Senior Security Engineer - Azure / Microsoft Sentinel Expert

Senior Security Engineer (Azure / Microsoft Sentinel)

Up to £70,000 DOE

Remote – UK

Are you an experienced Microsoft Sentinel Engineer ready to take ownership of advanced security projects?

Do you have strong 3rd-line level experience across Microsoft, Azure, networking, and cloud security?

Would you like to join a fast-growing global consultancy where your expertise will help shape the future of their cybersecurity offering?

If so, this could be the perfect opportunity.

This is not a SOC monitoring role.

This is a hands-on engineering role focused on designing, building, and optimising Microsoft Sentinel environments across enterprise clients.

If you enjoy getting into the detail, writing KQL queries, building automation, integrating data sources, and shaping how security platforms actually work - you will be in your element here.

Does this sound like you?

• You have worked with SIEM tools (Sentinel, Splunk, QRadar, Elastic)
• You are comfortable across Azure, Microsoft 365, and cloud security
• You enjoy building and improving, not just monitoring alerts
• You like working directly with clients and solving real problems
• You can operate at a strong 3rd line / senior engineering level

We are specifically looking for hands-on Sentinel experience (design, build, or optimisation), rather than monitoring-only exposure.

The Role

You will join the cybersecurity team within a specialist Microsoft consultancy that’s growing rapidly across the UK and globally. The team currently numbers around 15 within a 60-person business and is expanding fast including the recent onboarding of a major financial services client.

As a Microsoft Sentinel Engineer, you will design, implement, and optimise Sentinel solutions across enterprise environments. You will connect multiple data sources, write complex KQL queries, build automation playbooks, and work closely with clients to strengthen their security operations and response capabilities.

This is a technically advanced role that combines engineering depth with real client interaction ideal for someone who enjoys both hands-on work and architectural thinking.

What You Will Be Doing

• Design, configure, and deliver Sentinel SIEM solutions for enterprise clients.
• Develop and optimise automation rules, playbooks, and runbooks using Logic Apps and Power Automate.
• Write and fine-tune Kusto Query Language (KQL) queries to analyse and visualise raw security data.
• Integrate third-party tools (firewalls, IAM, telemetry) into Sentinel.
• Use MITRE ATT&CK to anticipate and counter adversarial activity.
• Apply cost-optimisation principles (data tiering, filtering).
• Collaborate with security architects to improve internal policies and ISO 27001 alignment.
• Act as an escalation point within the SOC and mentor junior engineers.

What We Are Looking For

• Strong hands-on experience with SIEM platforms (ideally Microsoft Sentinel).Strong technical background across Microsoft 365, Azure, networking, and cybersecurity.
• Proven hands-on experience delivering Microsoft Sentinel solutions (not just monitoring), including building detections, integrations, and automation.
• Hands-on experience with KQL, PowerShell, and ideally Python.
• Proven experience automating processes using Logic Apps, Playbooks, or Terraform.
• Understanding of encryption, data protection, and incident response.
• Confident communicator, capable of working in client-facing scenarios.
• Ideally certified in one or more of:
• SC-200 (Security Operations Analyst)
• AZ-500 (Azure Security Engineer)
• SC-100 (Cybersecurity Architect – highly desirable)
• CompTIA Security+, CISSP, or Ethical Hacker

Why Join?

• Join a fast-growing, globally distributed Microsoft consultancy with a strong reputation for delivery and innovation.
• Be part of the fastest-growing division in the business — with real opportunities to progress.
• Work directly with senior leadership (including the CEO) in a collaborative, flat structure.
• Gain exposure to enterprise-scale environments, including clients in the financial services sector.
• Fully remote role with flexible working and global team collaboration.

Interested? Apply today