Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Own and optimise log onboarding into Microsoft Sentinel for real-world threat detection.
- Company: Join a global Microsoft Managed Partner, renowned for advanced security solutions.
- Benefits: Enjoy fully remote work, flexible hours, and career growth opportunities.
- Why this job: Contribute to nation-state attack detection while enhancing your Sentinel expertise in a dynamic environment.
- Qualifications: Experience with Microsoft Sentinel, SIEM content development, and scripting skills required.
- Other info: Access to Microsoft product teams and early feature previews.
The predicted salary is between 68000 - 102000 £ per year.
This is a standout opportunity for a Microsoft Sentinel expert to step into a high-impact, technically advanced role with a global security Microsoft powerhouse.
You will be joining a Microsoft managed global partner, a prominent MISA member, a team with Security MVPs and a Microsoft Verified Safe XDR Solution Partner, and a trusted Security Depth Partner. This gives you unparalleled access to Microsoft’s security product roadmap, security previews, and frontline support.
You will work at the sharp end of cyber defence, directly contributing to investigations involving nation-state threat actors while refining your craft across enterprise-scale log ingestion and customised Sentinel integration engineering.
The Role:
- Own and optimise enterprise-wide log onboarding into Microsoft Sentinel – deploying standard and custom connectors, Function Apps, and parsers to build tailored SIEM solutions that drive real-world threat detection and response.
- Log ingestion at scale across numerous hybrid and multi-cloud environments.
- Enhance custom Function Apps and ingestion pipelines.
- Parse, normalise, and optimise log telemetry to ensure precision and cost control.
- Partner with IR teams on real attacks – tuning rules against live threat actor activity.
- Sync closely with Microsoft teams to build cutting-edge detection capabilities.
- Contribute to internal knowledge base and help shape engineering standards.
What’s needed?
- Experience building and integrating complex Microsoft Sentinel at SMC and enterprise.
- Understanding of security telemetry across identity, endpoint, cloud, and network layers.
- Experience in SIEM content development, including KQL, analytics rules, and custom data connectors.
- Scripting and engineering skills – Python, PowerShell, APIs, Function Apps.
- A background in cyber threat detection, incident response or DFIR is a real plus.
- Comfortable working in very fast-moving, customer facing delivery environments.
The Technical Shizzle:
- Microsoft Sentinel (KQL, Analytics Rules, Workbooks, Watchlists).
- Azure Function Apps, Logic Apps, ARM templates.
- PowerShell, Python, REST APIs.
- Log ingestion and parsing across multi platforms (Azure/AWS/GCP, M365, Defender, Entra, Copilot, Carbon Black, Okta + Tier 1 Network vendors).
- MITRE ATT&CK, threat detection frameworks, IOC enrichment.
- Ability to go and work things out is crucial.
- Sentinel/Log Analytics Cost Management and Data Optimisation.
What’s In It for You?
- Direct access to Microsoft Sentinel product teams and early feature previews.
- Deep involvement in real-world nation-state attack detection.
- Huge opportunity to stretch and sharpen your Sentinel mastery.
- Be part of a Microsoft Security elite MISA and Depth partner.
- Exposure to multi-cloud detection and advanced security automation.
- Fully remote, highly flexible work culture with global team collaboration.
- Recognition, career progression and growth all within a global Microsoft specialist and respected security consultancy.
Senior Microsoft Sentinel / SIEM Engineer employer: Cloud Decisions
Contact Detail:
Cloud Decisions Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Senior Microsoft Sentinel / SIEM Engineer
✨Tip Number 1
Network with professionals in the Microsoft Sentinel and SIEM space. Attend relevant webinars, join online forums, and connect with current employees at StudySmarter on LinkedIn to gain insights into the company culture and expectations.
✨Tip Number 2
Stay updated on the latest trends and developments in Microsoft Sentinel and SIEM technologies. Follow industry news, participate in discussions, and consider obtaining certifications that demonstrate your expertise in these areas.
✨Tip Number 3
Prepare to discuss real-world scenarios involving threat detection and incident response during interviews. Be ready to share specific examples of how you've tackled complex log ingestion or custom connector challenges in previous roles.
✨Tip Number 4
Familiarise yourself with the MITRE ATT&CK framework and be prepared to discuss how it applies to your work. Understanding this framework will help you articulate your approach to threat detection and response effectively.
We think you need these skills to ace Senior Microsoft Sentinel / SIEM Engineer
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights your experience with Microsoft Sentinel and SIEM solutions. Focus on specific projects where you've built or integrated complex systems, and mention any relevant scripting skills in Python or PowerShell.
Craft a Compelling Cover Letter: In your cover letter, express your passion for cyber security and detail how your background aligns with the role. Mention your familiarity with threat detection frameworks and your experience in incident response to demonstrate your fit for the position.
Showcase Relevant Skills: When filling out your application, emphasise your technical skills such as KQL, analytics rules, and custom data connectors. Provide examples of how you've used these skills in past roles to enhance log ingestion and optimise telemetry.
Highlight Collaboration Experience: Since the role involves working closely with IR teams and Microsoft, include examples of your collaborative work in previous positions. This could be projects where you partnered with other teams to tackle real-world threats or improve security measures.
How to prepare for a job interview at Cloud Decisions
✨Showcase Your Technical Expertise
Be prepared to discuss your experience with Microsoft Sentinel and SIEM solutions in detail. Highlight specific projects where you've built or integrated complex systems, and be ready to explain the technical challenges you faced and how you overcame them.
✨Demonstrate Your Problem-Solving Skills
Since the role involves working with real-world cyber threats, share examples of how you've tackled security incidents or optimised log ingestion processes. Use the STAR method (Situation, Task, Action, Result) to structure your responses.
✨Familiarise Yourself with Current Threat Landscapes
Stay updated on recent cyber threats and trends, especially those involving nation-state actors. Being able to discuss current events and their implications for security will show your passion and commitment to the field.
✨Prepare Questions for the Interviewers
Think of insightful questions to ask about the company's approach to security, their use of Microsoft Sentinel, and how they handle incident response. This not only shows your interest but also helps you gauge if the company is the right fit for you.
