As we transition from a managed service provider to an internal operations model, we require a highly skilled Cyber Engineer to take ownership of our security environment. You will be the technical lead responsible for maintaining the health of our Microsoft Sentinel platform while driving the evolution of our threat detection and hunting capabilities. Core Responsibilities Platform Transition & BAU: Act as the internal subject matter expert to ensure a smooth transition from the Managed Service Provider (MSP) to internal management. SIEM Engineering: Manage the end-to-end lifecycle of Microsoft Sentinel, ensuring data connectors, workbooks, and playbooks are optimised for peak performance. Detection Engineering: Create, tune, and maintain custom correlation rules for alerts within the data pool to reduce "noise" and identify high-fidelity threats. Threat Hunting: Proactively analyse data patterns to identify hidden threats and vulnerabilities that circumvent standard automated alerts. Continuous Improvement: Enhance the existing SIEM architecture to align with modern threat landscapes and financial services compliance standards Success Factors Operational Readiness: Successful handover and documentation of the system from the MSP. Alert Accuracy: Significant reduction in false positives through expert rule-tuning and logic updates. Stakeholder Trust: Clear communication of cyber risks and remediation steps to the Program Manager and technical teams. Qualifications & Experience Extensive experience with the Microsoft Security Ecosystem (Sentinel, Defender, Azure ES). Proven background in Financial Services, with a deep understanding of regulatory and compliance requirements. Expertise in writing complex queries and alert rules (KQL) to monitor large-scale data pools. Direct experience in threat hunting and incident response in a BAU environment. Certifications (Highly Regarded): Microsoft Certified: Security Operations Analyst Associate (SC-200). Microsoft Certified: Azure Security Engineer Associate (AZ-500). Relevant Cyber Security degree or equivalent professional certifications (CISSP, CISM, or GIAC)