76 to 100 of 127 Azure Sentinel Jobs

help shape something rather than simply follow a process, this is the right environment for you. Core Responsibilities: Security Monitoring & Incident Response Monitor security alerts generated by Microsoft Sentinel, Microsoft Defender, Datadog and Elastic. Assess severity and impact of alerts, triage and investigate incidents independently. Execute containment and remediation actions using defined runbooks and playbooks. Correlate data across … RCA and after-action reviews for internal and client use. Maintain accurate incident records in JIRA Service Management. Detection Engineering Develop and implement new detection rules in Microsoft Sentinel aligned to the MITRE ATT&CK framework. Draft and optimise KQL queries for detection and threat hunting. Refine existing detection logic based on false positive analysis and threat evolution. … University educated with a degree in computer science, information security or equivalent At least one year of experience in a SOC environment monitoring and responding to incidents Microsoft Sentinel and Defender hands-on expertise SC-200 certification or willingness to achieve it Within commuting distance (~1 hour) of Canary Wharf, London Technical Skills Strong KQL skills for threat More ❯

help shape something rather than simply follow a process, this is the right environment for you. Core Responsibilities: Security Monitoring & Incident Response Monitor security alerts generated by Microsoft Sentinel, Microsoft Defender, Datadog and Elastic. Assess severity and impact of alerts, triage and investigate incidents independently. Execute containment and remediation actions using defined runbooks and playbooks. Correlate data across … RCA and after-action reviews for internal and client use. Maintain accurate incident records in JIRA Service Management. Detection Engineering Develop and implement new detection rules in Microsoft Sentinel aligned to the MITRE ATT&CK framework. Draft and optimise KQL queries for detection and threat hunting. Refine existing detection logic based on false positive analysis and threat evolution. … University educated with a degree in computer science, information security or equivalent At least one year of experience in a SOC environment monitoring and responding to incidents Microsoft Sentinel and Defender hands-on expertise SC-200 certification or willingness to achieve it Within commuting distance (~1 hour) of Canary Wharf, London Technical Skills Strong KQL skills for threat More ❯

help shape something rather than simply follow a process, this is the right environment for you. Core Responsibilities: Security Monitoring & Incident Response Monitor security alerts generated by Microsoft Sentinel, Microsoft Defender, Datadog and Elastic. Assess severity and impact of alerts, triage and investigate incidents independently. Execute containment and remediation actions using defined runbooks and playbooks. Correlate data across … RCA and after-action reviews for internal and client use. Maintain accurate incident records in JIRA Service Management. Detection Engineering Develop and implement new detection rules in Microsoft Sentinel aligned to the MITRE ATT&CK framework. Draft and optimise KQL queries for detection and threat hunting. Refine existing detection logic based on false positive analysis and threat evolution. … University educated with a degree in computer science, information security or equivalent At least one year of experience in a SOC environment monitoring and responding to incidents Microsoft Sentinel and Defender hands-on expertise SC-200 certification or willingness to achieve it Within commuting distance (~1 hour) of Canary Wharf, London Technical Skills Strong KQL skills for threat More ❯

help shape something rather than simply follow a process, this is the right environment for you. Core Responsibilities: Security Monitoring & Incident Response Monitor security alerts generated by Microsoft Sentinel, Microsoft Defender, Datadog and Elastic. Assess severity and impact of alerts, triage and investigate incidents independently. Execute containment and remediation actions using defined runbooks and playbooks. Correlate data across … RCA and after-action reviews for internal and client use. Maintain accurate incident records in JIRA Service Management. Detection Engineering Develop and implement new detection rules in Microsoft Sentinel aligned to the MITRE ATT&CK framework. Draft and optimise KQL queries for detection and threat hunting. Refine existing detection logic based on false positive analysis and threat evolution. … University educated with a degree in computer science, information security or equivalent At least one year of experience in a SOC environment monitoring and responding to incidents Microsoft Sentinel and Defender hands-on expertise SC-200 certification or willingness to achieve it Within commuting distance (~1 hour) of Canary Wharf, London Technical Skills Strong KQL skills for threat More ❯

Operations Centre (SOC) ensuring effective integration. Baseline and conduct regular reviews with an incoming 3rd party managed SOC and the security tools in the Cloud environment (Defender and Sentinel) Oversee security architecture, vulnerability management, incident response, and threat intelligence Lead security risk assessments and manage remediation plans for identified gaps Ensure compliance with financial regulations (e.g. GDPR, PCI … with external auditors, regulators, and security vendors Mentor, hire, and retain high-performing information security talent Experience/Skills Required Managing security for cloud-first environments specifically Microsoft Azure Implementing Security Operations Centres (SOC) and automated security monitoring Collaborate with the third-party risk management and vendor security programmes Experience with DevSecOps practices and secure software development lifecycle … track record of designing and implementing security frameworks (ISO 27001, NIST) Hands-on experience with SIEM, DLP, IAM, and endpoint security technologies, specifically Microsoft Defender XDR, Purview and Sentinel Excellent risk assessment and incident management skills Outstanding communication skills with the ability to influence stakeholders at all levels Strategic mindset with the capability to balance security controls and More ❯

technical and non-technical audiences Preferred Requirements Experience in architecting TDIR platforms or leading detection engineering initiatives Expertise with multiple SIEM platforms such as Google SecOps and MS Sentinel Experience using security data lakes and pipelines such as Cribl, Snowflake, Databricks Splunk Certificated Architect (or Enterprise Security Admin) Bonus Points Track record of thought leadership and infosec community … contributions (conference talks, blog posts, open source) Red team/penetration testing experience Deep cloud security knowledge (AWS/Azure/GCP) Kubernetes/container security knowledge Other security certifications (GIAC, HTB CAPE, PNPT, GCP/WS/Azure Security More ❯

robust security frameworks for enterprise and cloud infrastructures, ensuring scalability, resilience, and alignment with business goals. 🌳 Threat Detection & Incident Response: Deploy and optimise SIEM platforms (e.g., Elastic SIEM , Sentinel SIEM ) and integrate Defender XDR for real-time detection and rapid incident response. 🌳 Cloud Security Enablement: Implement security tooling for Azure and hybrid environments, embedding security into … expertise in SIEM implementation , threat detection , and incident response across cloud and enterprise environments. 🌳 Hands-on experience with cloud-native security platforms such as Microsoft Defender for Cloud , Azure Security , or AWS Security . 🌳 Proficiency with security tools like Snyk , Datadog , CrowdStrike , or similar. 🌳 Knowledge of authentication, authorization, encryption , and vulnerability management . 🌳 Familiarity with secure coding practices More ❯

IAM/PAM architecture and standards aligned to ISO 27001 & NIST. Skills & Experience Proven IAM/PAM implementation experience (e.g. Entra ID, CyberArk, BeyondTrust). Hands-on with Azure AD/Entra ID , Conditional Access & Identity Protection. Understanding of OAuth2.0, SAML, OpenID Connect . Familiarity with ISO 27001, NIST CSF, CAF & GDPR . Experience leading or overseeing MSPs. … Current SC clearance . Desirable: Knowledge of Microsoft Sentinel, Splunk, or Elastic SIEM . Experience in SOC build or cyber transformation projects. Degree/HND in a relevant STEM field. More ❯

with internal teams and third-party suppliers to maximise resources Qualifications Desired qualifications and experience: Minimum 2 years' experience in incident detection, response, and forensics Strong understanding of Azure, Zero Trust Estates, DLP, IDS/IPS, Web-Proxy, and Security Audits Analytical mindset with excellent problem-solving skills Excellent communication and stakeholder engagement skills Self-motivated with a … passion for learning and innovation Sentinel/SIEM certifications Microsoft Security/Identity certifications ISC2 CC or SSCP DevOps/DevSecOps exposure or certifications Who are Solus? Solus, who are owned by Aviva, are one of the UK leaders in vehicle repairs, returning cars to the road in just 11 days on average and a 4.6/ More ❯

with internal teams and third-party suppliers to maximise resources Qualifications Desired qualifications and experience: Minimum 2 years' experience in incident detection, response, and forensics Strong understanding of Azure, Zero Trust Estates, DLP, IDS/IPS, Web-Proxy, and Security Audits Analytical mindset with excellent problem-solving skills Excellent communication and stakeholder engagement skills Self-motivated with a … passion for learning and innovation Sentinel/SIEM certifications Microsoft Security/Identity certifications ISC2 CC or SSCP DevOps/DevSecOps exposure or certifications Who are Solus? Solus, who are owned by Aviva, are one of the UK leaders in vehicle repairs, returning cars to the road in just 11 days on average and a 4.6/ More ❯

cases across SIEM, EDR, and SOAR platforms. Analyze and investigate alerts across cloud and on-prem infrastructures to identify real threats and eliminate false positives. Strengthen visibility across Azure, AWS, and GCP environments, ensuring comprehensive monitoring and detection coverage. Drive threat hunting activities and develop hypotheses based on attacker TTPs and frameworks like MITRE ATT&CK. Collaborate with … team capability. What You’ll Bring Solid background in threat detection, SOC operations, or incident response. Deep understanding of SIEM, EDR, and cloud-native security tooling (e.g., Microsoft Sentinel, Defender, GuardDuty, Chronicle). Hands-on experience developing and tuning detection content for cloud and hybrid environments. Strong grasp of adversarial tactics and techniques and how they translate to More ❯

cases across SIEM, EDR, and SOAR platforms. Analyze and investigate alerts across cloud and on-prem infrastructures to identify real threats and eliminate false positives. Strengthen visibility across Azure, AWS, and GCP environments, ensuring comprehensive monitoring and detection coverage. Drive threat hunting activities and develop hypotheses based on attacker TTPs and frameworks like MITRE ATT&CK. Collaborate with … team capability. What You’ll Bring Solid background in threat detection, SOC operations, or incident response. Deep understanding of SIEM, EDR, and cloud-native security tooling (e.g., Microsoft Sentinel, Defender, GuardDuty, Chronicle). Hands-on experience developing and tuning detection content for cloud and hybrid environments. Strong grasp of adversarial tactics and techniques and how they translate to More ❯

cases across SIEM, EDR, and SOAR platforms. Analyze and investigate alerts across cloud and on-prem infrastructures to identify real threats and eliminate false positives. Strengthen visibility across Azure, AWS, and GCP environments, ensuring comprehensive monitoring and detection coverage. Drive threat hunting activities and develop hypotheses based on attacker TTPs and frameworks like MITRE ATT&CK. Collaborate with … team capability. What You’ll Bring Solid background in threat detection, SOC operations, or incident response. Deep understanding of SIEM, EDR, and cloud-native security tooling (e.g., Microsoft Sentinel, Defender, GuardDuty, Chronicle). Hands-on experience developing and tuning detection content for cloud and hybrid environments. Strong grasp of adversarial tactics and techniques and how they translate to More ❯

cases across SIEM, EDR, and SOAR platforms. Analyze and investigate alerts across cloud and on-prem infrastructures to identify real threats and eliminate false positives. Strengthen visibility across Azure, AWS, and GCP environments, ensuring comprehensive monitoring and detection coverage. Drive threat hunting activities and develop hypotheses based on attacker TTPs and frameworks like MITRE ATT&CK. Collaborate with … team capability. What You’ll Bring Solid background in threat detection, SOC operations, or incident response. Deep understanding of SIEM, EDR, and cloud-native security tooling (e.g., Microsoft Sentinel, Defender, GuardDuty, Chronicle). Hands-on experience developing and tuning detection content for cloud and hybrid environments. Strong grasp of adversarial tactics and techniques and how they translate to More ❯

cases across SIEM, EDR, and SOAR platforms. Analyze and investigate alerts across cloud and on-prem infrastructures to identify real threats and eliminate false positives. Strengthen visibility across Azure, AWS, and GCP environments, ensuring comprehensive monitoring and detection coverage. Drive threat hunting activities and develop hypotheses based on attacker TTPs and frameworks like MITRE ATT&CK. Collaborate with … team capability. What You’ll Bring Solid background in threat detection, SOC operations, or incident response. Deep understanding of SIEM, EDR, and cloud-native security tooling (e.g., Microsoft Sentinel, Defender, GuardDuty, Chronicle). Hands-on experience developing and tuning detection content for cloud and hybrid environments. Strong grasp of adversarial tactics and techniques and how they translate to More ❯

with frameworks including CIS Controls, NIST, ISO 27701, and GDPR Oversee incident response, threat detection, and access governance across systems such as iManage, Intapp, Aderant, Microsoft 365, and Azure Drive firm-wide security awareness and training initiatives Monitor regulatory changes and emerging threats, and advise on best practices Ideal Candidate Profile: Strong knowledge of ISO 27001 implementation and … certification Experience in a professional services or legal environment Familiarity with Microsoft 365 Defender, SentinelOne, Purview, and Azure security tools Skilled in managing access controls and security operations across enterprise platforms Excellent communication and stakeholder engagement skills Desirable Attributes: Certifications such as CISM, CISSP, or ISO 27001 Lead Implementer/Auditor Experience working with MDR/XDR partners More ❯

ensuring high availability, implementing enterprise-level security policies, and driving improvements in backup, disaster recovery, and system performance. The ideal candidate has extensive hands-on experience with Microsoft Azure, Microsoft 365 administration (including Exchange, SharePoint, Intune, Sentinel, and others), VMware, Windows Server, SQL Server, Microsoft Fabric, SaaS integrations, backup and recovery solutions, and Entra ID. Key … Responsibilities •Manage, monitor, and maintain Windows Servers, virtualized environments (VMware), and Azure resources. •Oversee Microsoft 365 administration, including Exchange, SharePoint, Intune, Sentinel, and related services. •Implement and maintain enterprise security measures, including Entra ID configurations, Conditional Access policies, multi-factor authentication (MFA), and other identity security controls. •Administer Microsoft SQL Server environments, including performance tuning, backup … for escalated issues and mentor junior IT team members. Qualifications •5+ years of experience in system administration in a mid-to-large enterprise environment. •Strong expertise with Microsoft Azure and Microsoft 365 administration (Exchange, SharePoint, Intune, Sentinel). •Solid experience with SQL Server administration, including performance tuning and troubleshooting. •Familiarity with Microsoft Fabric administration and integration More ❯

growing digital transformation and cloud consultancy delivering secure, innovative Microsoft solutions across multiple industries. We're seeking a Microsoft Security Consultant with hands-on expertise across Microsoft 365, Azure, and Defender technologies, passionate about helping clients strengthen their security posture while embracing the latest in modern work and AI. This is a great opportunity for someone who thrives … on solving complex security challenges, designing enterprise-grade cloud solutions, and staying ahead of Microsoft's evolving technology landscape. Key Responsibilities: Design and deliver Microsoft 365 and Azure security solutions in line with best practices and industry standards. Implement and configure tools such as Microsoft Defender, Sentinel (SIEM/XDR), Entra, and Purview. Support internal and … ISO-aligned delivery processes. Experience: Minimum 3+ years' experience delivering Microsoft cloud and security solutions for clients across multiple sectors. 3 or more Microsoft certifications in relevant areas - Azure (AZ), Security (SC), Power Platform (PL), Modern Work (MS), or Copilot/AI. Strong consulting experience in the design and implementation of Microsoft Defender solutions and SIEM/XDR. More ❯

growing digital transformation and cloud consultancy delivering secure, innovative Microsoft solutions across multiple industries. We're seeking a Microsoft Security Consultant with hands-on expertise across Microsoft 365, Azure, and Defender technologies, passionate about helping clients strengthen their security posture while embracing the latest in modern work and AI. This is a great opportunity for someone who thrives … on solving complex security challenges, designing enterprise-grade cloud solutions, and staying ahead of Microsoft's evolving technology landscape. Key Responsibilities: Design and deliver Microsoft 365 and Azure security solutions in line with best practices and industry standards. Implement and configure tools such as Microsoft Defender, Sentinel (SIEM/XDR), Entra, and Purview. Support internal and … ISO-aligned delivery processes. Experience: Minimum 3+ years' experience delivering Microsoft cloud and security solutions for clients across multiple sectors. 3 or more Microsoft certifications in relevant areas - Azure (AZ), Security (SC), Power Platform (PL), Modern Work (MS), or Copilot/AI. Strong consulting experience in the design and implementation of Microsoft Defender solutions and SIEM/XDR. More ❯

leadership role; strategic enough to shape direction, but close enough to the technology to make a difference day-to-day. Key Responsibilities Lead and evolve infrastructure operations across Azure , Microsoft 365 , and hybrid cloud environments Drive cloud migration , lifecycle management, and reduction of technical debt Enhance and secure the global IT estate, including patching , IAM , endpoint protection , and … SLAs, and service delivery are met Embed DevOps principles and automation to increase efficiency and reliability What You’ll Bring Proven experience in IT infrastructure operations and Microsoft Azure Deep technical expertise in Microsoft 365 (Exchange, SharePoint, Teams, Intune) Strong background in cybersecurity , including Zero Trust, IAM, and tools such as Defender and Sentinel Hands-on More ❯

leadership role; strategic enough to shape direction, but close enough to the technology to make a difference day-to-day. Key Responsibilities Lead and evolve infrastructure operations across Azure , Microsoft 365 , and hybrid cloud environments Drive cloud migration , lifecycle management, and reduction of technical debt Enhance and secure the global IT estate, including patching , IAM , endpoint protection , and … SLAs, and service delivery are met Embed DevOps principles and automation to increase efficiency and reliability What You’ll Bring Proven experience in IT infrastructure operations and Microsoft Azure Deep technical expertise in Microsoft 365 (Exchange, SharePoint, Teams, Intune) Strong background in cybersecurity , including Zero Trust, IAM, and tools such as Defender and Sentinel Hands-on More ❯

leadership role; strategic enough to shape direction, but close enough to the technology to make a difference day-to-day. Key Responsibilities Lead and evolve infrastructure operations across Azure , Microsoft 365 , and hybrid cloud environments Drive cloud migration , lifecycle management, and reduction of technical debt Enhance and secure the global IT estate, including patching , IAM , endpoint protection , and … SLAs, and service delivery are met Embed DevOps principles and automation to increase efficiency and reliability What You’ll Bring Proven experience in IT infrastructure operations and Microsoft Azure Deep technical expertise in Microsoft 365 (Exchange, SharePoint, Teams, Intune) Strong background in cybersecurity , including Zero Trust, IAM, and tools such as Defender and Sentinel Hands-on More ❯

leadership role; strategic enough to shape direction, but close enough to the technology to make a difference day-to-day. Key Responsibilities Lead and evolve infrastructure operations across Azure , Microsoft 365 , and hybrid cloud environments Drive cloud migration , lifecycle management, and reduction of technical debt Enhance and secure the global IT estate, including patching , IAM , endpoint protection , and … SLAs, and service delivery are met Embed DevOps principles and automation to increase efficiency and reliability What You’ll Bring Proven experience in IT infrastructure operations and Microsoft Azure Deep technical expertise in Microsoft 365 (Exchange, SharePoint, Teams, Intune) Strong background in cybersecurity , including Zero Trust, IAM, and tools such as Defender and Sentinel Hands-on More ❯

leadership role; strategic enough to shape direction, but close enough to the technology to make a difference day-to-day. Key Responsibilities Lead and evolve infrastructure operations across Azure , Microsoft 365 , and hybrid cloud environments Drive cloud migration , lifecycle management, and reduction of technical debt Enhance and secure the global IT estate, including patching , IAM , endpoint protection , and … SLAs, and service delivery are met Embed DevOps principles and automation to increase efficiency and reliability What You’ll Bring Proven experience in IT infrastructure operations and Microsoft Azure Deep technical expertise in Microsoft 365 (Exchange, SharePoint, Teams, Intune) Strong background in cybersecurity , including Zero Trust, IAM, and tools such as Defender and Sentinel Hands-on More ❯

roles Solid understanding of SIEM, log analytics, data normalization, and detection lifecycle management (rule creation, tuning, suppression, enrichment) Hands-on experience with XSIAM or similar platforms (Splunk, QRadar, Sentinel, etc.) is a strong plus Strong technical writing and communication skills, with the ability to convey complex ideas clearly to both technical and non-technical audiences Skilled in scripting … etc.) for detection development or incident investigation tasks Experience managing multiple projects or programs in dynamic, fast-paced environments with cross-functional visibility Familiarity with cloud infrastructure (AWS, Azure, GCP), especially as it relates to telemetry ingestion, detection engineering, or automated response — a significant advantage Experience with CNAPP solutions (e.g., Prisma Cloud, Wiz, Orca) and integrating cloud posture More ❯