At a Glance
- Tasks: Lead Microsoft Sentinel projects, optimise security configurations, and enhance threat detection.
- Company: Join a major enterprise undergoing a significant security transformation.
- Benefits: Competitive pay, flexible working options, and opportunities for professional growth.
- Other info: Fast-paced environment with exciting challenges and career advancement potential.
- Why this job: Be at the forefront of security innovation and make a real difference.
- Qualifications: Expertise in Microsoft Sentinel and strong KQL skills required.
The predicted salary is between 60000 - 80000 £ per year.
An experienced Microsoft Sentinel SME is required to support a major security transformation programme within a large enterprise environment. The successful consultant will take ownership of the Microsoft Sentinel platform, helping to improve detection capabilities, optimise existing configurations, develop new use cases, and enhance the organisation's overall security monitoring and response capabilities. This role would suit a hands‑on Security Engineer, Detection Engineer, SIEM Engineer, or Security Operations specialist with deep Microsoft security expertise and extensive experience working with Sentinel in complex enterprise environments.
Key Responsibilities
- Act as the technical lead and subject matter expert for Microsoft Sentinel
- Review and optimise existing Sentinel deployments, analytics rules, and workbooks
- Design, build, and tune threat‑detection use cases aligned with current threats
- Develop advanced KQL queries for monitoring, threat hunting, and investigations
- Integrate new data sources and improve security visibility across the estate
- Create and enhance automated response workflows using Logic Apps and Sentinel playbooks
- Work closely with Security Operations, Infrastructure, Cloud, and Engineering teams
- Support incident investigations and threat‑hunting activities
- Provide recommendations for improving monitoring coverage, detection fidelity, and operational effectiveness
Required Skills & Experience
- Proven experience as a Microsoft Sentinel SME within enterprise environments
- Strong expertise in Microsoft Sentinel architecture, deployment, and administration
- Advanced Kusto Query Language (KQL) skills
- Strong background in SIEM engineering, detection engineering, and threat hunting
- Experience with Microsoft Defender technologies including Defender XDR, Defender for Endpoint, Defender for Identity, and Defender for Cloud
- Experience building automation and orchestration workflows using Logic Apps
- Good understanding of Azure security services and cloud‑native security controls
- Strong knowledge of security operations, incident response, and cyber defence principles
Desirable Experience
- Financial Services, Banking, Insurance, or other highly regulated environments
- MITRE ATT&CK mapping and detection engineering methodologies
- PowerShell and/or Python scripting
- Microsoft Security certifications (SC-200, AZ-500, SC-100)
If you are a Microsoft Sentinel specialist seeking a technically challenging contract in a fast‑paced environment, please apply with your latest CV for immediate consideration.
Microsoft Sentinel SME (Outside IR35) in London employer: Xcede Recruitment Solutions
Join a leading enterprise at the forefront of security transformation, where your expertise as a Microsoft Sentinel SME will be valued and impactful. With a strong focus on employee growth, we offer a collaborative work culture that encourages innovation and continuous learning, alongside competitive benefits tailored to support your professional journey. Located in a dynamic environment, you'll have the opportunity to work with cutting-edge technologies while contributing to meaningful security enhancements across the organisation.
Contact Details:
Xcede Recruitment Solutions Recruitment Team
StudySmarter Expert Advice🤫
We think this is how you could land Microsoft Sentinel SME (Outside IR35) in London
✨Tip Number 1
Network, network, network! Get in touch with folks in the industry, especially those who work with Microsoft Sentinel. Attend meetups or webinars, and don’t be shy about reaching out on LinkedIn. You never know who might have a lead on your dream job!
✨Tip Number 2
Show off your skills! If you’ve got experience with KQL or building automation workflows, create a portfolio or a GitHub repo showcasing your projects. This gives potential employers a taste of what you can do and sets you apart from the crowd.
✨Tip Number 3
Prepare for interviews by brushing up on common questions related to Microsoft Sentinel and security operations. Practice explaining your past experiences and how they relate to the role. We recommend doing mock interviews with friends or using online platforms to get comfortable.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, we love seeing candidates who are proactive about their job search!
We think you need these skills to ace Microsoft Sentinel SME (Outside IR35) in London
Some tips for your application 🫡
Tailor Your CV:Make sure your CV highlights your experience with Microsoft Sentinel and related technologies. We want to see how your skills align with the key responsibilities mentioned in the job description.
Showcase Your Expertise:Don’t just list your skills; demonstrate them! Include specific examples of how you've optimised Sentinel deployments or developed KQL queries. This helps us see your hands-on experience in action.
Be Clear and Concise:When writing your application, keep it straightforward. Use bullet points for easy reading and make sure to address all the required skills and experience we’re looking for.
Apply Through Our Website:We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you don’t miss out on any important updates from us!
How to prepare for a job interview at Xcede Recruitment Solutions
✨Know Your Microsoft Sentinel Inside Out
Make sure you brush up on your knowledge of Microsoft Sentinel. Be prepared to discuss its architecture, deployment, and administration in detail. Familiarise yourself with the latest features and updates, as well as any common challenges faced in enterprise environments.
✨Show Off Your KQL Skills
Since advanced Kusto Query Language (KQL) skills are a must for this role, practice writing and optimising queries before the interview. Be ready to demonstrate how you've used KQL for monitoring, threat hunting, or investigations in past projects.
✨Prepare Real-World Examples
Think of specific instances where you've improved detection capabilities or optimised existing configurations. Use the STAR method (Situation, Task, Action, Result) to structure your answers, showcasing your hands-on experience and problem-solving skills.
✨Understand the Bigger Picture
Familiarise yourself with the broader security landscape, including Microsoft Defender technologies and Azure security services. Be prepared to discuss how these tools integrate with Microsoft Sentinel and how they can enhance overall security monitoring and response capabilities.
