KBC Technologies Group
Sentinel SIEM Engineer - Security Cleared
⭐ - Featured Role | Apply direct with Data Freelance Hub
This role is for a Security Cleared Sentinel SIEM Engineer, contract length unspecified, with a pay rate of "unknown." Key skills include Microsoft Sentinel expertise, scripting in PowerShell and Python, and SOAR knowledge. Experience with security log sources across multiple domains is essential.
🌎 - Country
United Kingdom
💱 - Currency
£ GBP
-
💰 - Day rate
Unknown
-
🗓️ - Date
November 11, 2025
🕒 - Duration
Unknown
-
🏝️ - Location
Unknown
-
📄 - Contract
Unknown
-
🔒 - Security
Yes
-
📍 - Location detailed
Reading, England, United Kingdom
-
🧠 - Skills detailed
#Scripting #Security #Data Analysis #Deployment #Splunk #KQL (Kusto Query Language) #Scala #Data Ingestion #Cloud #Monitoring #Normalization #Python #Automation
Role description
Candidate MUST be Security Cleared
Role Overview
As a Sentinel SIEM Engineer, you will be responsible for maintaining, developing, and optimizing the Microsoft Sentinel Security Information and Event Management (SIEM) platform. You will play a key role in enhancing detection capabilities, automating response actions, and integrating security monitoring across IT and OT environments. Acting as a technical subject matter expert, you will collaborate closely with the wider Threat Detection & Response team to ensure the SIEM platform delivers actionable intelligence and supports rapid incident response.
Key Responsibilities
• Maintain and optimize the Microsoft Sentinel SIEM platform for performance, scalability, and seamless integration with other security tools.
• Onboard and configure log sources across cloud, network, identity, and endpoint environments, ensuring accurate data ingestion and normalization.
• Design, implement, and maintain custom detection and correlation rulesets to enhance visibility and reduce false positives.
• Develop automation and playbooks using SOAR capabilities to streamline triage and remediation workflows.
• Collaborate with infrastructure and architecture teams to design and implement end-to-end security monitoring solutions.
• Scope, plan, and track new log integrations and analytic rule deployments.
• Guide, mentor, and grow the SIEM Engineering function, fostering a culture of continuous improvement and technical excellence.
• Work closely with the Threat Detection & Response team to support incident investigations and ensure detection coverage aligns with emerging threats.
• Document and enforce SIEM engineering best practices, standard operating procedures, and configuration baselines.
Required Skills and Experience
• Proven hands-on experience with Microsoft Sentinel (or similar SIEM platforms such as Splunk, QRadar, ArcSight, or LogRhythm).
• Deep understanding of security log sources across multiple domains — identity and access, network, system, application, cloud, and OT.
• Proficiency in scripting and data analysis languages (PowerShell, KQL, Python).
• Strong understanding of Security Orchestration, Automation, and Response (SOAR) concepts and tooling.
Candidate MUST be Security Cleared
Role Overview
As a Sentinel SIEM Engineer, you will be responsible for maintaining, developing, and optimizing the Microsoft Sentinel Security Information and Event Management (SIEM) platform. You will play a key role in enhancing detection capabilities, automating response actions, and integrating security monitoring across IT and OT environments. Acting as a technical subject matter expert, you will collaborate closely with the wider Threat Detection & Response team to ensure the SIEM platform delivers actionable intelligence and supports rapid incident response.
Key Responsibilities
• Maintain and optimize the Microsoft Sentinel SIEM platform for performance, scalability, and seamless integration with other security tools.
• Onboard and configure log sources across cloud, network, identity, and endpoint environments, ensuring accurate data ingestion and normalization.
• Design, implement, and maintain custom detection and correlation rulesets to enhance visibility and reduce false positives.
• Develop automation and playbooks using SOAR capabilities to streamline triage and remediation workflows.
• Collaborate with infrastructure and architecture teams to design and implement end-to-end security monitoring solutions.
• Scope, plan, and track new log integrations and analytic rule deployments.
• Guide, mentor, and grow the SIEM Engineering function, fostering a culture of continuous improvement and technical excellence.
• Work closely with the Threat Detection & Response team to support incident investigations and ensure detection coverage aligns with emerging threats.
• Document and enforce SIEM engineering best practices, standard operating procedures, and configuration baselines.
Required Skills and Experience
• Proven hands-on experience with Microsoft Sentinel (or similar SIEM platforms such as Splunk, QRadar, ArcSight, or LogRhythm).
• Deep understanding of security log sources across multiple domains — identity and access, network, system, application, cloud, and OT.
• Proficiency in scripting and data analysis languages (PowerShell, KQL, Python).
• Strong understanding of Security Orchestration, Automation, and Response (SOAR) concepts and tooling.
