Be among the first 25 applicants.

• Are you an experienced Microsoft Sentinel Engineer ready to take ownership of advanced security projects?
• Do you have strong 3rd‑line level experience across Microsoft, Azure, networking, and cloud security?
• Would you like to join a fast‑growing global consultancy where your expertise will help shape the future of their cybersecurity offering?

Up to £70,000 DOE
Remote
Must be UK based

The Role

You will join the cybersecurity team within a specialist Microsoft consultancy that’s growing rapidly across the UK and globally. The team currently measures around 15 people within a 60‑person business and has recently onboarded a major financial services client.

As a Microsoft Sentinel Engineer, you will design, implement, and optimise Sentinel solutions across enterprise environments. You will connect multiple data sources, write complex KQL queries, build automation playbooks, and work closely with clients to strengthen their security operations and response capabilities.

What You Will Be Doing

• Design, configure, and deliver Sentinel SIEM solutions for enterprise clients.
• Develop and optimise automation rules, playbooks, and runbooks using Logic Apps and Power Automate.
• Write and fine‑une Kusto Query Language (KQL) queries to analyse and visualise raw security data.
• Integrate third‑party tools (firewalls, IAM, telemetry) into Sentinel.
• Use MITRE ATT&CK to anticipate and counter adversarial activity.
• Apply cost‑optimisation principles (data tiering, filtering).
• Collaborate with security architects to improve internal policies and ISO 27001 alignment.
• Act as an escalation point within the SOC and mentor junior engineers.

What We Are Looking For

• 3+ years experience as a Microsoft Sentinel or SIEM Engineer.
• Strong background across Microsoft 365, Azure, networking, and cybersecurity.
• Hands‑on experience with KQL, PowerShell, and ideally Python.
• Proven experience automating processes using Logic Apps, Playbooks, or Terraform.
• Understanding of encryption, data protection, and incident response.
• Confident communicator, capable of working in client‑facing scenarios.
• Ideally certified in one or more of:

• SC‑200 (Security Operations Analyst)
• AZ‑500 (Azure Security Engineer)
• SC‑100 (Cybersecurity Architect, highly desirable)
• CompTIA Security+, CISSP, or Ethical Hacker

Why Join?

• Fast‑growing, globally distributed Microsoft consultancy with reputation for delivery and innovation.
• Fastest‑growing division with real opportunities to progress.
• Direct collaboration with senior leadership (including the CEO) in a flat structure.
• Exposure to enterprise‑scale environments, including financial services sector.
• Fully remote role with flexible working and global team collaboration.

Interested?

Apply today or get in touch for a confidential chat. We would love to tell you more about the team, their growth plans, and how you could make an impact in this key role.