At a Glance
- Tasks: Lead Microsoft Sentinel projects, optimise security monitoring, and enhance threat detection capabilities.
- Company: Join a large enterprise undergoing a major security transformation.
- Benefits: Competitive pay, flexible working arrangements, and opportunities for professional growth.
- Other info: Fast-paced role with exciting challenges and career advancement opportunities.
- Why this job: Be at the forefront of security innovation and make a real impact in a dynamic environment.
- Qualifications: Deep expertise in Microsoft Sentinel and strong KQL skills required.
The predicted salary is between 60000 - 80000 £ per year.
An experienced Microsoft Sentinel SME is required to support a major security transformation programme within a large enterprise environment. The successful consultant will take ownership of the Microsoft Sentinel platform, helping to improve detection capabilities, optimise existing configurations, develop new use cases, and enhance the organisation's overall security monitoring and response capabilities. This role would suit a hands‑on Security Engineer, Detection Engineer, SIEM Engineer, or Security Operations specialist with deep Microsoft security expertise and extensive experience working with Sentinel in complex enterprise environments.
Key Responsibilities
- Act as the technical lead and subject matter expert for Microsoft Sentinel
- Review and optimise existing Sentinel deployments, analytics rules, and workbooks
- Design, build, and tune threat‑detection use cases aligned with current threats
- Develop advanced KQL queries for monitoring, threat hunting, and investigations
- Integrate new data sources and improve security visibility across the estate
- Create and enhance automated response workflows using Logic Apps and Sentinel playbooks
- Work closely with Security Operations, Infrastructure, Cloud, and Engineering teams
- Support incident investigations and threat‑hunting activities
- Provide recommendations for improving monitoring coverage, detection fidelity, and operational effectiveness
Required Skills & Experience
- Proven experience as a Microsoft Sentinel SME within enterprise environments
- Strong expertise in Microsoft Sentinel architecture, deployment, and administration
- Advanced Kusto Query Language (KQL) skills
- Strong background in SIEM engineering, detection engineering, and threat hunting
- Experience with Microsoft Defender technologies including Defender XDR, Defender for Endpoint, Defender for Identity, and Defender for Cloud
- Experience building automation and orchestration workflows using Logic Apps
- Good understanding of Azure security services and cloud‑native security controls
- Strong knowledge of security operations, incident response, and cyber defence principles
Desirable Experience
- Financial Services, Banking, Insurance, or other highly regulated environments
- MITRE ATT&CK mapping and detection engineering methodologies
- PowerShell and/or Python scripting
- Microsoft Security certifications (SC-200, AZ-500, SC-100)
If you are a Microsoft Sentinel specialist seeking a technically challenging contract in a fast‑paced environment, please apply with your latest CV for immediate consideration.
Microsoft Sentinel SME (Outside IR35) employer: Xcede Recruitment Solutions
Join a leading enterprise at the forefront of security transformation, where your expertise as a Microsoft Sentinel SME will be valued and impactful. Our collaborative work culture fosters innovation and continuous learning, providing you with ample opportunities for professional growth while working alongside top-tier talent in a dynamic environment. Enjoy the unique advantage of contributing to critical security initiatives that protect our organisation and its clients, all within a supportive and forward-thinking team.
Contact Details:
Xcede Recruitment Solutions Recruitment Team
StudySmarter Expert Advice🤫
We think this is how you could land Microsoft Sentinel SME (Outside IR35)
✨Tip Number 1
Network like a pro! Reach out to your connections in the security field, especially those who have experience with Microsoft Sentinel. Attend industry events or webinars to meet potential employers and get your name out there.
✨Tip Number 2
Show off your skills! Create a portfolio showcasing your work with Microsoft Sentinel, including any use cases you've developed or optimised. This will give you an edge and demonstrate your hands-on experience.
✨Tip Number 3
Prepare for interviews by brushing up on KQL and your knowledge of Microsoft Defender technologies. Be ready to discuss how you've improved detection capabilities in past roles and how you can bring that expertise to the new position.
✨Tip Number 4
Don't forget to apply through our website! We make it easy for you to find the right opportunities, and applying directly can sometimes give you a better chance of landing that interview.
We think you need these skills to ace Microsoft Sentinel SME (Outside IR35)
Some tips for your application 🫡
Tailor Your CV:Make sure your CV highlights your experience with Microsoft Sentinel and related technologies. We want to see how your skills align with the job description, so don’t be shy about showcasing your expertise in KQL and SIEM engineering!
Showcase Relevant Projects:Include specific examples of projects where you've optimised Sentinel deployments or developed threat-detection use cases. We love seeing real-world applications of your skills, so let us know how you’ve made an impact in previous roles.
Keep It Clear and Concise:When writing your application, clarity is key! Use straightforward language and bullet points to make it easy for us to read through your qualifications and experiences. We appreciate a well-structured application that gets straight to the point.
Apply Through Our Website:Don’t forget to apply through our website! It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it makes the whole process smoother for both of us!
How to prepare for a job interview at Xcede Recruitment Solutions
✨Know Your Microsoft Sentinel Inside Out
Make sure you brush up on your knowledge of Microsoft Sentinel. Be prepared to discuss its architecture, deployment, and administration in detail. Familiarise yourself with the latest features and updates, as well as any common challenges faced in enterprise environments.
✨Show Off Your KQL Skills
Since advanced Kusto Query Language (KQL) skills are a must-have, practice writing and optimising queries before the interview. Be ready to demonstrate how you've used KQL for monitoring, threat hunting, and investigations in past roles.
✨Prepare Real-World Examples
Think of specific instances where you've improved detection capabilities or optimised existing configurations. Use the STAR method (Situation, Task, Action, Result) to structure your responses, showcasing your hands-on experience and problem-solving skills.
✨Understand the Bigger Picture
Familiarise yourself with the broader context of security operations and incident response. Be prepared to discuss how your role as a Microsoft Sentinel SME fits into the overall security transformation programme and how you can contribute to improving monitoring coverage and operational effectiveness.
