Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Own and optimise log onboarding into Microsoft Sentinel for real-world threat detection.
- Company: Join a global Microsoft Managed Partner, renowned for its security expertise.
- Benefits: Enjoy fully remote work, flexible hours, and career growth opportunities.
- Other info: Access to Microsoft product teams and early feature previews.
- Why this job: Contribute to nation-state attack detection while enhancing your Sentinel skills in a dynamic environment.
- Qualifications: Experience with Microsoft Sentinel, SIEM content development, and scripting skills required.
The predicted salary is between 68000 - 102000 £ per year.
This is a standout opportunity for a Microsoft Sentinel expert to step into a high-impact, technically advanced role with a global security Microsoft powerhouse.
You will be joining a Microsoft managed global partner, a prominent MISA member, a team with Security MVPs and a Microsoft Verified Safe XDR Solution Partner, and a trusted Security Depth Partner. This gives you unparalleled access to Microsoft’s security product roadmap, security previews, and frontline support.
You will work at the sharp end of cyber defence, directly contributing to investigations involving nation-state threat actors while refining your craft across enterprise-scale log ingestion and customised Sentinel integration engineering.
The Role:
- Own and optimise enterprise-wide log onboarding into Microsoft Sentinel – deploying standard and custom connectors, Function Apps, and parsers to build tailored SIEM solutions that drive real-world threat detection and response.
- Log ingestion at scale across numerous hybrid and multi-cloud environments.
- Enhance custom Function Apps and ingestion pipelines.
- Parse, normalise, and optimise log telemetry to ensure precision and cost control.
- Partner with IR teams on real attacks – tuning rules against live threat actor activity.
- Sync closely with Microsoft teams to build cutting-edge detection capabilities.
- Contribute to internal knowledge base and help shape engineering standards.
What’s needed?
- Experience building and integrating complex Microsoft Sentinel at SMC and enterprise.
- Understanding of security telemetry across identity, endpoint, cloud, and network layers.
- Experience in SIEM content development, including KQL, analytics rules, and custom data connectors.
- Scripting and engineering skills – Python, PowerShell, APIs, Function Apps.
- A background in cyber threat detection, incident response or DFIR is a real plus.
- Comfortable working in very fast-moving, customer facing delivery environments.
The Technical Shizzle:
- Microsoft Sentinel (KQL, Analytics Rules, Workbooks, Watchlists).
- Azure Function Apps, Logic Apps, ARM templates.
- PowerShell, Python, REST APIs.
- Log ingestion and parsing across multi platforms (Azure/AWS/GCP, M365, Defender, Entra, Copilot, Carbon Black, Okta + Tier 1 Network vendors).
- MITRE ATT&CK, threat detection frameworks, IOC enrichment.
- Ability to go and work things out is crucial.
- Sentinel/Log Analytics Cost Management and Data Optimisation.
What’s In It for You?
- Direct access to Microsoft Sentinel product teams and early feature previews.
- Deep involvement in real-world nation-state attack detection.
- Huge opportunity to stretch and sharpen your Sentinel mastery.
- Be part of a Microsoft Security elite MISA and Depth partner.
- Exposure to multi-cloud detection and advanced security automation.
- Fully remote, highly flexible work culture with global team collaboration.
- Recognition, career progression and growth all within a global Microsoft specialist and respected security consultancy.
Locations
Senior Microsoft Sentinel / SIEM Engineer employer: Cloud Decisions
Contact Detail:
Cloud Decisions Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Senior Microsoft Sentinel / SIEM Engineer
✨Tip Number 1
Familiarise yourself with Microsoft Sentinel's latest features and updates. Since you'll be working closely with Microsoft teams, having a solid understanding of their product roadmap will not only impress during discussions but also demonstrate your commitment to staying ahead in the field.
✨Tip Number 2
Engage with the cybersecurity community, especially those focused on Microsoft technologies. Join forums, attend webinars, and participate in discussions about SIEM solutions and threat detection. This networking can provide valuable insights and connections that may help you stand out as a candidate.
✨Tip Number 3
Showcase your hands-on experience with log ingestion and parsing across various platforms. Prepare to discuss specific projects where you've successfully implemented custom connectors or enhanced Function Apps, as this practical knowledge is crucial for the role.
✨Tip Number 4
Brush up on your scripting skills, particularly in Python and PowerShell. Being able to demonstrate your ability to automate processes and develop custom solutions will be a significant advantage, especially in a fast-paced delivery environment.
We think you need these skills to ace Senior Microsoft Sentinel / SIEM Engineer
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights your experience with Microsoft Sentinel and SIEM solutions. Focus on specific projects where you've built or integrated complex systems, and mention any relevant scripting skills in Python or PowerShell.
Craft a Compelling Cover Letter: In your cover letter, express your passion for cyber security and detail how your background aligns with the role. Mention your familiarity with threat detection frameworks and your experience in incident response to demonstrate your fit for the position.
Showcase Relevant Skills: When detailing your skills, emphasise your knowledge of KQL, analytics rules, and custom data connectors. Highlight your ability to work in fast-paced environments and your experience with multi-cloud platforms like Azure, AWS, and GCP.
Prepare for Technical Questions: Anticipate technical questions related to log ingestion, parsing, and cost management in Microsoft Sentinel. Be ready to discuss your previous experiences and how you approached challenges in these areas during interviews.
How to prepare for a job interview at Cloud Decisions
✨Showcase Your Technical Expertise
Be prepared to discuss your experience with Microsoft Sentinel and SIEM solutions in detail. Highlight specific projects where you've built or integrated complex systems, and be ready to explain the technical challenges you faced and how you overcame them.
✨Demonstrate Your Problem-Solving Skills
Since the role involves working with real-world cyber threats, share examples of how you've tackled security incidents in the past. Discuss your approach to incident response and how you collaborated with teams to enhance detection capabilities.
✨Familiarise Yourself with KQL and Scripting
Brush up on your KQL skills and any relevant scripting languages like Python and PowerShell. Be ready to answer questions or even solve problems on the spot that involve writing queries or scripts to demonstrate your proficiency.
✨Understand the Company’s Security Landscape
Research the company’s position as a Microsoft Managed Partner and their involvement in global security initiatives. Being knowledgeable about their projects and contributions to the security community will show your genuine interest in the role and the organisation.