Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Join us as an Azure Sentinel Cyber Security Engineer, focusing on log source evaluation and onboarding.
- Company: Sellafield Ltd is transforming the Sellafield site for future generations with a commitment to excellence.
- Benefits: Enjoy hybrid working, professional development opportunities, and a culture of continuous improvement.
- Why this job: Be part of a mission-driven team with industry-leading experts and make a real impact in cyber security.
- Qualifications: Experience with Azure Sentinel, strong documentation skills, and familiarity with security frameworks are essential.
- Other info: SC Clearance is required; we value diversity and encourage applications from all backgrounds.
The predicted salary is between 48000 - 72000 Β£ per year.
On behalf of Sellafield, we are looking for an Azure Sentinel Cyber Security Engineer (Outside IR35) for a 12 month contract based hybrid in Warrington β 2/3 days per week.
SC Clearance is an essential requirement for this role, as a minimum you must be willing & eligible to undergo checks. Please note, due to the exceptional requirements of this position (short-term nature of this role and speed at which we require a postholder in situ) preference may be given to candidates who meet all of the essential criteria and hold active security clearance.
Accountabilities
. Subject Matter Expert (SME) for log source evaluation and onboarding into Azure Sentinel
. Review existing on-premises logging configurations and recommend improvements for cloud ingestion.
. Conduct discovery and assessment of log sources, ensuring appropriate classification and prioritisation.
. Collaborate with Head of Cyber Operations and other security stakeholders to ensure accurate, consistent logging across platforms.
. Deploy and configure native and custom data connectors to support diverse log source integration.
. Maintain a standardised process for log source categorisation, enrichment, and validation.
Deliverables
. Assess, categorise, and prioritise existing log sources for migration based on telemetry value and risk
. Coordinate connector deployment, workspace configuration, and diagnostic settings with platform teams
. Configure and validate native, Syslog, API, and custom ingestion paths as needed
. Ensure key log types (eg, Windows Security, Firewall, DNS, Proxy, AD, Identity) are onboarded and actionable
. Track onboarding progress and ingestion metrics using workbooks, dashboards, and reports
. Document log schemas, ingestion frequency, source ownership, and normalization mappings
Knowledge and Experience
. Experience with Microsoft Azure security technologies, especially Azure Sentinel, Log Analytics, and Azure Monitor
. Strong understanding of common log formats (Syslog, JSON, CEF, Windows Events, etc.)
. Familiarity with cloud migration strategies and hybrid logging environments
. Strong documentation skills and attention to detail
. Experience with security frameworks such as MITRE ATT&CK, NIST, and CAF
. Ability to troubleshoot complex ingestion or parsing issues and resolve at speed
Essential Skills
. Proven experience onboarding and managing log sources in Azure Sentinel
. Hands-on experience configuring data connectors and diagnostic settings in Azure
. Solid understanding of use case development and detection engineering
. Knowledge of PowerShell, KQL (Kusto Query Language), and JSON formatting
. Familiarity with identity-related logs (Azure AD, ADFS, M365 Defender, etc.)
. Experience working in a Security Operations environment or supporting SOC functions
. Understanding of network and host-based telemetry relevant for threat detection
Desirable
. Azure certifications (SC-200, AZ-500, MS-500)
. Experience with LogRhythm SIEM Platform
. Knowledge of SOAR tools and automation (Logic Apps, Sentinel Playbooks)
Please be aware that this role can only be worked within the UK and not Overseas.
Sellafield Ltd is committed to eliminating discrimination and encouraging diversity amongst its workforce.
Disability Confident
As a member of the Disability Confident Scheme, Sellafield guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group. This scheme encourages candidates with a disability and/or neurodivergence to apply. In exceptional circumstances, we may also need to apply the desirable criteria in our shortlisting process which may include holding active security clearance.
Armed Forces Covenant
Sellafield guarantees to interview veterans or spouses/partners of military personnel who meet all the essential criteria for the vacancy. In cases where we have a high volume of ex-military candidates/military spouses or partners, who meet all of the essential criteria, we will interview the best candidates from within that group. In exceptional circumstances, we may also need to apply the desirable criteria in our shortlisting process which may include holding active security clearance.
In applying for this role, you acknowledge the following \βthis role falls in scope of the Off Payroll Working in the Public Sector legislation. Any rates of
SC Cleared Azure Sentinel Cyber Security Engineer employer: Alexander Mann Solutions - Public Sector Resourcing
Contact Detail:
Alexander Mann Solutions - Public Sector Resourcing Recruiting Team
StudySmarter Expert Advice π€«
We think this is how you could land SC Cleared Azure Sentinel Cyber Security Engineer
β¨Tip Number 1
Make sure you have a solid understanding of Azure Sentinel and its functionalities. Familiarise yourself with the latest updates and features, as this will not only help you in interviews but also demonstrate your commitment to staying current in the field.
β¨Tip Number 2
Network with professionals in the cyber security field, especially those who have experience with Azure Sentinel. Attend relevant meetups or online forums where you can ask questions and gain insights that could give you an edge during the application process.
β¨Tip Number 3
Prepare to discuss specific examples of your experience with log source evaluation and onboarding. Be ready to explain how you've tackled challenges in previous roles, particularly in relation to cloud ingestion and security frameworks.
β¨Tip Number 4
Since SC clearance is essential for this role, ensure you understand the requirements and process for obtaining it. If you already hold active clearance, be sure to highlight this in your discussions, as it could significantly boost your chances of landing the job.
We think you need these skills to ace SC Cleared Azure Sentinel Cyber Security Engineer
Some tips for your application π«‘
Tailor Your CV: Make sure your CV highlights relevant experience with Azure Sentinel and other Microsoft security technologies. Use specific examples that demonstrate your expertise in log source onboarding and management.
Craft a Strong Cover Letter: In your cover letter, express your enthusiasm for the role at Sellafield and how your skills align with their mission. Mention your understanding of security frameworks and your ability to troubleshoot complex issues.
Highlight Security Clearance: If you hold active SC clearance, make this clear in your application. If not, state your willingness to undergo the necessary checks, as this is a crucial requirement for the position.
Showcase Continuous Improvement Mindset: Demonstrate your commitment to professional development and continuous improvement in your application. Mention any relevant certifications or training you've completed, especially those related to Azure and security operations.
How to prepare for a job interview at Alexander Mann Solutions - Public Sector Resourcing
β¨Understand Azure Sentinel Inside Out
Make sure you have a solid grasp of Azure Sentinel and its functionalities. Be prepared to discuss your experience with onboarding log sources, configuring data connectors, and troubleshooting ingestion issues. Highlight specific examples from your past work that demonstrate your expertise.
β¨Familiarise Yourself with Security Frameworks
Since the role requires knowledge of security frameworks like MITRE ATT&CK and NIST, brush up on these concepts. Be ready to explain how you've applied these frameworks in your previous roles, particularly in relation to threat detection and incident response.
β¨Showcase Your Documentation Skills
Attention to detail is crucial for this position. Prepare to discuss how you document log schemas, ingestion paths, and other technical details. Providing examples of your documentation practices can set you apart from other candidates.
β¨Prepare for Technical Questions
Expect technical questions related to log formats, cloud migration strategies, and hybrid logging environments. Practise explaining complex concepts in simple terms, as you may need to communicate effectively with non-technical stakeholders.
