Microsoft Security (Sentinel) Automation & Detection Engineer

Summary: The role of Microsoft Security (Sentinel) Automation & Detection Engineer involves leveraging expertise in security operations and detection engineering to enhance Microsoft SIEM detections and security automations. The position requires proficiency in automation tools and scripting languages, with a focus on integrating security tools and APIs. The contract is for 6 months and is based in Cambridge with a hybrid working arrangement. The role is classified as inside IR35.

Key Responsibilities:

• Lead technical migration of log sources into Microsoft Sentinel SIEM.
• Build security automations, logging, and SIEM detections to improve Cyber Defence Operation's efficiency.
• Design, implement, and maintain automated workflows and playbooks for incident response and threat management.
• Collaborate with analysts to identify and automate repetitive tasks for operational efficiency.
• Work with Threat Intelligence and Incident Response teams to develop robust SIEM detections.
• Continuously evaluate and improve automation solutions for performance and reliability.
• Collaborate with third-party vendors to leverage automation opportunities.

Key Skills:

• Experience in security automation and detection engineering in a SOC/Cyber Defense environment.
• Hands-on experience with Microsoft Sentinel log sources and detection.
• Proficiency in automation and orchestration tools (e.g., SOAR platforms, Python, PowerShell, KQL).
• Solid understanding of security operations and SIEM management.
• Experience with cloud security tools and their integration into SOC operations.
• Demonstrated ability in cybersecurity with at least 5 years in a technical role.
• Vendor-specific certifications for SOAR platforms are desirable.

Salary (Rate): £800

City: Cambridge

Country: United Kingdom

Working Arrangements: hybrid

IR35 Status: inside IR35

Seniority Level: Mid-Level

Industry: IT