Cyber Security Engineer (Threat detection engineer)

Rate- £500/ day outside ir35 contract

Location: Hybrid (mostly remote, should be fine to travel to Birmingham when required)

Duration- 6 months with possible extensions

Our client is a large MSSP, looking for a skilled Cyber Security Engineer (Threat detection) with strong experience in Microsoft Sentinel, KQL, and Microsoft Defender to support detection engineering, threat monitoring, and security optimization initiatives.

Responsibilities

• Design and develop high-fidelity threat detection use cases in Microsoft Sentinel
• Write and optimize detection logic using Kusto Query Language (KQL) aligned to real-world attack techniques
• Create new detection rules based on threat intelligence and attack methodologies (MITRE ATT&CK framework preferred)
• Support and execute the rollout of Microsoft Defender solutions, including:
• Managed Defender deployment
• Configuration of Attack Surface Reduction (ASR) rules
• Lead or contribute to the migration of detection rules from Sentinel to Defender, ensuring compatibility and effectiveness

Required Skills & Experience

• Hands-on experience with Microsoft Sentinel (SIEM) and Microsoft Defender (XDR)
• Strong proficiency in Kusto Query Language (KQL)
• Background working in a Security Operations Center (SOC) or similar environment
• Experience in threat detection, incident analysis, and rule tuning
• Solid understanding of attack techniques, threat vectors, and detection strategies