (2012, 2016, 2019), Active Directory, and Azure AD Ability to understand and … with frameworks such as ISO 27001/2, SOC, NIST, or COBIT About You Skills Recognized leading security qualification or working towards one (e.g., CiSP, CompTIA) Ideally MicrosoftAzure certifications such as AZ-500 or MS-500 Experience working in hybrid cloud environments, adaptable to both on-premises and cloud platforms Ability to articulate technology interoperability and design More ❯
able to obtain SC Clearance or already hold SC clearance. Must have a good understanding on Incident Response approaches Must have knowledge and hands-on knowledge of MicrosoftSentinel (or any SIEM tool). Strong verbal and written English communication. Strong interpersonal and presentation skills. Strong analytical skills Must have good understanding on network traffic flows and able … and Change Management. Ability to work with minimal levels of supervision. Threat Hunting & Detection (IOC & IOA Analysis, TTP Profiling, Cyber Kill Chain) SIEM Fine-Tuning & Optimisation (QRadar, Splunk, Sentinel, ArcSight) Incident Response & Forensics (MITRE ATT&CK, DFIR, Log Analysis) Threat Intelligence Analysis Security Analytics & Automation (SOAR, YARA Rules, Sigma Rules) Malware Analysis & Reverse Engineering Network & Endpoint Security Monitoring … a SOC/NOC environment. Preferably holds Cyber Security Certification e.g. ISC2 CISSP, GIAC, SC-200, Certified SOC Analyst Experience with Cloud platforms (AWS and/or MicrosoftAzure) Excellent knowledge of Microsoft Office products, especially Excel and Word Reports to Security Director - NTT DATA UK Security Practice Client Delivery Director - NTT DATA UK Managed Services Who we More ❯
SP 800-53 standards. Conduct periodic access rights reviews, conditional access log audits, and on-demand access audits. Monitoring & Response Monitor identity-related telemetry via Defender for Endpoint, Sentinel, and Defender for Cloud. Respond to alerts and anomalies related to authentication, session activity, and privilege escalation. Requirements Hands-on experience in IAM or broader information security roles. Familiarity … .Excellent communication skills and ability to work independently in a fast-paced environment. Experience with scripting or automation (e.g., PowerShell, Python) is a plus. Strong technical background in Azure AD (Entra ID), Microsoft 365, and VPN security. A true team player with a winning mentality and strong work ethic committed to continuous improvement and high performance. Adaptable, tenacious More ❯
the business forward - ensuring that security controls, policies and technologies effectively protect the organisation's assets, infrastructure and data. They are using the MS Security Stack including Defender, Sentinel and Entra ID, and are very ahead-of-the-curve in their respective sector. The ideal candidate will have come from a hands-on Engineering background, who loves being … UK, with travel into London around once or twice a month depending on where you live (expenses-paid). Responsibilities: * Implement and manage security controls for Microsoft and Azure infrastructure. * Lead vulnerability management and incident response. * Enhance security monitoring and IAM with Microsoft tools. * Drive security architecture and ensure endpoint security. * Support M&A security assessments and maintain … compliance. Requirements: * Experience in a Cyber Security leadership-level role * Proven experience with the MS Security Stack including Defender (Endpoint, Identity, Cloud), Sentinel (SIEM), Entra ID Security Features, and Purview * Knowledge of Azure Security controls, including Azure Firewall, Key Vault, Conditional Access, and Azure Network Security * Familiarity with standards such as ISO More ❯
M365 Azure Security Specialist Location: Remote Rate: £500 per day Inside IR35 Duration: 4 months Start Date: ASAP We're working with a leading financial services organisation seeking a Microsoft 365 Azure (Policy, Resource Manager) Security Specialist to join on a contract basis and lead the design, implementation and optimisation of M365 security services across the … security posture within the Microsoft 365 ecosystem (Defender XDR, Purview, Entra ID, etc.) Configure and fine-tune Microsoft Defender for Office 365, Identity, Endpoint and Cloud Apps Bring Azure Policy and Resource Manager knowledge/experience into the team Define and implement security baselines and compliance policies for M365 workloads Lead investigations and incident response leveraging Microsoft security … security, infrastructure and architecture teams to ensure alignment with overall cloud strategy Required Skills & Experience: Proven expertise in Microsoft 365 security technologies (Defender suite, Purview, Entra ID, Intune) Azure Policy and Azure Resource Manager experience is essential Strong knowledge of Zero Trust principles, conditional access and data loss prevention Experience working in regulated enterprise environments Hands More ❯
areas, including: Data Loss Prevention (DLP) Information Protection (Sensitivity Labels, encryption, etc.) Insider Risk Management eDiscovery & Communication Compliance Data Lifecycle Management & Records Management Information Barriers Demonstrable experience with Azure and Microsoft cloud services. A passion for problem-solving, collaborative team working, and an excitement for creating innovative solutions. Experience delivering customer facing presentations to technical senior stakeholders. Excellent … Identity Governance, Internet Access, Private Access) Microsoft 365 Defender (Defender for Endpoint, Defender for Office 365, Defender for Identity, Defender for Cloud Apps) Microsoft Defender for Cloud MicrosoftSentinelMicrosoft Copilot for Security Microsoft Intune Experience delivering security in AWS and/or GCP environments. Knowledge of scripting languages such as PowerShell, Python or BASH. Knowledge of industry More ❯
DevOps environment and following DevOps practices. A good working knowledge of multi-cloud environments, or expert knowledge in at least one recognised major cloud services provider,(eg AWS, Azure etc) network security, and secure software development. Incident management and alerts triage experience Experience in MicrosoftSentinel Strong understanding of security principles, technologies, and frameworks (eg, NCSC More ❯
