Lead Sentinel Engineer
The role
As the Lead Sentinel Engineer, as a key part of the Consultancy team, reporting to the CEO, you will play a crucial role in designing, implementing, and maintaining security solutions based on Microsoft Sentinel. You will be responsible for working with Customers at the earliest of engagements to understand their business needs. With deep expertise in Microsoft Sentinel and other Microsoft security solutions, the successful candidate will then design, deploy and configure an optimal Sentinel solution. This position offers an excellent opportunity to work with the latest technologies in the cybersecurity field and contribute to the ongoing protection of critical assets.
The ask
- Microsoft Sentinel Implementation: Design, configure, and deploy Microsoft Sentinel solutions to monitor security events and incidents across the organisation and clients’ networks.
- Security Incident Detection: Develop and maintain custom security rules and queries to detect and analyse potential security threats and vulnerabilities.
- Incident Response: Understand incident response efforts including investigating, containing, and mitigating security incidents in a timely and effective manner.
- Custom Sentinel Development: Building of custom data connectors to ingest logs from customer environments, and the ability to work with a customer to understand and guide log capture and alerting requirements so as to also build effective analytic rules used by the SOC team.
- Security Threat Analysis: Analyse and document security events and incidents to understand their nature, impact, and root causes, and provide recommendations for improvement.
- Automation and Orchestration: Create and maintain automation scripts for incident response and remediation processes to improve operational efficiency.
- Collaboration: Work closely with cross-functional teams, including security analysts, network engineers, and system administrators, to enhance security posture and ensure a cohesive security strategy.
- Continuous Improvement: Stay current with industry trends and emerging threats, recommend security enhancements, and participate in security training and knowledge sharing within the team.
- Documentation: Maintain comprehensive documentation of security procedures, incident reports, and best practices.
Your skills
- Microsoft Sentinel Expertise: Proficiency in Microsoft Sentinel, including a strong understanding of its features, capabilities, and configuration.
- SIEM Experience: Prior experience with Security Information and Event Management (SIEM) systems, ideally with a focus on Microsoft Sentinel.
- Scripting and Automation: Strong scripting skills, particularly in languages such as PowerShell, Python, or similar, to create custom automation for incident response and threat detection.
- Security Best Practices: Knowledge of cybersecurity best practices, including threat detection, incident response, and vulnerability assessment.
- Security Certifications: Relevant certifications such as Certified Information Systems Security Professional (CISSP), Microsoft Certified: Azure Security Engineer Associate, or other industry-recognised certifications.
- Threat Analysis: Ability to analyse security events and incidents to determine their significance and impact, with a strong emphasis on understanding the root causes.
- Collaborative Team Player: Excellent collaboration and communication skills to work effectively with cross-functional teams and share knowledge.
- Incident Response: Proven ability to lead and participate in security incident response efforts, including containment, mitigation, and reporting.
- Adaptability: The capacity to stay current with evolving industry trends, emerging threats, and new security technologies.
- Problem-Solving: Strong problem-solving skills to address complex security issues and find effective solutions.
- Documentation Skills: Detail-oriented with the ability to maintain comprehensive documentation of security procedures, incident reports, and best practices.
- Analytical Thinking: A strong analytical mindset with the ability to assess data, identify patterns, and make data-driven decisions.
- Cybersecurity Awareness: A deep understanding of the current threat landscape and a commitment to enhancing security measures.
- Certification: Familiarity with Azure security certifications and related Microsoft security solutions is a plus.
- Communication: Excellent written and verbal communication skills for effective reporting and collaborating with team members.
- Education: A bachelor’s degree in computer science, Cybersecurity, or a related field is preferred, although equivalent work experience will be considered.
The offer
- Negotiable DoE
- Flexible remote working
- Monthly meet ups with all Guardians, a very social bunch!
- Company benefits package
- Training and Development support
- Mentoring and working with Microsoft focused security experts
- Working with some really cool and innovative people and solutions
- Work within a high-growth, recession proof Cyber Security market
- Be part of building an amazing team and company culture
More importantly, you will be part of an innovative team with a bold vision. Join us during the early stages of our business to help shape;
- Our future company culture.
- Our go to market messaging
- Our Microsoft partnership
- Our engineering practices.
- Our growth strategy
- Our new Guardians.
- The direction & focus of our products.
Malicious organisations are using sophisticated AI and ML to create all kinds of threats at mind-bending scale. Why let them have all the fun? Come and join us to free our customers from the conventional practices of cyber security!
Apply now
Either complete the form or email your CV to [email protected]
About CloudGuard
CloudGuard is an INNOVATIVE, DISRUPTIVE, DYNAMIC and FAST-GROWING AI focussed cyber security start up founded in London in 2020 with our main office now in Manchester. We have been recognised as “one to watch” by market analysts in 2023.
Here at CloudGuard, we want to breathe fresh life into the world of cybersecurity. Cybersecurity needs to be more responsive, predictive and less labour-intensive to drive better customer experiences! That’s why we’re creating a disruptive, dynamic bunch of cybersecurity ‘Guardians’ to make security fun again. This isn’t about just building a new team of SOC foot soldiers…we are going to automate SOC to get to SIEM and then MXDR! Our ethos is to let machines do what they do best and let humans do what they do better!
We want to use the latest security solutions, innovations supported by automation and logic apps to do the heavy lifting, eliminating the mundanity, overwhelming work volumes and increasing human expert focus on the areas that matter most. Our team of unconventional Guardians are developing an AI-infused cybersecurity platform and XDR evolution services that brings increased automation and innovation to security in every business, enabling organisations to securely accelerate and optimise their digital transformations. It does this through a most commercially innovative framework delivering class leading Cyber security posture optimisation to SMB’s and SME’s.
Don’t believe us? Have a chat with one of our Guardians to understand a day in the life of a Guardian! We fixate over our customers and want to provide the best possible experience, leveraging world class innovation and cyber security concepts, breaking down the traditional engagements typically offered by managed security solution providers today.
The Guardian culture is one of Customer Obsession, we establish true partnerships with our customers; Innovation, we take bold steps to disrupt the industry and drive real value; Integrity, we uphold the highest standards of integrity in all our actions working with customers to rapidly improve their security posture then keep it optimal; Continuous Learning, we share knowledge and always stay ahead of the curve, continually innovating and seeking new ways to simplify and automate. We are always learning and can always be better!
Our mission is to liberate businesses from the crippling constraints of conventional approaches to security, lifting the burden of uncertainty and simplifying the complexity of modern security operations.
If you want to change how businesses do security, free yourself from conventional cyber security practices, get involved with the latest AI and ML technologies and have fun while you’re at it, you are in the right place. We are looking for passionate, self-motivated and experienced technical leaders to help shape our platform. And we mean shape and build – you will be a key part of an exciting startup and make a real difference. We were early adopters of Microsoft Sentinel and have focused our automation expertise on developing leading edge logic apps and AI driven responses throughout our service.