Security Architect

Security Architect (Detection Engineering & Technical Lead)

London (onsite 4 days/week)

3 months - with extensions

Inside IR35 - Umbrella only

Active SC cleared or eligible candidates will be considered

Purpose

Technical owner of SIEM/XDR architecture, responsible for migrating LogRhythm to Sentinel, migrating AV to MDE, building detections, integrations, and automation, and shaping the SOC technology roadmap.

Key Requirements

• Deep hands on expertise with Microsoft Sentinel (KQL, analytic rules, UEBA, SOAR).
• Proven experience migrating from LogRhythm or another legacy SIEM to Sentinel.
• Strong experience building and tuning detections mapped to MITRE ATT&CK.
• Experience migrating Trend Micro Microsoft Defender for Endpoint.
• Knowledge of integrating Trellix/McAfee, CyberArk, identity logs, cloud logs, and endpoint telemetry.
• Ability to design ingestion pipelines, schemas, normalisation and enrichment.
• Strong threat hunting and detection engineering background.
• SC clearance desirable.

Profile needed

Senior SIEM/XDR engineer capable of architecting, building, and optimising a modern Microsoft-led SOC stack.