Lead Sentinel Engineer

The role

As the Lead Sentinel Engineer, as a key part of the Consultancy team, reporting to the CEO, you will play a crucial role in designing, implementing, and maintaining security solutions based on Microsoft Sentinel. You will be responsible for working with Customers at the earliest of engagements to understand their business needs. With deep expertise in Microsoft Sentinel and other Microsoft security solutions, the successful candidate will then design, deploy and configure an optimal Sentinel solution. This position offers an excellent opportunity to work with the latest technologies in the cybersecurity field and contribute to the ongoing protection of critical assets. 

The ask 

• Microsoft Sentinel Implementation: Design, configure, and deploy Microsoft Sentinel solutions to monitor security events and incidents across the organisation and clients’ networks. 
• Security Incident Detection: Develop and maintain custom security rules and queries to detect and analyse potential security threats and vulnerabilities. 
• Incident Response: Understand incident response efforts including investigating, containing, and mitigating security incidents in a timely and effective manner.   
• Custom Sentinel Development: Building of custom data connectors to ingest logs from customer environments, and the ability to work with a customer to understand and guide log capture and alerting requirements so as to also build effective analytic rules used by the SOC team. 
• Security Threat Analysis: Analyse and document security events and incidents to understand their nature, impact, and root causes, and provide recommendations for improvement. 
• Automation and Orchestration: Create and maintain automation scripts for incident response and remediation processes to improve operational efficiency. 
• Collaboration: Work closely with cross-functional teams, including security analysts, network engineers, and system administrators, to enhance security posture and ensure a cohesive security strategy. 
• Continuous Improvement: Stay current with industry trends and emerging threats, recommend security enhancements, and participate in security training and knowledge sharing within the team. 
• Documentation: Maintain comprehensive documentation of security procedures, incident reports, and best practices. 

Your skills 

• Microsoft Sentinel Expertise: Proficiency in Microsoft Sentinel, including a strong understanding of its features, capabilities, and configuration. 
• SIEM Experience: Prior experience with Security Information and Event Management (SIEM) systems, ideally with a focus on Microsoft Sentinel. 
• Scripting and Automation: Strong scripting skills, particularly in languages such as PowerShell, Python, or similar, to create custom automation for incident response and threat detection. 
• Security Best Practices: Knowledge of cybersecurity best practices, including threat detection, incident response, and vulnerability assessment. 
• Security Certifications: Relevant certifications such as Certified Information Systems Security Professional (CISSP), Microsoft Certified: Azure Security Engineer Associate, or other industry-recognised certifications. 
• Threat Analysis: Ability to analyse security events and incidents to determine their significance and impact, with a strong emphasis on understanding the root causes. 
• Collaborative Team Player: Excellent collaboration and communication skills to work effectively with cross-functional teams and share knowledge. 
• Incident Response: Proven ability to lead and participate in security incident response efforts, including containment, mitigation, and reporting. 
• Adaptability: The capacity to stay current with evolving industry trends, emerging threats, and new security technologies. 
• Problem-Solving: Strong problem-solving skills to address complex security issues and find effective solutions. 
• Documentation Skills: Detail-oriented with the ability to maintain comprehensive documentation of security procedures, incident reports, and best practices. 
• Analytical Thinking: A strong analytical mindset with the ability to assess data, identify patterns, and make data-driven decisions. 
• Cybersecurity Awareness: A deep understanding of the current threat landscape and a commitment to enhancing security measures. 
• Certification: Familiarity with Azure security certifications and related Microsoft security solutions is a plus. 
• Communication: Excellent written and verbal communication skills for effective reporting and collaborating with team members. 
• Education: A bachelor’s degree in computer science, Cybersecurity, or a related field is preferred, although equivalent work experience will be considered. 

The offer 

• Negotiable DoE 
• Flexible remote working 
• Company benefits package 
• Training and development support 
• Mentoring and working with Microsoft focused security experts 
• Working with some really cool and innovative people and solutions 
• Work within a high-growth, recession-proof cybersecurity market 
• Be part of building an amazing team and company culture