Home
Job Search
Microsoft Security (Sentinel) Automation & Detection Engineer

Microsoft Security (Sentinel) Automation & Detection Engineer

4661481

View Saved Jobs

Save Job

Job type
Contract
Location
Cambridge
Working Pattern
Full-time
Specialism
Cyber Security
Industry
Technology & Internet Services
Pay
Competitive Day Rate

Share Job

Microsoft Security (Sentinel) Automation & Detection Engineer

Role Overview:

Utilising knowledge of security operations, incident response, and detection engineering, you will be responsible for the delivery of Microsoft SIEM detections and security automations.

The successful candidate will be proficient in automation and orchestration tools (e.g., SOAR platforms, scripting languages like Python, PowerShell, KQL) and have experience with integrating security tools (e.g., SIEM, EDR, firewalls) APIs, and Case Management tools for data enrichment.

Key Skills and Experience

Experience contributing to large-scale, sprint-based, security automation and detection engineering projects in a SOC/ Cyber Defense or similar environment

Recent hands-on experience with managing and implementing Microsoft Sentinel log sources and detection, with knowledge of the related technical best practices in Sentinel and Azure specifically across

Sentinel Content Hub,

Sentinel Analytics,

Sentinel Automation,

Azure Event Hub,

Azure Logic Apps

Azure Function Apps.

Experience in Sentinel/Analytics Rules/Logic App automations

KQL

Demonstrated ability in cybersecurity, with at least 5 years in a technical role in security operations and/or security software development.

Solid understanding of security operations, automations standard processes, detection engineering and SIEM management.

Experience with cloud security tools and platforms and their integration into SOC operations.

Responsibilities:

Lead technical migration of log sources into Microsoft Sentinel SIEM.

Build security automations, logging, and SIEM detections to improve the Cyber Defence Operation’s efficiency, scalability, and incident response capabilities.

Design, implement, and maintain automated workflows and playbooks to streamline CDO operations, including incident response, threat hunting, cyber threat intelligence and vulnerability management.

Collaborate with Cyber Defence Operation analysts to identify repetitive tasks and automate them to improve operational efficiency.

Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions.

Continuously evaluate automation solutions for performance, reliability, and scalability, making improvements, as necessary.

Collaborate with third-party vendors and service providers to leverage automation opportunities and ensure successful integrations.

Desirable Skills and Experience:

Vendor-specific certifications for Security orchestration, automation, and response (SOAR) platforms

Ability to develop and implement long-term automation strategies aligned with security operation objectives.

Ability to translate technical concepts into clear, actionable insights for technical and non-technical partners.

Meticulous focus on ensuring accuracy, reliability, and security in automation workflows

Apply through LinkedIn

Talk to Karl Randall, the specialist consultant managing this position

Located in Leicester, 1st & 2nd Floor, 2 Colton SquareTelephone 0

Click here to access our Privacy Policy, which provides detailed information on how we use and protect your personal information, and your rights in relation to this.

RELATED COURSE

Build your career with the skills employers need.

Certified Ethical Hacker, Part 1 of 8: Intro to Ethical Hacking
151 minutes | Advanced
Course description
Hacking has gone from an obscure term to something that appears in the daily news. In this course we'll get started with what is hacking and understand some of the differences between "white hat" hackers and "black" or "grey" hat hackers. It will cover at a high level what are some of the essential tools a hacker needs to know about and be proficient with as well as the credentials of a hacker and what you can expect when becoming a Certified Ethical Hacker (CEH), an certification by the EC-Council.
Each LearnNowOnline training course is made up of Modules (typically an hour in length). Within each module there are Topics (typically 15-30 minutes each) and Subtopics (typically 2-5 minutes each). There is a Post Exam for each Module that must be passed with a score of 70% or higher to successfully and fully complete the course.

Prerequisites
To get the most out of this course, this course assumes that you have a good working knowledge of Linux and Windows based networking environments. It also assumes that you have experience with managing a network, have worked with networking hardware such as switches & routers, are familiar with MS Active Directory (AD) Domain based authentication, know how to work with command-line utilities, and understand the basics of Web Server environments. Many of the demonstrations in this course use the Windows 7 and Kali Linux operating systems which can be downloaded free from the respective sites. All of the demonstrations are created in a virtual environment using Oracle VirtualBox and VMware vSphere 6.

Meet the expert
Rafiq Wayani
Rafiq Wayani has extensive experience including more than 20 years in IT as Systems Architect, Software Engineer, DBA, and Project Manager. Wayani has instructed in a variety of technical areas, has designed and implemented network and information systems, and is certified across a wide range of platforms and systems including Microsoft Solutions Developer, Systems Engineer, Application Developer, Database Administrator, Trainer; Novell Netware Administrator and Engineer; Master Certified Netware Engineer; and A Certified.

Video Runtime
111 Minutes
Time to complete
151 Minutes

Course Outline
Intro to Ethical Hacking
Introduction (20:27)
- Introduction (00:16)
- Certified Ethical Hacking (00:56)
- Introduction (18:59)
- Summary (00:14)
Hacker Credentials (21:40)
- Introduction (00:18)
- Credentials (09:15)
- Demo: Wizard vs. Cmd Line (06:33)
- Demo: PowerShell (05:17)
- Summary (00:15)
Hacker Credentials Part 2 (07:14)
- Introduction (00:23)
- Credentials (00:21)
- OSI Model (03:52)
- Credentials Cont. (00:28)
- Demo: Linux (01:56)
- Summary (00:10)
Being a Hacker (06:01)
- Introduction (00:22)
- What Is It Like? (01:03)
- Demo: Understand the System (03:05)
- What Is It Like? Cont. (01:19)
- Summary (00:10)
Footprinting and Reconnaisance
Terminology (14:58)
- Introduction (00:21)
- Terminology (07:24)
- Terminology Cont. (06:57)
- Summary (00:14)
Tools (11:01)
- Introduction (00:27)
- Tools (02:53)
- Demo: Basic Windows Script (02:30)
- Demo: Basic Linux Script (02:38)
- Demo: Differences (02:15)
- Summary (00:15)
Footprinting (17:42)
- Introduction (00:17)
- Footprinting & Reconnaissance (05:36)
- Active & Passive Footprinting (04:55)
- Footprinting Sources (01:14)
- Demo: Google Hacking (01:38)
- Demo: Other Online Tools (02:34)
- Footprinting Sources Cont. (01:15)
- Summary (00:10)
Footprint Tools and CM (12:43)
- Introduction (00:15)
- Types of Information Gathered (06:36)
- Methods Available (02:13)
- Mitigate Footprinting (03:26)
- Summary (00:11)
Introduction to security in Microsoft 365
39 minutes | Beginner
Learn about the different Microsoft solutions for managing security in your organization. Microsoft 365 provides a holistic approach to security, helping you to protect identities, data, applications, and devices across on-premises, cloud, and mobile.

Microsoft Security (Sentinel) Automation & Detection Engineer

Apply for this job

RELATED COURSE

Build your career with the skills employers need.

Certified Ethical Hacker, Part 1 of 8: Intro to Ethical Hacking

Introduction to security in Microsoft 365