Sentinel SME / Security Automation Engineer
Posted 1 week ago by Connected Consulting Limited
£100 Per hour
Undetermined
Hybrid
Cambridge, England, United Kingdom
Summary: The role of Sentinel SME / Security Automation Engineer involves leading technical initiatives in log onboarding, advanced KQL for detection engineering, and automation in Logic Apps. The position requires creating automations and SIEM detections to enhance incident response capabilities while collaborating with various teams to optimize security processes. The candidate will also design workflows and playbooks for threat hunting and vulnerability management. This hybrid role necessitates two days of on-site work in Cambridge each week.
Key Responsibilities:
- Creating automations and SIEM detections to enhance incident response.
- Integrating log sources into Microsoft Sentinel.
- Designing and maintaining workflows and playbooks for threat hunting and vulnerability management.
- Collaborating with analysts to identify and automate repetitive tasks.
- Working with teams across threat intel, incident response, and attack surface management to improve detections.
Key Skills:
- Sentinel expertise and delivering technical solutions in large, complex businesses.
- Security operations, automation best practices, and SIEM management.
- Advanced KQL skills.
- Advanced Logic Apps experience.
- A track record of contributing to large-scale security automation projects.
Salary (Rate): £100.00/hr
City: Cambridge
Country: United Kingdom
Working Arrangements: hybrid
IR35 Status: undetermined
Seniority Level: undetermined
Industry: IT
Are you a Sentinel Expert / Security Automation Engineer, if you are then please read on! You’ll be the key technical lead across 3 main areas – 1) Log Onboarding, 2) Advanced KQL for Detection Engineering, and 3) Automation in Logic Apps.
What You’ll Be Doing:
- Creating slick automations and SIEM detections to boost their incident response game.
- Leading the charge on integrating log sources into Microsoft Sentinel.
- Designing and maintaining workflows and playbooks for everything from threat hunting to vulnerability management.
- Working closely with analysts to spot repetitive tasks and automate them like a pro.
- Collaborating with teams across threat intel, incident response, and attack surface management to fine-tune our detections.
Key Skills Required:
- Sentinel expertise, delivering technical solutions within large, complex businesses
- Security operations, automation best practices, and SIEM management.
- Advanced KQL skills
- Advanced Logic Apps experience
- A track record of contributing to large-scale security automation projects.
Working Policy
Hybrid working places are in place for this role, with 2 days onsite (Cambridge) required each week. Whilst no guarantees can be made, there may be some flexibility for an absolutely exceptional person.
Finally … Applicants must be able to work in the UK without restriction, unfortunately sponsorship cannot be provided. If you're a Sentinel / Security Automation Expert then we would love to hear from you!