51 to 75 of 257 Sentinel Jobs

given to candidates who meet all of the essential criteria and hold active security clearance. Accountabilities . Subject Matter Expert (SME) for log source evaluation and onboarding into Azure Sentinel . Review existing on-premises logging configurations and recommend improvements for cloud ingestion. . Conduct discovery and assessment of log sources, ensuring appropriate classification and prioritisation. . Collaborate with Head … metrics using workbooks, dashboards, and reports . Document log schemas, ingestion frequency, source ownership, and normalization mappings Knowledge and Experience . Experience with Microsoft Azure security technologies, especially Azure Sentinel, Log Analytics, and Azure Monitor . Strong understanding of common log formats (Syslog, JSON, CEF, Windows Events, etc.) . Familiarity with cloud migration strategies and hybrid logging environments . Strong … CK, NIST, and CAF . Ability to troubleshoot complex ingestion or parsing issues and resolve at speed Essential Skills . Proven experience onboarding and managing log sources in Azure Sentinel . Hands-on experience configuring data connectors and diagnostic settings in Azure . Solid understanding of use case development and detection engineering . Knowledge of PowerShell, KQL (Kusto Query Language More ❯

thrive in fast-paced, high-tech environments. This is a fantastic opportunity to support multiple high-profile clients across enterprise-scale environments while using industry-leading tools like Microsoft Sentinel, Splunk, and MISP. If you're ready to lead from the front, contribute to national security, and grow your cybersecurity career—this is the role for you. Responsibilities: Monitor, triage … for managed clients, tailoring content for both technical and non-technical stakeholders. Skills/Must have: Proven experience working in a Security Operations Centre. Hands-on experience with Microsoft Sentinel and Splunk. Familiarity with the Mitre ATT&CK framework. Strong understanding of networking fundamentals (TCP/IP, WANs, LANs, common Internet protocols). Knowledge of enterprise-grade security tools such More ❯

roadmaps Collaborate with teams to integrate security into CI/CD and cloud-native applications Microsoft Security Stack Configure and manage Microsoft Defender for Cloud, Defender for Endpoint, and Sentinel Deploy Microsoft Purview for compliance and information protection Manage Microsoft 365 Defender (Office 365, Identity, Endpoint) Support Conditional Access, Entra ID, and Identity Governance setups Implement Data Loss Prevention (DLP … and sensitivity labels Work with Azure Key Vault and manage encryption and certificate strategies Collaborate with our SOC and managed Sentinel provider on incident handling Compliance & Governance Help ensure compliance with ISO 27001, SOC 2, GDPR, and NIS2 Support configuration and monitoring in Microsoft Compliance Manager Maintain security documentation and assist in audit preparation Configure insider risk management, audit, and … eDiscovery capabilities Track Secure Score and recommend improvements Incident Response & Monitoring Configure monitoring and alerts using Microsoft tools (Sentinel, Defender) Participate in incident response and post-incident reviews Contribute to the development of business continuity and disaster recovery plans Track KPIs and generate reports using Microsoft compliance and security solutions Collaboration & Support Work closely with DevOps, infrastructure, and application teams More ❯

have proven experience working in a busy SOC with a tech-first approach and be able to lead from the front. From a technical perspective we are using Microsoft Sentinel, Splunk and MISP Threat sharing so any knowledge of these technologies would be a substantial benefit. This role is based out of our head office in Farnborough OR Hemel Hempstead … Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. What you will bring : Experience in Security Operations Centre. Demonstrable experience of Managing Microsoft Sentinel or Splunk implementations. Knowledge and experience with Mitre Att&ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Deep … SMTP, HTTP, FTP, POP, LDAP. It would be great if you had: ? Understanding of static malware analysis and reverse engineering. CREST Practitioner Intrusion Analyst. Experience with SIEM technologies, namely Sentinel and Splunk, with some experience with QRadar appreciated. If you are interested in this role but not sure if your skills and experience are exactly what were looking for, please More ❯

security operations. Knowledge of Security best practices and regulatory compliance frameworks (e.g., NIST, ISO27001, PCI-DSS etc) Knowledge of the following security products are ideal: ? SEIM (Rapid7 IDR, MS Sentinel, SPLUNK) ? SOAR (Rapid7 ICON, MS Sentinel) ? Endpoint Detection and Response (Microsoft Defender) ? Email Security (Proofpoint, Mimecast) ? Vulnerability Management (Rapid7 IVM, Nessus, Tenable) Proficiency with scripting and automation (e.g., Powershell, Python More ❯

investigating threats, guiding incident flow, analysing threat data, and playing a key role in improving detection and response processes. You’ll be working across platforms like: Elastic SIEM Microsoft Sentinel Defender for Endpoint CrowdStrike Falcon MISP (Malware Information Sharing Platform) As the team scales, this role offers both strategic involvement and technical depth. There’s also the option to step … what happened, but why, how, and how to prevent it Comfortable being an escalation point for technical and analytical issues Working knowledge of key SIEM and EDR platforms (Elastic, Sentinel, CrowdStrike, etc.) Natural curiosity and willingness to get hands-on with data and investigations Broad exposure across cyber domains beyond pure SOC is highly valued Why This Role? Be a More ❯

posture, identifying and assessing any cyber security risks, in accordance with laws and regulations. You will be responsible for leveraging and optimising a number of tools including, MS Defender, Sentinel, Azure and the external SOC partner to enhance cyber resilience, conduct threat analysis, and proactive risk assessments to design effective controls.You will be leading the Cyber Security operations function, by … establishing responsibilities and ensure an end-to-end approach to cyber resilience Is embedded in other functions. What you'll need to succeed Extensive understanding of Azure, MS Defender, Sentinel, and Cyber Assessment Framework Experience leading a team of security and infrastructure engineers Extensive experience of creating cyber security roadmaps Experience of building and implementing strong operational processes Excellent communication More ❯

Salary: £60K - £62.5K + exceptional Employee Benefits including 28% Employer Pension, (+ on-call payment), great work/life balance Key Skills: Vulnerability Management tools, Azure Security Centre, Defender, Sentinel and a broad Infrastructure Engineer background Summary: This role joins a high performing, dedicated, hands-on Cyber Security Team responsible for providing a critical Security/Cyber Engineering function. The … essential skills and experience: Ability to work 2 days per week in Brighton 2+ years strong hands-on technical experience with Microsoft Security and infrastructure services including: Defender suite, Sentinel, Azure Security Center, Azure NSGs 5+years' experience in technical infrastructure support, (Network or Systems Engineer level), with as much of the following experience as possible: IaaS, PaaS, Virtual Machines (VMs More ❯

Salary: 60K - 62.5K + exceptional Employee Benefits including 28% Employer Pension, (+ on-call payment), great work/life balance Key Skills: Vulnerability Management tools, Azure Security Centre, Defender, Sentinel and a broad Infrastructure Engineer background Summary: This role joins a high performing, dedicated, hands-on Cyber Security Team responsible for providing a critical Security/Cyber Engineering function. The … essential skills and experience: Ability to work 2 days per week in Brighton 2+ years strong hands-on technical experience with Microsoft Security and infrastructure services including: Defender suite, Sentinel, Azure Security Center, Azure NSGs 5+years' experience in technical infrastructure support, (Network or Systems Engineer level), with as much of the following experience as possible: IaaS, PaaS, Virtual Machines (VMs More ❯

Salary: £60K - £62.5K + exceptional Employee Benefits including 28% Employer Pension, (+ on-call payment), great work/life balance Key Skills: Vulnerability Management tools, Azure Security Centre, Defender, Sentinel and a broad Infrastructure Engineer background Summary: This role joins a high performing, dedicated, hands-on Cyber Security Team responsible for providing a critical Security/Cyber Engineering function. The … essential skills and experience: Ability to work 2 days per week in Brighton 2+ years strong hands-on technical experience with Microsoft Security and infrastructure services including: Defender suite, Sentinel, Azure Security Center, Azure NSGs 5+years' experience in technical infrastructure support, (Network or Systems Engineer level), with as much of the following experience as possible: IaaS, PaaS, Virtual Machines (VMs More ❯

Key Responsibilities Monitor and analyze user activity for anomalous behavior using SIEM, EDR, and UEBA tools. Develop and tune detection rules and alerts in platforms like Splunk and Microsoft Sentinel to identify insider threats and privileged account misuse. Lead or support investigations into insider threat incidents, collaborating with HR, legal, and SOC teams to ensure due process and policy alignment. … clearance or higher. 5+ years of experience in cybersecurity operations, with at least 2 years focused on insider threat detection or behavioral analytics. Proficiency with SIEM tools (e.g., Splunk, Sentinel), EDR platforms (e.g., CrowdStrike, SentinelOne), and DLP solutions. Experience with insider threat tools (e.g., Code42, DTEX, UEBA platforms). Familiarity with NIST, DFARS, CMMC, and insider threat program frameworks (e.g. More ❯

you need? • At least 1 year of hands-on experience in a Tier 1 SOC role, preferably within a managed services environment • Practical knowledge of Microsoft Defender XDR and Sentinel SIEM tools • Familiarity with the Microsoft Defender suite, particularly Endpoint Detection and Response • Solid understanding of Microsoft 365 cloud technologies from a security and threat landscape perspective • Hold current certifications … applying, you consent to your application being processed and submitted to the client for this vacancy only. KEY SKILLS – Cyber Security, SOC Analyst, Tier 1 Support, Microsoft Defender XDR, Sentinel, SIEM, Endpoint Detection, Microsoft 365, SC-200, SC-900, Incident Response, Threat Monitoring, IT Support More ❯

and implementing new and existing use cases by collaborating with team members and other stakeholders. The ideal candidate will have hands-on experience with cloud SIEM technology such as Sentinel and Cribl. At AXA we work smart, empowering our people to balance their time between home and the office in a way that works best for them, their team and … AXA, please don't hesitate to apply. What you'll bring: Previous experience of security engineering in a security operations team Proven experience with cloud SIEM technology such as Sentinel and Cribl Strong background in data engineering, log management, or observability platforms Experience with systems like Sentinel, Elasticsearch, Kafka, or similar Proficiency in data transformation, enrichment, and routing Solid scripting More ❯

and implementing new and existing use cases by collaborating with team members and other stakeholders. The ideal candidate will have hands-on experience with cloud SIEM technology such as Sentinel and Cribl. At AXA we work smart, empowering our people to balance their time between home and the office in a way that works best for them, their team and … AXA, please don't hesitate to apply. What you'll bring: Previous experience of security engineering in a security operations team Proven experience with cloud SIEM technology such as Sentinel and Cribl Strong background in data engineering, log management, or observability platforms Experience with systems like Sentinel, Elasticsearch, Kafka, or similar Proficiency in data transformation, enrichment, and routing Solid scripting More ❯

you need? • At least 1 year of hands-on experience in a Tier 1 SOC role, preferably within a managed services environment • Practical knowledge of Microsoft Defender XDR and Sentinel SIEM tools • Familiarity with the Microsoft Defender suite, particularly Endpoint Detection and Response • Solid understanding of Microsoft 365 cloud technologies from a security and threat landscape perspective • Hold current certifications … applying, you consent to your application being processed and submitted to the client for this vacancy only. KEY SKILLS – Cyber Security, SOC Analyst, Tier 1 Support, Microsoft Defender XDR, Sentinel, SIEM, Endpoint Detection, Microsoft 365, SC-200, SC-900, Incident Response, Threat Monitoring, IT Support More ❯

you need? * At least 1 year of hands-on experience in a Tier 1 SOC role, preferably within a managed services environment* Practical knowledge of Microsoft Defender XDR and Sentinel SIEM tools* Familiarity with the Microsoft Defender suite, particularly Endpoint Detection and Response* Solid understanding of Microsoft 365 cloud technologies from a security and threat landscape perspective* Hold current certifications … applying, you consent to your application being processed and submitted to the client for this vacancy only. KEY SKILLS - Cyber Security, SOC Analyst, Tier 1 Support, Microsoft Defender XDR, Sentinel, SIEM, Endpoint Detection, Microsoft 365, SC-200, SC-900, Incident Response, Threat Monitoring, IT Support More ❯

proactive approach to integrating security across their software delivery lifecycle. A key part of this position will also involve mentoring an internal engineer, developing structured security policies, and managing Sentinel, Defender and SOAR solutions for automated threat response. Additionally, the role requires liaising with third-party support partners to coordinate security solutions, manage incidents, and enhance overall cybersecurity posture. Responsibilities … Development and Maintenance: Design, develop, and optimize Azure DevOps pipelines with security embedded at every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention … this must allow you to work in the UK unrestricted for at least the next 5 years. Profile 29 recruitment keywords: DevSecOps DevOps Azure cloud security Microsoft Defender Microsoft Sentinel WAF IPS DNS pcidss pci dss pci-dss soar loughton Debden essex London More ❯

analysis, and improvement of cybersecurity postures. Essential Skills and Experience: Proven experience in a Security Operations Centre (SOC) environment. Strong hands-on expertise with SIEM tools such as Microsoft Sentinel and Splunk . Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ). Skilled in incident response and threat intelligence analysis . Familiarity with Mitre Att … Analyst , you will be at the forefront -leading incident response, improving detection mechanisms, and mentoring junior analysts. Your responsibilities will include: Analysing security incidents using advanced SIEM platforms ( Microsoft Sentinel , Splunk ). Leading incident response and driving improvements in detection and containment strategies. Tuning and maintaining detection rules, using threat frameworks like Mitre Att&ck . Collaborating with colleagues to More ❯

a busy SOC with a tech-first approach. The team is on the cusp of continued growth, and we are looking for leaders to drive forward. Knowledge of Microsoft Sentinel, Splunk, and MISP Threat Sharing would be a significant advantage. This role is based at our head office in Hemel Hempstead or Farnborough and involves a shift pattern with … non-technical audiences and improving their content. Updating security incident documentation, including reports, analysis, and mitigation strategies. Qualifications and experience: Experience working in a Security Operations Centre. Managing Microsoft Sentinel and Splunk implementations. Knowledge of the Mitre Att&ck Framework. Understanding of client-server applications, web applications, databases, firewalls, VPNs, and AntiVirus products. Expertise in log data analysis and intrusion More ❯

proactive approach to integrating security across their software delivery lifecycle. A key part of this position will also involve mentoring an internal engineer, developing structured security policies, and managing Sentinel, Defender and SOAR solutions for automated threat response. Additionally, the role requires liaising with third-party support partners to coordinate security solutions, manage incidents, and enhance overall cybersecurity posture. Responsibilities … Development and Maintenance: Design, develop, and optimize Azure DevOps pipelines with security embedded at every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention … purposes only (details of Profile 29s privacy policy can be found at: profile-29 .com/privacy) Profile 29 recruitment keywords: DevSecOps DevOps Azure cloud security Microsoft Defender Microsoft Sentinel WAF IPS DNS pcidss pci dss pci-dss soar loughton Debden essex London More ❯

access and configuration requests, and escalating technical challenges to appropriate teams. What Your Day-To-Day Looks Like (Position Responsibilities): Provide Tier 1 and Tier 2 technical support to Sentinel users via ticketing systems, email, and chat, ensuring high levels of customer service and responsiveness. Monitor and triage service desk tickets within SLAs using Service Manager (or similar ITSM platform … authentication processes, and basic role configuration. Respond to and resolve incidents across three operational enclaves, including after-hours support for mission-critical issues. Assist in maintaining operational readiness of Sentinel environments by coordinating closely with DevOps, Infrastructure, and Security teams. Provide support for audit and compliance-related requests by gathering system usage data and logs. Contribute to knowledge base articles More ❯

maturity, optimizing license consumption, and enhancing security visibility across the enterprise. Key Responsibilities Lead the investigation and resolution of high-severity security incidents Conduct proactive threat hunting using Microsoft Sentinel and the Defender suite Develop and fine-tune analytic rules, detection use-cases, and SOAR playbooks Monitor and optimise license consumption across Microsoft security tools Manage log onboarding/offboarding … in cybersecurity, with at least 2+ years at SOC Level 3 or senior analyst level Strong expertise in Microsoft Azure, including security monitoring and engineering Deep experience with Microsoft Sentinel (KQL, custom rules, automation, dashboards) Hands-on proficiency with Microsoft Defender for Endpoint, Identity, and Office 365 Strong understanding of log management (onboarding, parsing, retention strategies) Demonstrated ability to build More ❯

in London who are seeking an experienced Cyber Security Analyst to play a key role in strengthening their cyber security capabilities and ensuring the effective use of Microsoft's Sentinel security information and event management system. This opportunity offers a chance to contribute to a progressive, security-focused team committed to protecting critical infrastructure and information assets. The role is … to attend the London office 2 days per week. Key Responsibilities: * Monitor and analyse various security systems to identify, mitigate, and respond to risks and potential threats. * Utilise Microsoft Sentinel and related tools to analyse security data, detect anomalies, and respond effectively to incidents. * Oversee vulnerability assessments and penetration testing to ensure robust security measures are maintained. * Contribute to the More ❯

of cybersecurity at Skillcast. Key Responsibilities: - Coordinate SOC 2, ISO 27001, and Cyber Essentials audits – including documentation, evidence management, gap analysis, and communication with auditors - Administer and enhance Azure Sentinel SIEM – including data source configuration, detection rule creation, incident triage, and reporting - Oversee vulnerability scanning, prioritisation, stakeholder coordination, and remediation tracking - Implement and manage security controls across Azure and Kubernetes … years of experience in cybersecurity and IT infrastructure roles - Hands-on experience with Azure, Kubernetes/Docker, and CI/CD security practices - Proficient in SIEM platforms (especially Azure Sentinel) and vulnerability management tools - Strong knowledge of incident response, infrastructure hardening, and cloud security controls - Familiarity with SOC 2, ISO 27001, Cyber Essentials, and NIST frameworks - Experience with core security More ❯

of cybersecurity at Skillcast. Key Responsibilities: - Coordinate SOC 2, ISO 27001, and Cyber Essentials audits – including documentation, evidence management, gap analysis, and communication with auditors - Administer and enhance Azure Sentinel SIEM – including data source configuration, detection rule creation, incident triage, and reporting - Oversee vulnerability scanning, prioritisation, stakeholder coordination, and remediation tracking - Implement and manage security controls across Azure and Kubernetes … years of experience in cybersecurity and IT infrastructure roles - Hands-on experience with Azure, Kubernetes/Docker, and CI/CD security practices - Proficient in SIEM platforms (especially Azure Sentinel) and vulnerability management tools - Strong knowledge of incident response, infrastructure hardening, and cloud security controls - Familiarity with SOC 2, ISO 27001, Cyber Essentials, and NIST frameworks - Experience with core security More ❯