Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Own and optimise log onboarding into Microsoft Sentinel for real-world threat detection.
- Company: Join a global Microsoft Managed Partner, renowned for its security expertise.
- Benefits: Enjoy fully remote work, flexible hours, and career growth opportunities.
- Why this job: Contribute to nation-state attack detection while enhancing your Sentinel skills in a dynamic environment.
- Qualifications: Experience with Microsoft Sentinel, SIEM content development, and scripting skills required.
- Other info: Access to Microsoft product teams and early feature previews.
The predicted salary is between 68000 - 102000 £ per year.
This is a standout opportunity for a Microsoft Sentinel expert to step into a high-impact, technically advanced role with a global security Microsoft powerhouse.
You will be joining a Microsoft managed global partner, a prominent MISA member, a team with Security MVPs and a Microsoft Verified Safe XDR Solution Partner, and a trusted Security Depth Partner. This gives you unparalleled access to Microsoft’s security product roadmap, security previews, and frontline support.
You will work at the sharp end of cyber defence, directly contributing to investigations involving nation-state threat actors while refining your craft across enterprise-scale log ingestion and customised Sentinel integration engineering.
The Role:
- Own and optimise enterprise-wide log onboarding into Microsoft Sentinel – deploying standard and custom connectors, Function Apps, and parsers to build tailored SIEM solutions that drive real-world threat detection and response.
- Log ingestion at scale across numerous hybrid and multi-cloud environments.
- Enhance custom Function Apps and ingestion pipelines.
- Parse, normalise, and optimise log telemetry to ensure precision and cost control.
- Partner with IR teams on real attacks – tuning rules against live threat actor activity.
- Sync closely with Microsoft teams to build cutting-edge detection capabilities.
- Contribute to internal knowledge base and help shape engineering standards.
What’s needed?
- Experience building and integrating complex Microsoft Sentinel at SMC and enterprise.
- Understanding of security telemetry across identity, endpoint, cloud, and network layers.
- Experience in SIEM content development, including KQL, analytics rules, and custom data connectors.
- Scripting and engineering skills – Python, PowerShell, APIs, Function Apps.
- A background in cyber threat detection, incident response or DFIR is a real plus.
- Comfortable working in very fast-moving, customer facing delivery environments.
The Technical Shizzle:
- Microsoft Sentinel (KQL, Analytics Rules, Workbooks, Watchlists).
- Azure Function Apps, Logic Apps, ARM templates.
- PowerShell, Python, REST APIs.
- Log ingestion and parsing across multi platforms (Azure/AWS/GCP, M365, Defender, Entra, Copilot, Carbon Black, Okta + Tier 1 Network vendors).
- MITRE ATT&CK, threat detection frameworks, IOC enrichment.
- Ability to go and work things out is crucial.
- Sentinel/Log Analytics Cost Management and Data Optimisation.
What’s In It for You?
- Direct access to Microsoft Sentinel product teams and early feature previews.
- Deep involvement in real-world nation-state attack detection.
- Huge opportunity to stretch and sharpen your Sentinel mastery.
- Be part of a Microsoft Security elite MISA and Depth partner.
- Exposure to multi-cloud detection and advanced security automation.
- Fully remote, highly flexible work culture with global team collaboration.
- Recognition, career progression and growth all within a global Microsoft specialist and respected security consultancy.
Senior Microsoft Sentinel / SIEM Engineer employer: Cloud Decisions
Contact Detail:
Cloud Decisions Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Senior Microsoft Sentinel / SIEM Engineer
✨Tip Number 1
Familiarise yourself with Microsoft Sentinel's latest features and updates. Since you'll be working closely with Microsoft teams, having a solid understanding of their product roadmap will not only impress during discussions but also demonstrate your commitment to staying ahead in the field.
✨Tip Number 2
Engage with the Microsoft Sentinel community online. Join forums, attend webinars, and participate in discussions related to SIEM and threat detection. This will help you build connections and gain insights that could be beneficial during your interview process.
✨Tip Number 3
Showcase your hands-on experience with log ingestion and parsing across various platforms. Prepare to discuss specific projects where you've successfully implemented custom connectors or enhanced Function Apps, as this practical knowledge is crucial for the role.
✨Tip Number 4
Brush up on your scripting skills, particularly in Python and PowerShell. Being able to demonstrate your ability to automate processes and develop custom solutions will set you apart from other candidates and align well with the technical requirements of the position.
We think you need these skills to ace Senior Microsoft Sentinel / SIEM Engineer
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights your experience with Microsoft Sentinel and SIEM solutions. Focus on specific projects where you've built or integrated complex systems, and mention any relevant scripting skills in Python or PowerShell.
Craft a Compelling Cover Letter: In your cover letter, express your passion for cyber security and detail how your background aligns with the role. Mention your familiarity with threat detection frameworks and your experience in fast-paced environments to demonstrate your fit.
Showcase Relevant Skills: Clearly outline your technical skills related to Microsoft Sentinel, including KQL, analytics rules, and log ingestion across multi-cloud platforms. Use specific examples to illustrate your expertise and problem-solving abilities.
Highlight Collaboration Experience: Since the role involves working closely with incident response teams and Microsoft, emphasise any past experiences where you collaborated with cross-functional teams. This will show your ability to work effectively in a customer-facing delivery environment.
How to prepare for a job interview at Cloud Decisions
✨Showcase Your Technical Expertise
Be prepared to discuss your experience with Microsoft Sentinel and SIEM solutions in detail. Highlight specific projects where you've integrated complex systems, focusing on your use of KQL, analytics rules, and custom data connectors.
✨Demonstrate Problem-Solving Skills
Expect scenario-based questions that assess your ability to troubleshoot and optimise log ingestion processes. Share examples of how you've tackled challenges in fast-paced environments, particularly in cyber threat detection.
✨Familiarise Yourself with Current Threat Landscapes
Stay updated on recent nation-state attacks and the tactics used by threat actors. This knowledge will help you engage in meaningful discussions about real-world applications of Microsoft Sentinel in threat detection and incident response.
✨Prepare Questions for the Interviewers
Show your interest in the role by preparing insightful questions about the company's approach to security, their collaboration with Microsoft, and opportunities for professional development within the team.
