related concepts to technical and non-technical audiences.Proficient in the use of PowerBI or a similar dashboarding application.Knowledge of security systems (including working with SIEM data).SQL or database knowledge would be desirable.Relevant certifications such as CISSP, CISM, or CRISC are preferred.Proven experience in managing and delivering technical projects andmore »
and communication Important Knowledge Cybersecurity Capability Maturity Model (C2M2) and NIST Cyber Security Framework (CSF) Current awareness of the market for data analytics andSIEM platforms, including emerging leaders and Network security implementations (e.g host-based IDS, IPS), including their function and placement Cyber defence andinformationsecurity policies, procedures more »
Oxfordshire, England, United Kingdom Hybrid / WFH Options
University of Oxford
on automation in collaboration with the Head of InformationSecurity Operations and the rest of the team. OxCERT runs an on-premises Elasticsearch-based SIEM solution, an Intrusion Detection System (IDS), and a vulnerability scanning service as well as other open source and commercial tools. We are one of the … Software and Open Source technologies and actively supports several related project communities. Current projects include the enhancement of the existing Elastic based securityinformationandeventmanagement system, the deployment of a new incident response tool, and development of an IT forensics capability. The team has achieved standing and recognition more »
Cyber Security Experience of working in environments using ISO27001 or Cyber Essentials Plus would be beneficial Strong knowledge of security tooling and technologies including SIEM, vulnerability management, DLP etc Good knowledge and understanding of public Cloud platforms (e.g. AWS and Azure) Good understanding of the current threat landscape Excellent communication more »
on bids and/or large and complex changes. Solid understanding of a variety of network and routing protocols. Experience with Network Management or SIEM designs, tooling or support. Demonstrable troubleshooting skills and approach to defect resolution. SDWAN experience is advantageous. Your benefits: 25 Days annual leave plus public holidays more »
Doncaster, England, United Kingdom Hybrid / WFH Options
Cloud Decisions
Engineer you'll work handling both reactive and proactive security engagements. Your responsibilities will include: ✨Protective Monitoring: Utilize industry-leading SecurityInformation & EventManagement (SIEM) and Intrusion Detection Systems (IDS) to monitor and detect threats. Provide advice and guidance to clients targeted by cyber attacks and malicious activity. ✨Incident Reporting … Communication: Communicate directly with customers regarding threats and alerts. Prepare and present findings to clients. ✨Technical Assistance: Assist with the onboarding process, including deploying SIEM, Endpoint Detection and Response (EDR), and Vulnerability Management tools. Provide support for active directory administration and firewall management. Key Skills and Traits Needed: Must be more »
SOC team to ensure the effective support and delivery of the following: Provide around the clock protective monitoring through the use of industry leading SIEM, IDS and threat Intelligence Technologies. Provide advice and guidance to client targets of cyber attacks and malicious activity to a high standard. Provide incident reporting … and effective manner. Provide analytical support to other SOC team members during security incidents and Threat Mining engagements. Assistance with onboarding process - deployment of SIEM, EDR and Vulnerability Management tools Direct communication with customers on threats and alerts Providing customers with reports and presenting findings Assistance with active directory administration. more »
implement Security as Code practices. Assist in securing data platforms and implementing internal SIEM. Collaborate on securing Microsoft 365 and Azure cloud services. Operate SIEMand SOAR capabilities and enhance identity governance. Requirements: Hands-on experience with Microsoft Sentinel and Defender suite. Proficiency in Azure Landing Zones security enhancement. Familiarity more »
a technical hands on/engineering role. Hands-on experience with security tools such as firewalls, intrusion detection/prevention systems, antivirus software, andSIEM solutions. Experience with cloud security principles and practices with either AWS or Azure. Experience implementing policies and procedures in alignment with standards such as ISO27001 more »
responsibilities will include: Incident triage and investigation. Analysis of all suspicious email activity. Participating in threat hunt and offensive security exercises. Analysis of all SIEM logs, and the opportunity to get involved in some threat detection. Working with technical infrastructure teams on controls. You will need the following background. At … role Experience in a varied technical security role Experience of managing high priority security incidents Demonstrable business facing skills Experience of working with a SIEM platform – Splunk, QRadar, Elastic Security certifications highly desirable Experience of scripting/automation, threat hunting and offensive security highly desirable Please send your CV for more »
NCSC) Cyber Assessment Framework (CAF) and ISA/IEC 62443, ISO/IEC 27001/27002, and GDPR. Working knowledge of security technologies including SIEM, SOAR, EDR, AV, IDS/IPS, NAC, AD, DLP, Web Filtering, Email Filtering, Behavioural Analytics. Knowledge of adversarial tactics, techniques, procedures (TTPs) and industry standard more »
and data protection teams Requirements: Hands on experience working in an in-house security environment Direct experience working within a variety of security tools- SIEM, EDR, Vulnerability scanners, etc Understanding and knowledge of different security frameworks- ISO27001, PCI DSS, Cyber Essentials, etc. For more information, please apply or send your more »
Responsibilities: Responding to threats and incidents. Developing security controls. Assessing vendor security. Analyzing trends and activities. Requirements: Practical knowledge of technical security controls (e.g. SIEM, EDR, AV, Web + Email Gateways) Strong knowledge of endpoint and server operating systems and networking ISO27001 experience preferred. Desirable Certifications: ISC2 CISSP, CCSP, or more »
mostly on-premises financial environment. Key Responsibilities: Lifecycle management of security, covering tools and technology platforms Supporting and managing security tools e.g. CyberArk , Qualys, SIEM tools Python Scripting for various purposes Automation/Build & Deployment of CI/CD pipelines (Ansible/Atlassian Stack) Implementation & integration of security technologies Use … case development and onboarding for Security Incident andEvent Monitoring (SIEM) Maintain software version and patch management for security products Essential Candidate Requirements: Strong background in Financial/Banking environments Python Scripting (advanced level) Expert in Automation ( Ansible ) Strong knowledge of 2 or more of the following tools: CyberArk, Qualys … Carbon Black, ArcSight, McAfee, SIEM tools etc. Extensive general knowledge of Cyber Security Relevant Security Certification/Educational qualification (e.g. CISSP) KEY SKILLS: Python, CyberArk, Qualys, CI/CD Pipelines, Automation, Deployment, Integration, Ansible, SIEM, On-Prem Technology, ArcSight, Carbon Black, McAfee To be considered, please ensure you complete your more »
of experience in DevSecOps role or security operations. 1 + years of experience configuring and supporting production firewalls. 1 + years of hands-on SIEM configuration and support. Expertise with IaC tooling (Hashicorp Terraform). Expertise with token/secret management tools (Hashicorp Vault). Expertise with monitoring and alerting more »
Code practices. • Assist in securing data platforms, including Data Bricks, Azure SQL, and other in-house developed apps/plugins. • Collaborate on implementing internal SIEM using Sentinel and work towards establishing an internal SOC. • Support the Infrastructure team in configuring firewalls securely and managing Fortinet FortiAnalyzer. • Provide guidance to Infrastructure … and Product teams on securing Microsoft 365 and Azure cloud services. • Establish and manage SIEMand SOAR capabilities using Azure Logic Apps or equivalents. • Enhance the usage and support of Entra ID (previously Azure AD) for IAM, Identity Governance, and PIM. • Document security processes, tool configurations, andsecurity service delivery more »
to join the global SOC team to help protect our global client base from cyber threats. You'll be someone with: Experience in using SIEM, MDR, EDR, and SOAR technologies 1 to 2 years' experience working as an analyst within a SOC Familiarity with relevant coding languages, e.g. Python, SQL more »
and communicate effectively at all levels to both technical and non-technical audiences, assess and evaluate risk and understand the implications of new technologies. SIEM experience with designing, implementing and maintaining Splunk Excellent analytical and problem-solving skills coupled with ability to assess complex situations, identify risks, and recommend effective more »
Oversee incident response, threat detection, and mitigation efforts You'll be someone with: A good understanding of monitoring frameworks eg MITRE ATT&CK andSIEM technologies eg Microsoft Sentinel An interest in automation of Security operation function including artificial intelligence An understanding of Microsoft security product portfolio CISSP/CISM more »
cyber security technologies and services in use at the company Role & Accountabilities KEY Identity access management, experience/involvement with Security services such as SIEMand Vulnerability Management. Provide expert knowledge and act as a subject matter expert on key principles of (IAM) with an in-depth knowledge in the … remediation of vulnerabilities in line with best practise and policy. Assist with the investigation vulnerability results and remediation efforts. Assist with management of the SIEM service, including the ingestion of new log sources, configuration of alerting and providing expert knowledge to aid the investigation of alerts where required. Support the more »
Sevenoaks, Kent, South East, United Kingdom Hybrid / WFH Options
Constant Recruitment
other administrative tasks as needed. Key Technologies and Skills: Microsoft Windows Server Active Directory Linux IBM operating systems Microsoft Excel QUALYS PALO ALTO CORTEX SIEM tools (e.g., Splunk, ArcSight, LogRhythm) Patching and Update ManagementSecurity Monitoring Automation tools (e.g., Ansible, Puppet, Chef) Scripting languages (e.g., Python, PowerShell, Bash) Compliance frameworks more »
Nottingham, Nottinghamshire, East Midlands, United Kingdom Hybrid / WFH Options
Littlefish
payments will be made). Your main duties will include: Technical ownership of the Security Operations Centre (SOC) tooling, most notably the AlienVault & Sentinel SIEM platforms but including other supporting tooling as required, such as components of the Microsoft Defender XDR suite. Responsible for the implementation of the SIEM platform … in customer environments. Ranging from the initial ingestion and tuning of data feeds (from both a SIEM, log collector and source device perspective), and heightened support of the implementation. Ensure the progression of the engineering maintenance plan by assuring that all in scope solutions are reviewed by the engineering team … with agreed quality SLAs and KPIs and industry best practice. Required to work closely with the SOC post-implementation, to support and maintain the SIEM platform on behalf of the SOC, contributing to the ongoing development and maintenance of use cases and rulesets as required. Provide chargeable technical Cyber thought more »
integrations. Deep understanding of Google Chronicle's capabilities and applications in threat intelligence, with knowledge of how to conduct analyses within SIEM (SecurityInformationandEventManagement) and SOAR (Security Orchestration, Automation, and Response) platforms. Strong foundation in cybersecurity principles, practices, and technologies, including data management specific to cybersecurity applications. … CISSP, GCIH, or Google Cloud Professional Security Engineer are desirable. Skills in data onboarding, quality control, and ensuring high-quality, non-duplicative data for SIEMand SOAR platforms. Preferred Qualifications Include: Master's degree in Cybersecurity, Computer Science, or related field preferred Advanced certifications such as CISSP, CISM, OSCP, andmore »
South West London, London, United Kingdom Hybrid / WFH Options
Espire Infolabs Limited
GIAC GSEC, GCIH or other comparable degree or other relevant experience. IT skills Network Security System Administration Malware Analysis SecurityInformationandEventManagement (SIEM) Incident Response Tools Professional Competencies Solid grasp of cybersecurity concepts, including threat identification, risk assessment, and incident management, coupled with practical experience in applying securitymore »
Warwick, Warwickshire, West Midlands, United Kingdom
Telent Technology Services Ltd
Key requirements: Vendor certification of the following would be beneficial: VMware, MS Windows System Support, Cisco knowledge - LAN/WAN, Juniper, IP Trade. McAfee SIEMSecurity - SecurityInformation Events Management knowledge IT/ICT further education Vendor certification of the following would be beneficial: VMware, MS Windows System Support, Cisco more »