Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Own and optimise log onboarding into Microsoft Sentinel for real-world threat detection.
- Company: Join a global Microsoft Managed Partner, renowned for its security expertise.
- Benefits: Enjoy fully remote work, flexible hours, and career growth opportunities.
- Why this job: Contribute to nation-state attack detection while enhancing your Sentinel skills in a supportive environment.
- Qualifications: Experience with Microsoft Sentinel, SIEM content development, and scripting skills required.
- Other info: Work closely with Microsoft teams and gain access to cutting-edge security features.
The predicted salary is between 68000 - 102000 £ per year.
This is a standout opportunity for a Microsoft Sentinel expert to step into a high-impact, technically advanced role with a global security Microsoft powerhouse.
You will be joining a Microsoft managed global partner, a prominent MISA member, a team with Security MVPs and a Microsoft Verified Safe XDR Solution Partner, and a trusted Security Depth Partner. This gives you unparalleled access to Microsoft’s security product roadmap, security previews, and frontline support.
You will work at the sharp end of cyber defence, directly contributing to investigations involving nation-state threat actors while refining your craft across enterprise-scale log ingestion and customised Sentinel integration engineering.
The Role:
- Own and optimise enterprise-wide log onboarding into Microsoft Sentinel – deploying standard and custom connectors, Function Apps, and parsers to build tailored SIEM solutions that drive real-world threat detection and response.
- Log ingestion at scale across numerous hybrid and multi-cloud environments.
- Enhance custom Function Apps and ingestion pipelines.
- Parse, normalise, and optimise log telemetry to ensure precision and cost control.
- Partner with IR teams on real attacks – tuning rules against live threat actor activity.
- Sync closely with Microsoft teams to build cutting-edge detection capabilities.
- Contribute to internal knowledge base and help shape engineering standards.
What’s needed?
- Experience building and integrating complex Microsoft Sentinel at SMC and enterprise level.
- Understanding of security telemetry across identity, endpoint, cloud, and network layers.
- Experience in SIEM content development, including KQL, analytics rules, and custom data connectors.
- Scripting and engineering skills – Python, PowerShell, APIs, Function Apps.
- A background in cyber threat detection, incident response or DFIR is a real plus.
- Comfortable working in very fast-moving, customer-facing delivery environments.
The Technical Shizzle:
- Microsoft Sentinel (KQL, Analytics Rules, Workbooks, Watchlists).
- Azure Function Apps, Logic Apps, ARM templates.
- PowerShell, Python, REST APIs.
- Log ingestion and parsing across multi platforms (Azure/AWS/GCP, M365, Defender, Entra, Copilot, Carbon Black, Okta + Tier 1 Network vendors).
- MITRE ATT&CK, threat detection frameworks, IOC enrichment.
- Ability to go and work things out is crucial.
- Sentinel/Log Analytics Cost Management and Data Optimisation.
What’s In It for You?
- Direct access to Microsoft Sentinel product teams and early feature previews.
- Deep involvement in real-world nation-state attack detection.
- Huge opportunity to stretch and sharpen your Sentinel mastery.
- Be part of a Microsoft Security elite MISA and Depth partner.
- Exposure to multi-cloud detection and advanced security automation.
- Fully remote, highly flexible work culture with global team collaboration.
- Recognition, career progression and growth all within a global Microsoft specialist and respected security consultancy.
Senior Microsoft Sentinel / SIEM Engineer employer: Cloud Decisions
Contact Detail:
Cloud Decisions Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Senior Microsoft Sentinel / SIEM Engineer
✨Tip Number 1
Familiarise yourself with Microsoft Sentinel's latest features and updates. Being well-versed in the current capabilities will not only boost your confidence during discussions but also demonstrate your genuine interest in the role.
✨Tip Number 2
Engage with the Microsoft Sentinel community online. Join forums, attend webinars, and participate in discussions to network with other professionals. This can provide valuable insights and potentially lead to referrals.
✨Tip Number 3
Showcase your hands-on experience with relevant tools and technologies. If you have worked on projects involving KQL, Azure Function Apps, or multi-cloud environments, be prepared to discuss these experiences in detail during interviews.
✨Tip Number 4
Stay updated on the latest trends in cyber security and threat detection. Being knowledgeable about current threats and how they relate to Microsoft Sentinel will help you stand out as a candidate who is proactive and informed.
We think you need these skills to ace Senior Microsoft Sentinel / SIEM Engineer
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights your experience with Microsoft Sentinel and SIEM engineering. Focus on specific projects where you've built or integrated complex systems, and mention any relevant scripting skills in Python or PowerShell.
Craft a Compelling Cover Letter: In your cover letter, express your passion for cyber defence and your understanding of the role's requirements. Mention your familiarity with security telemetry and how your background aligns with the company's focus on nation-state threat detection.
Showcase Relevant Skills: Clearly outline your technical skills related to Microsoft Sentinel, including KQL, analytics rules, and custom data connectors. Provide examples of how you've used these skills in past roles to enhance log ingestion and threat detection.
Highlight Continuous Learning: Mention any ongoing training or certifications related to Microsoft Sentinel or cybersecurity. This shows your commitment to staying updated with the latest technologies and practices in the field.
How to prepare for a job interview at Cloud Decisions
✨Showcase Your Technical Expertise
Be prepared to discuss your experience with Microsoft Sentinel and SIEM solutions in detail. Highlight specific projects where you've built or integrated complex systems, and be ready to explain the technical challenges you faced and how you overcame them.
✨Demonstrate Your Problem-Solving Skills
Since the role involves working with real-world cyber threats, share examples of how you've tackled security incidents or optimised log ingestion processes. Use the STAR method (Situation, Task, Action, Result) to structure your responses effectively.
✨Familiarise Yourself with Current Threat Landscapes
Stay updated on the latest trends in cyber threats, especially those involving nation-state actors. Being able to discuss recent incidents or emerging threats will show your passion for the field and your proactive approach to security.
✨Prepare Questions for the Interviewers
Think of insightful questions to ask about the company's approach to security, their use of Microsoft Sentinel, and how they handle incident response. This not only shows your interest but also helps you gauge if the company is the right fit for you.
