76 to 100 of 104 Azure Sentinel Jobs in the UK

who is looking to take on a Senior role whilst still being very hands on. Experience required Familiar with NIST, ISO 27001, ITIL Azure - 5 years experience Info Sec (Azure AD, Defender, Sentinel) Audits and report writing Assessments Vulnerability Management and Pen Testing Zero More ❯

Threat Detection - Specializing in SIEM tools to identify anomalies across cloud and data center environments, while developing and maintaining security monitoring during the Azure transition. Incident Response & Threat Hunting - Assisting in containment, eradication, and recovery of incidents, proactively hunting for threats, and mitigating operational risks. Risk & Threat Management … of IT domains like OS, databases, networks, or applications It's a bonus if you have: Qualifications in Cyber Security Knowledge of Microsoft Sentinel and Microsoft Azure (including certifications such as AZ-900, SC-900, SC-200 or AZ-500) If this role is of interest More ❯

leads detailed risk assessments, implements industry-standard frameworks (NIST, NCSC, NIS2), and actively manages SIEM/XDR tools such as IBM QRadar, Microsoft Sentinel, and Defender XDR. This role involves deeper client interaction, proactive risk management, and advanced threat detection consulting. Candidates must have demonstrated customer-facing experience … NIS2, NIST 800-30). Proficient in risk assessment methodologies (NIST 800-30). Hands-on experience with SIEM/XDR solutions (QRadar, Sentinel, Defender XDR). Familiarity with cloud security principles across AWS, Azure, and GCP, particularly within managed services environments. Key Experience/Qualifications … Analyst Certification (Desirable) Microsoft Certified Security Operations Analyst Associate (Desirable) EC-Council ECIH (Incident Handling) (Desirable) Multi-cloud Security Fundamentals training (AWS/Azure/GCP) (Desirable) GCIH (Desirable) Soft Skills, Including Associate level: Relationship Building Critical Problem Solving Effective Communication Conflict Resolution More ❯

leads detailed risk assessments, implements industry-standard frameworks (NIST, NCSC, NIS2), and actively manages SIEM/XDR tools such as IBM QRadar, Microsoft Sentinel, and Defender XDR. This role involves deeper client interaction, proactive risk management, and advanced threat detection consulting. Candidates must have demonstrated customer-facing experience … NIS2, NIST 800-30). Proficient in risk assessment methodologies (NIST 800-30). Hands-on experience with SIEM/XDR solutions (QRadar, Sentinel, Defender XDR). Familiarity with cloud security principles across AWS, Azure, and GCP, particularly within managed services environments. Key Experience/Qualifications … Analyst Certification (Desirable) Microsoft Certified Security Operations Analyst Associate (Desirable) EC-Council ECIH (Incident Handling) (Desirable) Multi-cloud Security Fundamentals training (AWS/Azure/GCP) (Desirable) GCIH (Desirable) Soft Skills, Including Associate level: Relationship Building Critical Problem Solving Effective Communication Conflict Resolution More ❯

Citi's Cloud Incident Response (Cloud IR) team seeks a Senior Vice President of Microsoft 365 (M365) and Azure Incident Response to lead and oversee the organization's incident response operations within the M365 environment. You will work closely with stakeholders to ensure effective security incident response with … organization through critical security challenges within the M365 ecosystem. Responsibilities: Own and lead Citi's response to security incidents in our M365 and Azure platforms Build and sustain a high-performing security operations team skilled in managing M365 incidents Collaborate with relevant engineering teams to gain an in … depth and accurate understanding of Citi's M365 landscape Proactively identify gaps in M365/Azure Incident Response capabilities (processes, procedures and playbooks) and take ownership to deliver and mature these continually Ensure readiness for various incident response scenarios based on historical data but also proactively identifying new More ❯

solve complex challenges, and deliver solutions tailored to modern enterprise needs. Design and implement robust cloud security architectures across multi-cloud platforms (AWS, Azure, Google Cloud). Design and deploy IAM solutions to ensure robust authentication, authorisation and access controls. Lead threat modelling exercises to identify, assess and … mitigate risks in systems and applications. Lead the design, implementation and optimisation of SIEM solutions (e.g. Splunk, Sentinel). Integrate SIEM systems with other security tools like EDR, SOAR and threat intelligence feeds. Skills Extensive experience in Cyber Security, with a significant portion in a leadership role. A … SOC engineering tools combined with expertise in either cloud security, Identity & Access Management or threat modelling. Proficiency in cloud platforms and services (AWS, Azure, GCP) with deep knowledge of native security tools. Hands-on experience designing and implementing SIEM solutions in enterprise environments. Skilled in scripting and automation More ❯

solve complex challenges, and deliver solutions tailored to modern enterprise needs. Design and implement robust cloud security architectures across multi-cloud platforms (AWS, Azure, Google Cloud). Design and deploy IAM solutions to ensure robust authentication, authorisation and access controls. Lead threat modelling exercises to identify, assess and … mitigate risks in systems and applications. Lead the design, implementation and optimisation of SIEM solutions (e.g. Splunk, Sentinel). Integrate SIEM systems with other security tools like EDR, SOAR and threat intelligence feeds. Skills Extensive experience in Cyber Security, with a significant portion in a leadership role. A … SOC engineering tools combined with expertise in either cloud security, Identity & Access Management or threat modelling. Proficiency in cloud platforms and services (AWS, Azure, GCP) with deep knowledge of native security tools. Hands-on experience designing and implementing SIEM solutions in enterprise environments. Skilled in scripting and automation More ❯

the secure operation of their services. Key Responsibilities: Implement and manage security tools and technologies: Deploy and manage security solutions such as Microsoft Sentinel for SIEM and Tanium for Threat and Vulnerability Management (TVM). Conduct security assessments and vulnerability scans: Regularly assess the security posture of applications … with regulatory requirements by responding to inquiries and coordinating with regulatory bodies. Enforce best security practises in our CI/CD pipelines using Azure DevOps: Ensure that all stages of the development and deployment process are secure, from code commit to production release. Collaborate with development and operations … in DevSecOps, DevOps, and/or security related role. Strong understanding of security principles and practices. Experience with CI/CD tools, specifically Azure DevOps. Proven ability to monitor security systems and respond to incidents effectively. Knowledge of firewalls, VPNs, IDS/IPS, and other network security technologies. More ❯

hours support. Stay updated with the latest security threats, vulnerabilities, and trends to improve detection capabilities. Skills & Qualifications Essential: Experience working with Microsoft Sentinel, Defender XDR, and/or other SIEM/XDR solutions. Strong understanding of log collection, parsing, and correlation for security monitoring. Experience in developing … detection rules. Familiarity with automation and integration tools such as Logic Apps, Power Automate, or other SOAR platforms. Knowledge of cloud security, particularly Azure, AWS, and Google Cloud. Excellent documentation skills and process-building capabilities. Great communication skills and ability to work collaboratively in a team. Desirable (Not More ❯

critical cyber security controls, common tools, and techniques. Desirable: DLP: Symantec DLP, Microsoft DLP, Netskope DLP, Proofpoint DLP. IaC Frameworks: Terraform, OPA, HashiCorp Sentinel, etc. Security Infrastructure: Splunk, Archer, HIVE. Cloud: Azure, M365, AWS. Database: Oracle, MSSQL, SQLite. Non-Technical Attributes Must Have: Problem Solving: Excellent More ❯

NIS2, NIST 800-30) Confident in using risk assessment methodologies (NIST 800-30). Hands-on experience with SIEM/XDR solutions (QRadar, Sentinel, Defender XDR) Familiarity with cloud security principles across AWS, Azure, and GCP, ideally within a managed services environment Ideal candidates will hold … CySA+ Any SIEM Analyst Certification Microsoft Certified Security Operations Analyst Associate EC-Council ECIH (Incident Handling) Multi-cloud Security Fundamentals training (AWS/Azure/GCP) GCIH (GIAC Certified Incident Handler) What’s on offer?: Gym Membership Scheme Holidays – starting at 24 days + Bank Holidays Pension Plan More ❯

NIS2, NIST 800-30) Confident in using risk assessment methodologies (NIST 800-30). Hands-on experience with SIEM/XDR solutions (QRadar, Sentinel, Defender XDR) Familiarity with cloud security principles across AWS, Azure, and GCP, ideally within a managed services environment Ideal candidates will hold … CySA+ Any SIEM Analyst Certification Microsoft Certified Security Operations Analyst Associate EC-Council ECIH (Incident Handling) Multi-cloud Security Fundamentals training (AWS/Azure/GCP) GCIH (GIAC Certified Incident Handler) What’s on offer?: Gym Membership Scheme Holidays – starting at 24 days + Bank Holidays Pension Plan More ❯

architecture. Participates in high-level estimation. About You: Skills & Experience: Experience with architecture frameworks such as TOGAF, Zachman, etc. Established experience with Microsoft Azure organization management such as Contoso, Subscriptions, Landing Zones, Service Principals, Managed Identities, B2C, Entra, Monitor, Roles, Policy, etc. is preferred. Established experience with Microsoft … Azure resources (ACA, ACR, Functions, Logic Apps, Health Data Services, APIM) is preferred. Experience with Microsoft security tools such as Sentinel, WAF, DDoS Protection, Bastion, etc. is preferred. Experience with Amazon Web Services (AWS S3, EC2, Lambda, Step Functions, Event Hub, Log Analytics, IAM, API Gateway … SDLC as per IEC62304 is desired. Experience with end-to-end DevOps (from requirements to implementation to production to operations) tools such as Azure DevOps, GitHub, etc. is desired. Possess an understanding of Risk Management, Disaster Recovery, Business Continuity, IT Security Architecture, and IT Regulatory Compliance. Experience with More ❯

our clients cloud and physical infrastructure by developing and maintaining scalable, proactive security controls, processes, and tools. Key Responsibilities: Secure physical and Microsoft Azure cloud infrastructure using modern, risk-based approaches. Design, implement, and maintain security controls, templates, and baselines for cloud environments. Automate repetitive tasks to enhance … Deploy and manage tools such as Microsoft Defender for Cloud, Defender for Endpoint, and Nessus. Collaborate with our outsourced SOC team to enhance Sentinel SIEM, runbooks, and threat detection. Lead investigations into security incidents and conduct proactive threat hunting. Manage endpoint security, patching, vulnerability scanning, and system hardening. … infrastructure practices. Participate in a 1-in-6 on-call rota after completing probation. Key Requirements: Hands-on knowledge of SIEM platforms (preferably Sentinel), EDR, and vulnerability management. Familiarity with frameworks like Cyber Essentials Plus and ISO 27001. Experience in securing hybrid cloud environments (Microsoft Azure More ❯

hybrid working model with flexibility built in. Technical Skills Proven experience in a SOC Analyst role Hands-on experience with SIEM (ideally Microsoft Sentinel) and EDR tools (preferably Microsoft Defender) Confident configuring and deploying Microsoft Defender and Azure security technologies Understanding of core networking protocols (TCP More ❯

role in driving digital transformation, we'd love to hear from you. KEY RESPONSIBILITIES: The ideal candidate will have hands-on experience with Azure services, Microsoft 365 administration, Intune, and security best practices. Collaborate with the cybersecurity department to align security policies and ensure compliance with organisational standards. … asset management. Risk & Compliance: Establish and maintain checks and balances to mitigate cyber, disaster recovery, and regulatory risks. Deploy, configure, and manage Microsoft Azure services including Virtual Machines (VMs), Networking, Identity & Access Management (IAM), and Security tools. Administer and optimize Microsoft 365 services (Exchange Online, Teams, SharePoint, OneDrive … . Configure and manage Intune (Endpoint Manager) for device compliance, application deployment, and security policies. Implement Azure AD, MFA, Conditional Access, and security best practices to protect identities and data. Monitor security logs and compliance reports using Microsoft Defender, Sentinel, and Security Centre. Ensure compliance with More ❯

end-to-end delivery of security tools engineering projects, from requirements gathering through deployment and validation. Integrate SOC tooling with cloud platforms (AWS, Azure, GCP), log sources and other enterprise systems. Establish automation and orchestration pipelines to improve detection, response and remediation workflows. Skills 8+ years in Cyber … Security, with 5+ years in SOC or security engineering roles. Deep expertise in security technologies such as: SIEM: Splunk, Microsoft Sentinel, Exabeam, LogRhythm etc. SOAR: Palo Alto XSOAR, Splunk SOAR, IBM Resilient etc. EDR/NDR: CrowdStrike, SentinelOne, Darktrace, Vectra etc. Strong experience in scripting (e.g. Python, PowerShell More ❯

end-to-end delivery of security tools engineering projects, from requirements gathering through deployment and validation. Integrate SOC tooling with cloud platforms (AWS, Azure, GCP), log sources and other enterprise systems. Establish automation and orchestration pipelines to improve detection, response and remediation workflows. Skills 8+ years in Cyber … Security, with 5+ years in SOC or security engineering roles. Deep expertise in security technologies such as: SIEM: Splunk, Microsoft Sentinel, Exabeam, LogRhythm etc. SOAR: Palo Alto XSOAR, Splunk SOAR, IBM Resilient etc. EDR/NDR: CrowdStrike, SentinelOne, Darktrace, Vectra etc. Strong experience in scripting (e.g. Python, PowerShell More ❯

Practical experience with cloud environments, particularly hybrid cloud solutions. Familiarity with private cloud technologies like VMware and public cloud platforms such as Microsoft Azure is essential. A sound understanding of project management methodologies such as Agile, Waterfall, and PRINCE2. Knowledge of cyber attack modelling and breach investigation techniques. … understanding of CSIRT and incident response processes. Experience working with incident response providers is a bonus. Experience with Microsoft Defender products and Microsoft Sentinel is advantageous. Certifications (Desirable but not Essential): CISMP (Advantageous) SC-900, AZ-900 (Advantageous) CISSP, CISM (Advantageous) SC-200, SC-300, SC-400, AZ More ❯

requirements. Incident Response Planning: Experience developing incident response procedures and conducting tabletop exercises. Security Automation & Monitoring: Familiarity with SIEM tools like Splunk, Microsoft Sentinel, or Elastic Security. Domain Knowledge Regulatory Frameworks: Deep understanding of compliance standards such as ISO 27001, NIST, CIS Controls, SOC 2, GDPR, HIPAA, and … control, vendor risk management, and incident response. Identity & Access Management (IAM): Deep knowledge of authentication mechanisms (RBAC, SSO, MFA) and tools like Okta, Azure AD, AWS IAM. Configuration Management & Hardening: Ensuring devices are configured to security standards, applying secure baseline templates (CIS benchmarks). Zero Trust Architecture: Implementing More ❯

The Lead Cyber Security Consultant strategically oversees advanced cybersecurity operations, designs comprehensive client security roadmaps, and manages complex multi-tool environments (e.g QRadar, Sentinel, Datadog, Chronicle SIEM, XDR). The role requires advanced strategic engagement with client stakeholders at senior levels, proactive threat management, governance, risk and compliance … creation aligned to NIST 800-53, NIS2, and related frameworks. Oversee large-scale, multi-platform SIEM/XDR deployments and integrations (e.g QRadar, Sentinel, Datadog, Google Chronicle, XDR). Ensure effective governance, risk, and compliance alignment within client organizations. Manage and resolve complex and critical cybersecurity incidents. Present … strategic cybersecurity reports and updates to C-Suite and Board-level stakeholders. Advise clients strategically on multi-cloud security posture (AWS, Azure, GCP), promoting best practices and industry standards. Required Technical Skills: Expertise in strategic cybersecurity frameworks (NIST CSF (800-53), NCSC CAF, NIS2). Advanced capabilities with More ❯

effectiveness. Requirements Qualifications: Proven experience in a senior development leadership role, preferably within the cybersecurity industry. Familiarity with Microsoft technologies, including Defender products, Sentinel, and Purview. Experience with Agile methodologies and tools such as Azure DevOps, Jira, and Aha!. Excellent leadership, communication, and interpersonal skills. More ❯

capacity planning and platform performance oversight. What You'll Bring: Strong experience in solution design within complex environments Solid knowledge of Microsoft 365, Azure, Active Directory/Entra ID, and security tools (e.g. Microsoft Defender, Sentinel) Experience with Azure, VMware, LAN/WAN, VPN More ❯

capacity planning and platform performance oversight. What You’ll Bring: Strong experience in solution design within complex environments Solid knowledge of Microsoft 365, Azure, Active Directory/Entra ID, and security tools (e.g. Microsoft Defender, Sentinel) Experience with Azure, VMware, LAN/WAN, VPN More ❯

sales capacity designing network and security solutions Knowledge of key networking and security vendors such as Palo Alto, Fortinet, Sophos, Microsoft Defender/Sentinel, Cisco and HPe Aruba Familiarity with cloud security platforms (Azure, AWS) and hybrid environments Exposure to network segmentation, zero trust architectures, and More ❯