×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Security Manager

Senior Security SME – Microsoft Stack

Job in Manchester, Greater Manchester, M9, England, UK
Listing for: Tata Consultancy Services
Full Time position
Listed on 2025-12-30
Job specializations:
  • IT/Tech
    Cybersecurity, Security Manager
Job Description & How to Apply Below

Role:
Senior Security SME – Microsoft Stack Job Type: Permanent

Location:

Manchester

If you need support in completing the application or if you require a different format of this document, please get in touch with at  or call TCS London Office number  with the subject line: "Application Support Request".

Ready to utilize your knowledge of Senior Security SME?

We have an exciting role for you – Senior Security SME – Microsoft Stack!

Careers at TCS :
It means more

TCS is a purpose‑led transformation company, built on belief. We do not just help businesses to transform through technology. We support them in making a meaningful difference to the people and communities they serve - our clients include some of the biggest brands in the UK and worldwide. For you, it means more to make an impact that matters, through challenging projects which demand ambitious innovation and thought leadership.

  • Gain access to endless learning opportunities.
  • Lead a team and their technical growth.
  • Collaborate with customers and stakeholders.
The Role

As a Senior Security SME, you will take a lead role in advanced engineering work for SIEM and XDR, escalated security incident response, and advanced threat hunting. We are seeking a highly skilled and experienced L3 SME with strong engineering knowledge and deep expertise in Microsoft Sentinel and the Microsoft Defender suite (full range of XDR). As the customer is expected to use their controls using other tools in this space, we expect the candidate to skill up and seamlessly expand alongside.

Key Responsibilities
  • Security Engineering & Platform Management:
    Onboard and integrate new data sources into Microsoft Sentinel, ensuring accurate log ingestion and parsing. Build and manage data connectors, custom log parsers, and normalization schemas. Collaborate with cloud and infrastructure teams to onboard telemetry from endpoints, identity systems, and SaaS platforms.
  • License Usage Monitoring & Optimization:
    Monitor Microsoft Sentinel and Defender license consumption on an ongoing basis. Analyze and average daily ingestion volumes, ensuring alignment with the procured license limits. Recommend optimization strategies to control costs without compromising visibility or detection capabilities.
  • Automation & Response:
    Design and implement automated response workflows using Sentinel playbooks (Logic Apps). Enhance response efficiency by developing SOAR integrations across security tooling.
  • Advanced Threat Detection & Incident Response:
    Investigate and analyze complex security incidents escalated from L1 / L2 SOC analysts. Leverage Microsoft Sentinel (SIEM) and Microsoft Defender XDR to conduct in-depth incident response. Correlate multi‑source telemetry (network, endpoint, identity, cloud) to identify and contain threats.
  • Threat Hunting & Detection Engineering:
    Perform proactive threat hunting using KQL within Microsoft Sentinel. Develop and fine‑tune custom analytics rules, workbooks, and hunting queries. Apply the MITRE ATT&CK framework to build coverage and improve threat visibility.
  • Documentation & Reporting:
    Produce comprehensive incident reports and root cause analyses. Maintain technical documentation for use cases, configurations, response procedures, and data source onboarding. Generate regular dashboards and reports for SOC leadership and compliance stakeholders.
Your Profile Key skills / knowledge / experience
  • Bachelor’s degree in computer science, Cybersecurity, Engineering, or a related field.
  • Hands‑on experience in cybersecurity operations.
  • Experience with Microsoft Sentinel and Microsoft Defender suite.
  • Strong skills in KQL (Kusto Query Language) and Security architecture and data integration, Azure and Microsoft 365 security services.
  • Experience in onboarding and managing log sources in a SIEM.
  • Understanding of log ingestion cost management and licensing considerations in Sentinel.
  • Familiarity with cloud‑native security tools and threat intelligence integration.
  • Scripting experience in Power Shell, Python.
Desirable Skills
  • SC-200:
    Microsoft Security Operations Analyst.
  • AZ-500:
    Microsoft Azure Security Technologies.
  • GCIA, GCIH.
  • Strong communication skills, customer management skills, team…
Position Requirements
10+ Years work experience
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search