21 of 21 Sentinel Jobs in Manchester

flexible team, you will play a key role in helping to protect front-line policing from cyber-attacks. Configuration and maintenance of the NMC central Microsoft Azure, Lighthouse and Sentinel platform. Development, maintenance, and deployment of detection rules and other SIEM content. Creation of custom solutions using both low-code and traditional development approaches. Providing support to forces for the … configuration of Sentinel and log sources. Testing and implementing new Sentinel connectors. Working with wider NMC teams, contributing to Continual Service Improvement and innovations. Creation and ongoing maintenance of technical design documentation Working with the PDS design team and wider NMC operational teams to create, test and implement new tools and technologies. Leveraging Microsoft support for technical assistance and information More ❯

security operations. Knowledge of Security best practices and regulatory compliance frameworks (e.g., NIST, ISO27001, PCI-DSS etc) Knowledge of the following security products are ideal: ? SEIM (Rapid7 IDR, MS Sentinel, SPLUNK) ? SOAR (Rapid7 ICON, MS Sentinel) ? Endpoint Detection and Response (Microsoft Defender) ? Email Security (Proofpoint, Mimecast) ? Vulnerability Management (Rapid7 IVM, Nessus, Tenable) Proficiency with scripting and automation (e.g., Powershell, Python More ❯

please get in touch with at UKI.recruitment@tcs.com or call TCS London Office number 02031552100 with the subject line: “Application Support Request”. Role: SOC L3 Security Analyst (Microsoft Sentinel & Defender Specialist) Job Type: Permanent Location: Manchester, UK, Hybrid Number of hours: 40 hours per week – full time Are you looking to take on a role in Security Analysis? We … and security monitoring, while also optimizing license consumption and SIEM integration efforts. Key responsibilities: Investigate and analyze complex security incidents escalated from L1/L2 SOC analysts. Leverage Microsoft Sentinel (SIEM) and Microsoft Defender XDR to conduct in-depth incident response. Correlate multi-source telemetry (network, endpoint, identity, cloud) to identify and contain threats. Perform proactive threat hunting using KQL … tune custom analytics rules, workbooks, and hunting queries. Apply the MITRE ATT&CK framework to build coverage and improve threat visibility. Onboard and integrate new data sources into Microsoft Sentinel, ensuring accurate log ingestion and parsing. Build and manage data connectors, custom log parsers, and normalization schemas. Collaborate with cloud and infrastructure teams to onboard telemetry from endpoints, identity systems More ❯

Threat Analyst/SOC/Microsoft Sentinel/KQL/SIEM Threat Analyst/SOC/Microsoft Sentinel/KQL/SIEM Threat Analyst – Manchester/Hybrid - £30K Maxwell Bond have engaged with an MSSP in the Manchester area that’re looking for a Threat Analyst to join their team. We’re looking for somebody that has recent experience with … Microsoft Sentinel (1-2 years) and KQL skills. The company are growing and hiring at a quick rate, really exciting time to join them as they expand. You will be in the Manchester based office ideally once per week, sometimes maybe once every two weeks. What you’ll be doing: Investigating and responding to security alerts and incidents escalated by … the L1 team Using Microsoft Sentinel as your primary SIEM platform, leveraging KQL to hunt, analyse, and improve detection Tuning Sentinel rules, creating workbooks and queries to enhance visibility and reduce false positives Working with clients across different sectors, helping them understand threats and improve their security posture Collaborating with Threat Intelligence and Engineering teams to strengthen detection and response More ❯

working remotely. This role is operating outside of IR35. Candidates must be based in the UK. Key Responsibilities: Monitor and investigate security alerts using SIEM tools (e.g., Splunk, Microsoft Sentinel). Conduct threat-hunting activities to proactively identify suspicious behavior and potential threats. Analyze logs and network traffic to identify anomalies. Collaborate with incident response teams to contain and remediate … What We're Looking For: Strong background in cybersecurity with hands-on SOC experience. Proficiency in threat-hunting methodologies and investigative techniques. Experience with SIEM platforms such as Splunk, Sentinel, or similar. Solid understanding of security frameworks, malware analysis, and network protocols. Strong analytical and problem-solving skills. Relevant certifications (e.g., CompTIA Security+, CEH, GCIA, or Splunk Certified) are a More ❯

working remotely. This role is operating outside of IR35. Candidates must be based in the UK. Key Responsibilities: Monitor and investigate security alerts using SIEM tools (e.g., Splunk, Microsoft Sentinel). Conduct threat-hunting activities to proactively identify suspicious behavior and potential threats. Analyze logs and network traffic to identify anomalies. Collaborate with incident response teams to contain and remediate … What We're Looking For: Strong background in cybersecurity with hands-on SOC experience. Proficiency in threat-hunting methodologies and investigative techniques. Experience with SIEM platforms such as Splunk, Sentinel, or similar. Solid understanding of security frameworks, malware analysis, and network protocols. Strong analytical and problem-solving skills. Relevant certifications (e.g., CompTIA Security+, CEH, GCIA, or Splunk Certified) are a More ❯

working remotely. This role is operating outside of IR35. Candidates must be based in the UK. Key Responsibilities: Monitor and investigate security alerts using SIEM tools (e.g., Splunk, Microsoft Sentinel). Conduct threat-hunting activities to proactively identify suspicious behavior and potential threats. Analyze logs and network traffic to identify anomalies. Collaborate with incident response teams to contain and remediate … What We're Looking For: Strong background in cybersecurity with hands-on SOC experience. Proficiency in threat-hunting methodologies and investigative techniques. Experience with SIEM platforms such as Splunk, Sentinel, or similar. Solid understanding of security frameworks, malware analysis, and network protocols. Strong analytical and problem-solving skills. Relevant certifications (e.g., CompTIA Security+, CEH, GCIA, or Splunk Certified) are a More ❯

working remotely. This role is operating outside of IR35. Candidates must be based in the UK. Key Responsibilities: Monitor and investigate security alerts using SIEM tools (e.g., Splunk, Microsoft Sentinel). Conduct threat-hunting activities to proactively identify suspicious behavior and potential threats. Analyze logs and network traffic to identify anomalies. Collaborate with incident response teams to contain and remediate … What We're Looking For: Strong background in cybersecurity with hands-on SOC experience. Proficiency in threat-hunting methodologies and investigative techniques. Experience with SIEM platforms such as Splunk, Sentinel, or similar. Solid understanding of security frameworks, malware analysis, and network protocols. Strong analytical and problem-solving skills. Relevant certifications (e.g., CompTIA Security+, CEH, GCIA, or Splunk Certified) are a More ❯

working remotely. This role is operating outside of IR35. Candidates must be based in the UK. Key Responsibilities: Monitor and investigate security alerts using SIEM tools (e.g., Splunk, Microsoft Sentinel). Conduct threat-hunting activities to proactively identify suspicious behavior and potential threats. Analyze logs and network traffic to identify anomalies. Collaborate with incident response teams to contain and remediate … What We're Looking For: Strong background in cybersecurity with hands-on SOC experience. Proficiency in threat-hunting methodologies and investigative techniques. Experience with SIEM platforms such as Splunk, Sentinel, or similar. Solid understanding of security frameworks, malware analysis, and network protocols. Strong analytical and problem-solving skills. Relevant certifications (e.g., CompTIA Security+, CEH, GCIA, or Splunk Certified) are a More ❯

maturity, optimizing license consumption, and enhancing security visibility across the enterprise. Key Responsibilities Lead the investigation and resolution of high-severity security incidents Conduct proactive threat hunting using Microsoft Sentinel and the Defender suite Develop and fine-tune analytic rules, detection use-cases, and SOAR playbooks Monitor and optimise license consumption across Microsoft security tools Manage log onboarding/offboarding … in cybersecurity, with at least 2+ years at SOC Level 3 or senior analyst level Strong expertise in Microsoft Azure, including security monitoring and engineering Deep experience with Microsoft Sentinel (KQL, custom rules, automation, dashboards) Hands-on proficiency with Microsoft Defender for Endpoint, Identity, and Office 365 Strong understanding of log management (onboarding, parsing, retention strategies) Demonstrated ability to build More ❯

L2&L3 SOC/Cyber Security Engineer - Threat Hunter/SIEM Sentinel - £45-65K + 25% Shift - Home/Office 2x per month My client is one of the most recognisable names in IT and has some of the best professionals in the industry. They are top partners with leading Vendors, which means you will work with cutting-edge … upon hire. Key Skills required: At least 2 years' experience in a SOC environment, preferably MSSP, or in a technical security role. Experience with SIEM tools such as MS Sentinel, AlienVault, or Splunk. Cybersecurity qualifications, certifications, or degrees e.g., CySA+, CompTIA SEC+, or similar experience. Microsoft SC-200 certifications are desirable. Strong knowledge of threat actor methodologies, incident response, and … Incident Management, including Major Incidents and analysis for ongoing investigations. Conduct proactive threat hunts, RCAs, and develop detection capabilities. Monitor and investigate security alerts from SIEM platforms like MS Sentinel, AlienVault, or Splunk. Respond to security alerts, incidents, and requests, managing threats and vulnerabilities effectively. Document cases and generate reports with insightful recommendations. Assist in recovery processes post-incident. Provide More ❯

enterprise clients, ensuring they get real value from their Microsoft investment and help them solve complex problems. The role requires deep technical expertise across the Microsoft Defender suite, Microsoft Sentinel, and Microsoft Entra, with a focus on level 400-500 technical depth. Key Responsibilities: Communicate Microsoft's strategic direction in cybersecurity, including its rationale, competitive advantages, and future roadmap aligned … with Orange Cyberdefenses advisory and managed service offerings Represent Microsoft's security narrative to customers, partners, and internal stakeholders. Provide deep technical guidance on Microsoft Defender, Sentinel, and Entra. Act as a trusted advisor in pre-sales engagements, supporting clients in understanding and adopting Orange Cyberdefense Microsoft security solutions. Translate complex technical concepts into business value for C-level and … a senior technical role focused on Microsoft security technologies. Experience solutioning Microsoft services and solutions, tailored to meet client needs. Deep technical knowledge (Level 400-500) of Microsoft Defender, Sentinel, and Entra. Strong understanding of Microsoft's security strategy and competitive landscape. Experience engaging with enterprise customers in a pre-sales or technical advisory capacity. Excellent communication and public speaking More ❯

of enterprise security by designing and deploying cutting-edge architectures across both cloud and on-prem environments. Youll take a Microsoft-first approach , leveraging tools such as Microsoft Defender , Sentinel , and Azure Identity services to create integrated, scalable, and future-ready solutions. This is a rare opportunity to take the architectural lead on a flagship programme that will transform how … doing Lead the design and delivery of end-to-end security architectures across complex environments Align security strategies with business and technology roadmaps Champion Microsofts security stack, particularly Defender, Sentinel, and Identity capabilities Advise stakeholders across business and IT, shaping solutions that are secure, sustainable, and business-aligned Drive best practices across architecture governance, secure SDLC, and innovation in security … quality technical documentation, security roadmaps, and design blueprints What were looking for Proven experience delivering enterprise-grade security architectures Deep technical expertise across Microsoft security platforms, especially Defender and Sentinel Strong grasp of cloud and hybrid security models, particularly within Azure Knowledge of core security frameworks and methodologies including defence-in-depth and zero trust Excellent stakeholder engagement skills, able More ❯

and implementing new and existing use cases by collaborating with team members and other stakeholders. The ideal candidate will have hands-on experience with cloud SIEM technology such as Sentinel and Cribl. At AXA we work smart, empowering our people to balance their time between home and the office in a way that works best for them, their team and … AXA, please don't hesitate to apply. What you'll bring: Previous experience of security engineering in a security operations team Proven experience with cloud SIEM technology such as Sentinel and Cribl Strong background in data engineering, log management, or observability platforms Experience with systems like Sentinel, Elasticsearch, Kafka, or similar Proficiency in data transformation, enrichment, and routing Solid scripting More ❯

our strategic Security & Risk transformation programme. In this influential role, you will lead the development and implementation of advanced security architectures, specifically leveraging Microsoft's security suite, including Defender, Sentinel and Identity capabilities across cloud and on-premise systems to transform and enhance our cyber resilience. You will collaborate closely with our security, architecture, and project teams to design secure More ❯

Threat Analyst/SOC/Microsoft Sentinel/KQL/SIEM Threat Analyst/SOC/Microsoft Sentinel/KQL/SIEM Threat Analyst - Manchester/Hybrid - £30K Maxwell Bond have engaged with an MSSP in the Manchester area that're looking for a Threat Analyst to join their team. We're looking for somebody that has recent experience with … Microsoft Sentinel (1-2 years) and KQL skills. The company are growing and hiring at a quick rate, really exciting time to join them as they expand. You will be in the Manchester based office ideally once per week, sometimes maybe once every two weeks. What you'll be doing: Investigating and responding to security alerts and incidents escalated by … the L1 team Using Microsoft Sentinel as your primary SIEM platform, leveraging KQL to hunt, analyse, and improve detection Tuning Sentinel rules, creating workbooks and queries to enhance visibility and reduce false positives Working with clients across different sectors, helping them understand threats and improve their security posture Collaborating with Threat Intelligence and Engineering teams to strengthen detection and response More ❯

a team focused on protecting enterprise assets against evolving cyber threats. Key Responsibilities: Lead investigations and response efforts for high-severity security incidents. Conduct proactive threat hunting using Microsoft Sentinel and the Defender suite. Develop and fine-tune analytic rules, workbooks, and automation playbooks in Sentinel. Perform deep-dive analysis of malware, phishing, and lateral movement techniques. Collaborate with engineering …/Must have: Over 5 years of experience in cybersecurity, including a minimum of 2 years in a Level 3 SOC or equivalent role. Expert-level proficiency with Microsoft Sentinel, including KQL, custom analytic rules, and automation. Hands-on experience with Microsoft Defender for Endpoint, Identity, and Office 365. Strong knowledge of the MITRE ATT&CK framework, threat intelligence, and More ❯

code/no-code solutions that streamline workflows and lead on the deployment of Microsoft Purview for data governance, Microsoft Defender for cloud app and endpoint security and Microsoft Sentinel to build a world-class SIEM/SOC. This role will be responsible for gathering business requirements, analysing business processes and collaborating with cross-functional teams to ensure a smooth More ❯

across the UK. Your work will directly contribute to the safety and resilience of this network. What We're Looking For: Experience with SIEM and SOAR platforms (e.g., Splunk, Sentinel, Cortex XSOAR). A solid understanding of threat intelligence frameworks and feeds. A collaborative mindset and a passion for automation and innovation. Operational experience working in an appropriate technical subject More ❯

Server Containers, KVM, AVD, VMs and Service Extend Support Machines Additional Knowledge Management Tools - Microsoft SCCM, Windows Admin Center, SCOM Monitoring - SCOM, WAC, Windows Network, Azure Log analytical Workspace, Sentinel Workspace, Event Logs and Kusto Queries Skills Ability to work under own initiative Ability to follow written and verbal instructions Ability to work to strict deadlines Ability to provide training More ❯

security architecture using industry frameworks (i.e ISO 27001, CIS, NIST) Produce architecture dcumentation, risk assessments and design decision Experience required: Expertise in Microsoft Security Stack (E5 Security, Defender, Endpoint, Sentinel) Strong knowledge of Microsoft Licensing and governance Experiecne designing reusable security architecture patterns and templates Ideal certifications: Microsoft Security Architect Expert (SC100) CISSP/CISM Public Cloud Architect Certification (Azure More ❯