S M SALIM
London
Summary
Results-driven Azure Security Analyst with 2+ years of hands-on experience protecting enterprise cloud environments using Microsoft Sentinel, Defender XDR, and the full Microsoft security stack. Proven track record in threat detection, incident response, and SIEM management across complex hybrid infrastructure. Proficient in KQL for advanced threat hunting and detection engineering. Currently pursuing SC-200 (Microsoft Security Operations Analyst) certification. Combines a strong IT support background with deep Azure security expertise to deliver proactive, intelligence-led security operations.
Overview
11
11
years of professional experience
1
1
Certification
Work History
Azure Security Analyst
Tech Guru Service and Sourcing Ltd
11.2023 - Current
- Manage and maintain Microsoft Sentinel SIEM, overseeing log collection from 200+ endpoints across a hybrid Azure and on-premises environment using Log Analytics workspaces and Data Collection Rules (DCRs).
- Author and tune Scheduled, NRT, Fusion, and Anomaly analytics rules in Sentinel to detect threats aligned to MITRE ATT&CK tactics including Initial Access, Lateral Movement, Credential Access, and Exfiltration.
- Conduct daily triage of security incidents and alerts in Sentinel; lead end-to-end incident response including containment, eradication, and post-incident reporting.
- Write complex KQL queries for proactive threat hunting across Security Event, Sign in Logs, Audit Logs, Office Activity, and Device Events tables.
- Develop and maintain SOAR playbooks using Azure Logic Apps to automate alert enrichment, IP reputation checks, and user account isolation workflows.
- Integrate Microsoft Defender XDR (Defender for Endpoint, Defender for Identity, Defender for Cloud Apps) with Sentinel for unified XDR visibility.
- Build and maintain Sentinel Workbooks and dashboards for SOC metrics, detection coverage mapping, and executive security reporting.
- Collaborate with IT and infrastructure teams to onboard new log sources, resolve ingestion gaps, and optimise workspace cost through data tiering and filtering.
- Participate in purple team exercises, validating detection coverage against simulated adversary techniques and recommending rule improvements.
- Produce and maintain operational runbooks, escalation procedures, and documentation aligned to ISO 27001 and NIST frameworks.
IT Contractor – Security & Infrastructure
Lorien Resourcing UK
09.2019 - 07.2023
- Supported the Security Operations Centre (SOC) with firewall management, LAN/WAN monitoring, and server maintenance across a multi-site environment.
- Administered Active Directory and Office 365 Admin Centre, including user account lifecycle management, MFA configuration, and Conditional Access policy reviews.
- Deployed and configured Windows 10 endpoints; implemented CIS baseline hardening policies via Group Policy and Intune MDM.
- Maintained hardware inventory and managed third-party repairs, supported UPS and server infrastructure.
- Assisted SOC team with log review from perimeter firewalls and endpoint agents during early stages of Sentinel rollout.
IT Support Technician
Londinium Chambers Ltd
01.2018 - 06.2019
- Escalated and resolved IT incidents via ticketing system; managed backups and diagnosed technical issues across MS Server/Desktop and Exchange environments.
- Supported user access management including password resets, account lockouts, and permissions reviews in Active Directory.
- Maintained awareness of phishing and social engineering threats; supported end-user security awareness training initiatives.
IT Specialist
Ibstec Ltd
03.2015 - 12.2017
- Installed and upgraded IT systems for business and home users; troubleshot issues via helpdesk and direct engagement.
- Configured network equipment and resolved connectivity issues; prepared cost estimates for new system installation.
Education
BSC in Information Technology
University of Greenwich
LondonSkills
- Cloud Computing
- Azure
- Git
- KQL scripting
- PowerShell
- Kubernetes
- Docker
- SIEM management
- Azure Sentinel
- SOAR development
- Mircrosoft Defender
- Network security
- Incident response
- Threat hunting
- Security monitoring
- Risk assessment
- Data protection
- Log analytics
- Network security awareness
- Data security
- Networking protocols understanding
- Threat management
- Business Impact Assessments
- Client Facing
- Problem Solving
- Leadership
- Interpersonal & Communication
- Organisation & Time Management
Certification
- Microsoft Certified: Azure Solutions Expert
- Microsoft Certified: Azure Administrator Associate
- Azure Certified: Azure Fundamentals
- Azure Certified: Azure Data Fundamentals
Personal Information
Citizenship: UK CITIZEN
Websites, Portfolios and Profiles
https://www.linkedin.com/in/s-m-salim-2baa1768/
Timeline
Azure Security Analyst
Tech Guru Service and Sourcing Ltd
11.2023 - Current
IT Contractor – Security & Infrastructure
Lorien Resourcing UK
09.2019 - 07.2023
IT Support Technician
Londinium Chambers Ltd
01.2018 - 06.2019
IT Specialist
Ibstec Ltd
03.2015 - 12.2017
BSC in Information Technology
University of Greenwich