WeAreDevelopers | Learn faster. Build smarter. Lead with AI.

Role details

Contract type

Permanent contract

Employment type

Full-time (> 32 hours)

Working hours

Regular working hours

Languages

English

Job location

Charing Cross, United Kingdom

Tech stack

API

Amazon Web Services (AWS)

Azure

Cloud Computing

Linux

Virtual Private Networks (VPN)

Python

Microsoft Security Essentials

Windows Server

Powershell

Kusto Query Language

Security Information and Event Management

Syslog

Data Logging

Sysadmin

Firewalls (Computer Science)

Microsoft InTune

Job description

Stack:

Microsoft Security: Defender XDR, Sentinel, Entra ID, Intune, Defender for Cloud etc. Exposure to other modern security stacks, such as SentinelOne or Crowdstrike is a strong advantage Cloud: Azure (required), AWS or GCP exposure a plus Platforms: AD/Entra hybrid identity, Windows Server, Linux Infrastructure: networking, VPN, firewalls, endpoint management Tooling: KQL, PowerShell, API usage, automation tooling

What we're looking for

Must have:

Strong, demonstrable experience across the Microsoft security stack Solid understanding of identity and endpoint security fundamentals. Comfortable writing and tuning detection logic (eg KQL) across detective and threat hunting scenarios. Excellent communication and customer-facing skills; able to lead calls, drive discussions, and influence outcomes. Ability to work autonomously, solve problems, and deliver high-quality technical work.

Nice to have:

Experience with automation (PowerShell, Python, API integrations) and a sysadmin background Familiarity with security frameworks and incident response concepts. Exposure to logging pipelines (AMA, Syslog, Cribl, SIEM tooling). Working knowledge of other, non-Microsoft security stacks (CrowdStrike, SentinelOne, Tenable, etc). Experience producing architecture documents, diagrams, and design proposals. Background working in an MSSP, consultancy, or customer-facing engineering role.

Requirements

Exposure to other modern security stacks, such as SentinelOne or Crowdstrike is a strong advantage Cloud: Azure (required), AWS or GCP exposure a plus Platforms: AD/Entra hybrid identity, Windows Server, Linux Infrastructure: networking, VPN, firewalls, endpoint management Tooling: KQL, PowerShell, API usage, automation tooling

What we're looking for

Must have:

Strong, demonstrable experience across the Microsoft security stack Solid understanding of identity and endpoint security fundamentals. Comfortable writing and tuning detection logic (eg KQL) across detective and threat hunting scenarios. Excellent communication and customer-facing skills; able to lead calls, drive discussions, and influence outcomes. Ability to work autonomously, solve problems, and deliver high-quality technical work.

Nice to have:

Experience with automation (PowerShell, Python, API integrations) and a sysadmin background Familiarity with security frameworks and incident response concepts. Exposure to logging pipelines (AMA, Syslog, Cribl, SIEM tooling). Working knowledge of other, non-Microsoft security stacks (CrowdStrike, SentinelOne, Tenable, etc). Experience producing architecture documents, diagrams, and design proposals. Background working in an MSSP, consultancy, or customer-facing engineering role.