Senior Engineer - Tooling(Sentinel)

Job Title: Senior Engineer - Tooling (Sentinel)

GCL: D2

Introduction to role:

Are you ready to own and improve our system for leading security events and related information? It is powered by Microsoft Sentinel and related security tools. This system protects the science that delivers life-changing medicines. In this senior engineering role, you will be the hands-on driver behind reliable, scalable, and well-governed security platforms that safeguard our hybrid and cloud-native environments.

You will collaborate across Cybersecurity Engineering, SOC Operations, Incident Response, and partner technology teams to turn telemetry into credible threat identification and remediation outcomes. Will you use automation and an AI-first approach to raise signal quality, speed investigations, and reduce operational noise? Your decisions will directly improve resilience, compliance readiness, and the confidence our scientists and colleagues have in the technology they use every day.

Accountabilities:

• Security Tooling Operations: Coordinate and support enterprise security tools independently. This includes Microsoft Sentinel for security information and event management, endpoint threat detection and mitigation systems, NAS Protect, and other related platforms. Maintain these tools to ensure they remain reliable, protected, and efficient for wide-ranging detection and response.
• Platform Administration and Support: Perform platform administration, health monitoring, fix, integrating telemetry, connector and agent support, policy tuning, upgrade coordination, performance optimization, and operational maintenance across supported tools to improve reliability and coverage.
• Service Management: Operate and improve incident, problem, change, and release processes for security tooling, meeting agreed service expectations while driving predictable, auditable operations.
• Monitoring and Data Insight Enablement: Assist in improving observation and analytical capabilities by refining data ingestion, parsing, normalization, alerting logic, dashboards, telemetry validation, and detection content to ensure signals are timely, relevant, and actionable.
• Protection Tooling Support: Strengthen endpoint and storage protection by handling EDR and NAS Protect agent health, platform coverage, policy effectiveness, event quality, and integration with wider security and technology services.
• Governance and Compliance: Ensure tooling operates in line with control measures, policy, regulatory standards, audit readiness, access control, retention, and security data handling requirements demanded by a regulated enterprise.
• Risk and Issue Management: Identify operational risks, control gaps, integration weaknesses, telemetry issues, and performance concerns; chip in to risk assessment, remediation planning, and prioritized critical issue to protect business operations.
• Continuous Improvement: Lead or contribute to improvements in configuration, service quality, operating procedures, automation, documentation, standards, and support models that raise resilience and reduce toil.
• Project and Initiative Delivery: Deliver small-to-medium tooling initiatives such as onboarding, upgrades, migrations, telemetry expansion, integration improvements, and modernization activities with clear achievements and outcomes.
• Collaborator Collaboration: Work proactively with diverse technical units, business colleagues, and external suppliers to build practical solutions and ensure tooling capabilities meet operational needs.
• Technical Guidance and Mentoring: Provide guidance on capabilities, limitations, and operational requirements; mentor less experienced colleagues to build consistent practices and exchanged opinions.
• AI-enabled Cyber Security Support: Apply or support AI and machine learning methodologies in use cases such as automation, anomaly detection, telemetry enrichment, investigation support, and content tuning with appropriate governance.

Essential Skills/Experience:

• Experience: Typically 5+ years of background in information security technologies and processes, with strong hands-on experience in security tooling engineering, administration, or operations in large enterprise environments.
• Tooling expertise: Practical experience operating and supporting multiple security platforms, including some combination of SIEM, EDR, NAS Protect, security analytics platforms, endpoint security tooling, storage protection tools, logging pipelines, telemetry tooling, cloud security tools, identity-related security tooling, network security technologies, or related cyber security platforms.
• Operational capability: Experience in platform configuration, resolving issues, telemetry onboarding, connector or agent management, policy tuning, integration support, upgrade coordination, and performance optimization.
• Automation and scripting: Experience using scripting or automation, such as PowerShell, Python, or similar, to improve operational efficiency, service quality, and platform supportability.
• Cyber security analysis: Practical understanding of security risk identification, telemetry analysis, log review, operational issue investigation, and platform-related response support.
• Awareness of regulatory and oversight requirements: Experience supporting tools in environments subject to regulation and oversight, including security data management, access controls, retention, policies, standards, and procedures.
• Adaptability: Ability to learn new tools quickly and adapt to evolving hybrid, cloud-native, and vendor-based security ecosystems. An AI First approach is encouraged, including comfort with applying, evaluating, or supporting intelligent automation and predictive analytics principles within cyber security tooling use cases.
• Education: Bachelor’s degree or equivalent experience in cybersecurity, computer science, engineering, or a related field.

Desirable Skills/Experience:

• Experience supporting SIEM migrations, EDR transformations, NAS Protect enhancements, telemetry modernization, or large-scale tooling integrations.
• Experience working in a global, regulated organization with geographically dispersed and multicultural teams.
• Knowledge of recognized security and compliance frameworks such as NIST CSF, ISO 27001, CIS Controls, and supervised control environments such as SOX, GxP, or equivalent.
• Experience supporting vendor-managed tooling, handled detection services, audit activities, control reviews, service reviews, or compliance assessments.
• Experience chipping in to cost-effective, sustainable, and supportable technology operations, including awareness of license usage, support overhead, operational efficiency, and service value.
• Relevant security certifications applicable to the tooling or platform domain.
• Familiarity with applying AI concepts in cyber security operational use cases.

Why AstraZeneca:

Here you will apply your engineering craft to technology that directly enables breakthroughs for patients. We bring unexpected teams into the same room to solve problems from multiple angles, combining scientific curiosity with leading digital platforms and data. You will have the backing to experiment with modern tools, from automation to AI, while working with diverse, inclusive teams that value perseverance alongside ambition. We operate at global scale, building partnerships inside and out, and we care simplicity and sustainability as much as speed—so the solutions you build today can power discovery tomorrow.

Call to Action:

If you’re ready to build resilient, modern security tools, you can see your impact across a data-focused enterprise. Submit your application today!

Date Posted

11-Jun-2026

Closing Date

15-Jun-2026

AstraZeneca embraces diversity and equality of opportunity.  We are committed to building an inclusive and diverse team representing all backgrounds, with as wide a range of perspectives as possible, and harnessing industry-leading skills.  We believe that the more inclusive we are, the better our work will be.  We welcome and consider applications to join our team from all qualified candidates, regardless of their characteristics.  We comply with all applicable laws and regulations on non-discrimination in employment (and recruitment), as well as work authorization and employment eligibility verification requirements.

AstraZeneca embraces diversity and equality of opportunity. We are committed to building an inclusive and diverse team representing all backgrounds, with as wide a range of perspectives as possible, and harnessing industry-leading skills. We believe that the more inclusive we are, the better our work will be. We welcome and consider applications to join our team from all qualified candidates, regardless of their characteristics. We comply with all applicable laws and regulations on non-discrimination in employment (and recruitment), as well as work authorisation and employment eligibility verification requirements.