Security Operation Consultant (Microsoft Sentinel)

Security Operation Consultant (Microsoft Sentinel), Remote, Outside IR35, £500- £600 per day We are looking for an experienced Security Operation (SOC) Consultant with strong proficiency in Microsoft Sentinel to help a talented and busy SOC team. The ideal candidate will be responsible for developing, optimizing, and maintaining Microsoft Sentinel SIEM rules, use cases, dashboards, and more. As a Security Operation Consultant, you will play a pivotal role in enhancing our client's security operations and ensuring the effectiveness of their Sentinel deployment. Responsibilities: Develop new Sentinel use cases, rules, correlations, and dashboards using KQL (Kusto Query Language). Create and optimize Microsoft Sentinel SIEM rules use cases to enhance threat detection capabilities. Provide consultative advice on security principles and best practices related to Sentinel operations. Assist in the creation and maintenance of Sentinel-related project plans to ensure timely execution and delivery. Actively participate in SOC (Security Operations Centre) and continuous improvement activities to enhance operational efficiency and effectiveness. Develop and maintain standard operating procedures (SOPs) to streamline Sentinel operations and ensure consistency. Collaborate with Cybersecurity and other IT support teams as needed to support Sentinel aspects of incident response. Configure Sentinel data connectors to meet specific data ingestion requirements. Develop and manage custom Sentinel data connectors to enhance data collection capabilities. Design, configure, and manage custom Sentinel workbooks to meet reporting requirements and provide actionable insights. Design, configure, and manage Sentinel analytics rules and automation playbooks to automate response processes and mitigate threats effectively. Collaborate with the team to design and implement role-based access control (RBAC) across various Sentinel resources to ensure proper security governance. Qualifications: Bachelor’s degree in computer science, Information Technology, or related field; or equivalent work experience. Extensive experience working with Microsoft Sentinel, including proficiency in KQL. Strong understanding of security operations principles, best practices, and methodologies. Experience in developing and optimizing Sentinel SIEM rules, use cases, and dashboards. Proficiency in creating and maintaining standard operating procedures (SOPs) for security operations. Demonstrated ability to collaborate effectively with cross-functional teams and stakeholders. Excellent communication and people skills, with the ability to articulate complex technical concepts to non-technical audiences. Relevant certifications such as Microsoft Certified: Azure Security Engineer Associate or similar are preferred. Experience in the energy sector or other critical infrastructure industries is a plus. This is an urgent role outside IR35 role based on a set of deliverables, and interviews can begin immediately.