SIEM Security Engineer
Inside IR35
Hybrid, travel to various sites around England
3 months, scope to extend
Active SC would be advantageous
We are seeking a Sentinel SIEM & Cloud Security Engineer to join our clients team and play a critical role in designing, managing, and optimizing Microsoft Sentinel and Defender for Cloud. This role will focus on SIEM architecture, cloud security posture management, security analytics, and automation to enhance the clients security visibility and resilience. You will have the opportunity to work with cutting-edge security tools and continuously evolve your expertise in cloud security.
Key Responsibilities
1. SIEM Architecture & Management: Design, deploy, configure, and maintain Microsoft Sentinel, ensuring optimal performance, scalability, and integration with security tools.
2. Cloud Security Design & Integration: Implement and optimize Microsoft Defender for Cloud to enhance cloud security posture, detect misconfigurations, and enforce compliance.
3. Log Management & Analysis: Oversee the ingestion, parsing, and normalization of security logs from Azure, AWS, M365, and hybrid environments to improve threat visibility.
4. Security Event Correlation & Automation: Develop advanced correlation rules, alerts, playbooks, and automation workflows using Sentinel, KQL, and SOAR integrations to enhance threat detection and response capabilities.
5. Cloud Threat Protection: Monitor, analyse, and strengthen security postures across cloud platforms, utilising Defender for Cloud and SIEM insights.
6. Compliance & Governance: Ensure alignment with industry best practices, regulatory frameworks, and internal security policies for cloud security.
7. Threat Intelligence & Enrichment: Integrate threat intelligence feeds with Sentinel and Defender for Cloud to enhance real-time threat analysis.
8. Collaboration & Advisory: Work closely with security analysts, cloud engineers, and IT teams to optimize security monitoring, threat detection, and risk mitigation strategies.
9. On-Call Support: Provide 24/ 7 on-call support on a rotational basis for security platform-related issues.
10. Emerging Technologies & Innovation: Stay ahead of cloud security advancements, evolving SIEM capabilities, and automation trends to continuously enhance security operations.
Required Skills & Qualifications
11. Strong experience designing, managing, and integrating Microsoft Sentinel and Microsoft Defender for Cloud.
12. Proficiency in SIEM architecture, security event correlation, log ingestion, and cloud security analytics.
13. Hands-on experience with security automation (SOAR), threat intelligence platforms, and log parsing techniques.
14. Strong understanding of MITRE ATT&CK framework, Zero Trust, and cloud security best practices.
15. Knowledge of Azure, AWS, M365, hybrid environments, and cloud security frameworks (CIS, NIST, ISO 27001, etc.).
16. Experience with scripting and automation (PowerShell, Python, KQL, or similar languages) to enhance security operations.
17. Excellent problem-solving, analytical, and communication skills with the ability to effectively influence others.
18. Ability to adapt quickly to emerging cloud security threats and technologies.
19. Security certifications such as AZ-500, MS-500, SC-200, Security Essentials, or equivalent are preferred.
If you are interested, apply here!