Ready to lead complex security operations, shape detection strategy, and be the go-to expert for Microsoft Sentinel and Defender XDR? Join my international client and take ownership of advanced engineering, threat hunting, and incident response in a modern, cloud-first environment.?
My client is an international Consultancy firm, specialist in Cyber Security and looking for a Senior Security Engineer to take a lead role in advanced engineering work for SIEM and XDR, escalated security incident response, and advanced threat hunting.

What this job is really about * Owning Microsoft Sentinel and Defender XDR so they work for you, not the other way round: shaping the data, the rules, the playbooks, and the signal-to-noise ratio.?

* Being the L3 brain in the room when things go sideways: complex incidents, odd behaviours, multi-cloud weirdness - you investigate, correlate, and close.?

* Turning threat hunting into a habit, not a once-a-month exercise: building KQL hunts, mapping to MITRE ATT&CK, and turning "interesting patterns" into hardened detections.?

* Making the SIEM/XDR bill make sense: understanding ingestion, licensing, and where to cut noise without cutting visibility.

Who this will suit * You’ve already run security operations with Microsoft Sentinel and the Defender suite and understand how to onboard and manage log sources properly.?

* You’re comfortable designing security architecture in Azure/M365, integrating cloud-native controls, and wiring in threat intel.?

* KQL is second nature; PowerShell or Python are tools you reach for without thinking.?

* You’re happy explaining trade-offs between cost and coverage and backing it up with data.?

* You can mentor others, push back when needed, and stay calm in the middle of a messy incident.?

Bonus points * SC-200, AZ-500, GCIA, GCIH or similar.?

* Experience leading or coaching SOC teams or security engineers.

Robert Walters Operations Limited is an employment business and employment agency and welcomes applications from all candidates