and engineering experience Experience of an enterprise Linux, preferably Red Hat Enterprise Linux, CentOS or Oracle Linux. Recent involvement in implementing IDAM, PAM or SIEM tooling. Experience with monitoring and reporting software – Prometheus, Nagios or similar. Solid scripting experience with one of the following: Python, Shell, Bash or Ruby Familiarity more »
Senior Security Operations Analyst London (Hybrid) Responsibilities: Overseeing the security of the technical infrastructure provided by third-party suppliers, addressing any identified security risks to the organization. Managing the remediation of operational risks to their conclusion and taking ownership of more »
that critical business operations continue unhindered. Key Responsibilities Monitor and analyze security events and alerts from multiple sources, including securityinformationandeventmanagement (SIEM) software, network and host-based intrusion detection systems, firewall logs, and system logs (Windows and Unix), and databases Separate true threats from false positives using … Maintain a strong awareness of the current threat landscape Basic Qualifications Excellent teamwork skills Knowledge of and experience with intrusion detection/prevention systems andSIEM software Strong knowledge and understanding of network protocols and devices. Strong experience with Mac OS, Windows, and Unix systems. Ability to analyze event logs … recommendations for security tools to tool administrators. Familiarity with tools such as Wireshark, TCP Dump, Security Onion, and Splunk Strong knowledge of the following: SIEM Packet Analysis SSL Decryption Malware Detection HIDS/NIDS Network Monitoring Tools Case Management System Knowledge Base Web Security Gateway Email Security Data Loss Prevention more »
Solihull, West Midlands, United Kingdom Hybrid / WFH Options
OpenTech Partners
and acquiring new partners. Basic knowledge of the client's portfolio, including Data, UC, Mobility, Cloud, and Contact Centre. Proficiency in security selling, including SIEM, EDR, MDR, SOC, and PEN Test. Ability to manage the sales cycle and qualification process effectively. more »
on bids and/or large and complex changes. Solid understanding of a variety of network and routing protocols. Experience with Network Management or SIEM designs, tooling or support. Demonstrable troubleshooting skills and approach to defect resolution. SDWAN experience is advantageous. Your benefits: 25 Days annual leave plus public holidays more »
cyber defence hardware. • Support Junior Analysts to manage SOC systems. • Previous experience of Enterprise ICS/network architectures and technologies • Experience and knowledge of SIEM solutions; having the ability to identify use cases and their creation, their deployment and tuning. • Experience as a mentor/coach to junior analysts Your … C2M2) • Excellent communication skills • Experience of writing Defence/Government documentation Desirable Qualifications: • Broad Spectrum Cyber Course (SANS SEC401 or SEC501 or equivalent) • SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent) • Advanced Analyst Course (SANS SEC503 or equivalent more »
to be on site 3 days a week in our Birmingham office. Why this job matters Your role as a Software Engineer in the SIEM Platform team, within Secure Development is to support the development, implementation, operation and support of BTs Strategic SIEM development. We are seeking a skilled Software … Engineer with expertise in Elasticsearch (or other SIEMand/or Data platforms) to join our dynamic team. As a Software Engineer you will play a critical role in designing, developing, and maintaining our securityinformationandeventmanagement (SIEM) system. Your focus will be on leveraging Elasticsearch and related … Enhance data enrichment by integrating threat intelligence feeds and contextual information. • SIEM Solution Development: o Collaborate with security analysts and architects to design and implement SIEM solutions using Elasticsearch. o Optimize SIEM rules, alerts, and dashboards for efficient threat detection. • Query Optimization and Performance Tuning: o Write efficient Elasticsearch queries more »
integrations. Deep understanding of Google Chronicle's capabilities and applications in threat intelligence, with knowledge of how to conduct analyses within SIEM (SecurityInformationandEventManagement) and SOAR (Security Orchestration, Automation, and Response) platforms. Strong foundation in cybersecurity principles, practices, and technologies, including data management specific to cybersecurity applications. … CISSP, GCIH, or Google Cloud Professional Security Engineer are desirable. Skills in data onboarding, quality control, and ensuring high-quality, non-duplicative data for SIEMand SOAR platforms. Preferred Qualifications Include: Master's degree in Cybersecurity, Computer Science, or related field preferred Advanced certifications such as CISSP, CISM, OSCP, andmore »
The successful candidates will work in the Security Operations Centre on both reactive and proactive security engagements with regards to SecurityInformation & EventManagement (SIEM), Intrusion Detection Systems (IDS), Cyber Threat Intelligence (CTI) and Threat Mining (TM). Role Responsibilities Provide around the clock protective monitoring through the use of … industry leading SIEM, IDS and threat Intelligence Technologies. Provide advice and guidance to client targets of cyber-attacks and malicious activity to a high standard. Provide incident reporting capabilities ensuring that all information is provided in a timely, accurate and effective manner. Provide analytical support to other SOC team members … during security incidents and Threat Mining engagements. Assistance with onboarding process - deployment of SIEM , EDR and Vulnerability Management tools Assistance with active directory administration. Assistance with firewall management. Key Skills Experience in a SOC environment Excellent communication skills and comfortable in a client facing role. A keen interest in cyber more »
Doncaster, South Yorkshire, Yorkshire, United Kingdom
Forward Role
The successful candidates will work in the Security Operations Centre on both reactive and proactive security engagements with regards to SecurityInformation & EventManagement (SIEM), Intrusion Detection Systems (IDS), Cyber Threat Intelligence (CTI) and Threat Mining (TM). Role Responsibilities Provide around the clock protective monitoring through the use of … industry leading SIEM, IDS and threat Intelligence Technologies. Provide advice and guidance to client targets of cyber-attacks and malicious activity to a high standard. Provide incident reporting capabilities ensuring that all information is provided in a timely, accurate and effective manner. Provide analytical support to other SOC team members … during security incidents and Threat Mining engagements. Assistance with onboarding process - deployment of SIEM , EDR and Vulnerability Management tools Assistance with active directory administration. Assistance with firewall management. Key Skills Experience in a SOC environment Excellent communication skills and comfortable in a client facing role. A keen interest in cyber more »
to the Security Operations Manager, your key tasks may involve: Managing vulnerability scanning tools - SAST, SCA, IaC, Containers & DAST for all Egress products Investigate SIEM alerts, working with the Engineering and Operations teams to resolve issues Managing vetting applications, supplier onboarding andsecurity awareness programmes Plan and manage 3rd party … Reviewing vulnerabilities found in code analysis tools and liaising with development/engineering to prioritise the resolution SOC investigation of security events in a SIEM (e.g. Azure Sentinel, Splunk etc) A basic knowledge and desire to learn python, to automate day to day tasks. You should have good prioritisation andmore »
Code practices. • Assist in securing data platforms, including Data Bricks, Azure SQL, and other in-house developed apps/plugins. • Collaborate on implementing internal SIEM using Sentinel and work towards establishing an internal SOC. • Support the Infrastructure team in configuring firewalls securely and managing Fortinet FortiAnalyzer. • Provide guidance to Infrastructure … and Product teams on securing Microsoft 365 and Azure cloud services. • Establish and manage SIEMand SOAR capabilities using Azure Logic Apps or equivalents. • Enhance the usage and support of Entra ID (previously Azure AD) for IAM, Identity Governance, and PIM. • Document security processes, tool configurations, andsecurity service delivery more »
Qualys Total Cloud and address any findings relating to non-compliance. Auditing configurations in order to plan remediations and verify compliance requirements are met. SIEM Integration and Configuration for Microsoft Cloud Services: Configure cloud services and Defender for Cloud for integration with Rapid7 InsightIDR SIEM to enhance security monitoring and … incident response capabilities. Integrate SIEM for monitoring Entra ID sign-in, audit, and risk log categories. Work with Security Operations to build and test required alert/detection rules Experience: Professional experience in cloud security, particularly with Microsoft Azure, Entra ID and Microsoft 365. Proficiency with Rapid7 InsightIDR, Qualys, andmore »
Solihull, West Midlands, United Kingdom Hybrid / WFH Options
iDPP
Python, Bash, or PowerShell. Familiarity with security frameworks and standards such as NIST, CIS, and ISO 27001. Experience with securityinformationandeventmanagement (SIEM) tools. Strong analytical and problem-solving skills. Excellent communication and interpersonal skills. Relevant certifications such as AWS Certified Security Specialty, CISSP, or CEH are a more »
Corsham, England, United Kingdom Hybrid / WFH Options
J&C Associates Ltd
IT Recruitment specialist that provides support to the clients across UK, Europe and Australia. We have an excellent job opportunity for you. Role Title: SIEM/Incident SME(Need Active DV Clearance) Location: Hybrid onsite in one of the following locations 2/3 days per week - Corsham, Portsmouth or … cyber defence hardware. • Support Junior Analysts to manage SOC systems. • Previous experience of Enterprise ICS/network architectures and technologies • Experience and knowledge of SIEM solutions; having the ability to identify use cases and their creation, their deployment and tuning. • Experience as a mentor/coach to junior analysts Your … C2M2) • Excellent communication skills • Experience of writing Defence/Government documentation Desirable Qualifications: • Broad Spectrum Cyber Course (SANS SEC401 or SEC501 or equivalent) • SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent) • Advanced Analyst Course (SANS SEC503 or equivalent more »
will play a pivotal role in safeguarding our organization's critical infrastructure and data against cyber threats. Your expertise in designing, implementing, and maintaining SIEM solutions will help us proactively identify and mitigate security incidents, ensuring the confidentiality, integrity, and availability of our systems. The requirement for being in the … office is 4 days per month. Responsibilities: Work with the technical lead/SME for the CSOC andSIEM service offering by managing and improving the platforms to meet the requirements of the business and/or client. Assist in establishing and maintaining processes, tooling, and metrics that help provide … implemented through onboarding or continuous improvement activities. Qualifications & Experience: Professional experience of working in an Incident Response Team or a similar environment. Knowledge of SIEM platforms such as Azure Sentinel, Microsoft Defender, Splunk, ArcSight, QRadar, or LogRhythm. Strong analytical and problem-solving skills with the ability to handle complex securitymore »
SOC team to ensure the effective support and delivery of the following: Provide around the clock protective monitoring through the use of industry leading SIEM, IDS and threat Intelligence Technologies. Provide advice and guidance to client targets of cyber attacks and malicious activity to a high standard. Provide incident reporting … and effective manner. Provide analytical support to other SOC team members during security incidents and Threat Mining engagements. Assistance with onboarding process - deployment of SIEM, EDR and Vulnerability Management tools Direct communication with customers on threats and alerts Providing customers with reports and presenting findings Assistance with active directory administration. more »
Manchester, Clifton, City and Borough of Salford, United Kingdom Hybrid / WFH Options
Advania UK
will play a pivotal role in safeguarding our organization's critical infrastructure and data against cyber threats. Your expertise in designing, implementing, and maintaining SIEM solutions will help us proactively identify and mitigate security incidents, ensuring the confidentiality, integrity, and availability of our systems. Responsibilities: - Work with the technical lead …/SME for the CSOC andSIEM service offering by managing and improving the platforms to meet the requirements of the business and/or client - Assist in establishing and maintaining processes, tooling and metrics that help provide a high level of productivity, supportability, and operational readiness - Actively participate in … implemented through onboarding or continuous improvement activities Qualifications & Experience: Professional experience of working in an Incident Response Team or a similar environment Knowledge of SIEM platforms such as Azure Sentinel, Microsoft Defender, Splunk, ArcSight, QRadar, or LogRhythm. Strong analytical and problem-solving skills with the ability to handle complex securitymore »
robust security controls including IAM, network security, data protection, andsecurity monitoring. - Implement and manage cloud security tools and services like Azure Security Center, SIEM solutions (Splunk, ELK, Azure Sentinel), and conduct regular security assessments and penetration testing. - Develop and enforce cloud security policies, procedures, such as NIST, ISO … understanding of cloud security controls, tools (Azure Security Center), and services. - Familiarity with security testing methodologies like penetration testing and vulnerability assessments. - Experience with SIEM tools (Splunk, ELK, Azure Sentinel) and incident response/forensics. - Knowledge of security frameworks (NIST, ISO 27001, SOC 2) and relevant certifications (CISSP, CCSP). more »
City of London, London, United Kingdom Hybrid / WFH Options
Akkodis
type and severity. Identify, create and implement improvements to procedures and processes, with the SOC Manager's approval. Identify opportunities for SOC and client SIEM platform configuration improvements, use case development, monitoring rule creation, tuning & optimisation Assist in architectural design to facilitate the onboarding of new information systems, including the … SOC Analyst/Senior Cyber Securityandsecurity operations experience Experience in managing Microsoft Sentinel, including Lighthouse Experience of onboarding, tuning, reporting and configuring SIEM solutions Experience of threat intelligence Leadership and mentoring experience and skills Understanding of low-level concepts including operating systems and networking Commercial experience in Penetration more »
Doncaster, England, United Kingdom Hybrid / WFH Options
Cloud Decisions
Engineer you'll work handling both reactive and proactive security engagements. Your responsibilities will include: ✨Protective Monitoring: Utilize industry-leading SecurityInformation & EventManagement (SIEM) and Intrusion Detection Systems (IDS) to monitor and detect threats. Provide advice and guidance to clients targeted by cyber attacks and malicious activity. ✨Incident Reporting … Communication: Communicate directly with customers regarding threats and alerts. Prepare and present findings to clients. ✨Technical Assistance: Assist with the onboarding process, including deploying SIEM, Endpoint Detection and Response (EDR), and Vulnerability Management tools. Provide support for active directory administration and firewall management. Key Skills and Traits Needed: Must be more »
work within a four-day operational rota, collaborating closely with Digital Forensic and Incident Response teams. Responsibilities include: Security Monitoring and Incident Detection: Utilizing SIEM tools to identify potential security incidents and anomalies. Analyzing alerts and log data to assess the severity and impact of threats. Incident Response and Analysis … andsecurity-related activities. Security Tools Management: Configuring, updating, and maintaining security tools such as firewalls, intrusion detection/prevention systems, endpoint protection, andSIEM solutions. more »
London, England, United Kingdom Hybrid / WFH Options
Client Server
Lead SOC Engineer/Manager (SC Cleared) London/WFH to £70k Are you an experienced SOC Engineer with a strong knowledge of SIEM combined with leadership experience? You could be progressing you career in an impactful role at a tech company that provide cyber security products to a range … role in ensuring the securityand resilience of both internal and client based information systems. You'll provide subject matter expertise, selecting the appropriate SIEM platform and then once it's embedded ensuring BAU and leading security monitoring, carrying out indepth investigations and actively participating in incident response. This is … About you: You're an experienced SOC Analyst with the ability to troubleshoot and resolve complex security issues You have a strong understanding of SIEM systems e.g. IBM QRadar, FortiSIEM, Splunk, Sentinel and are able to recommend the right tool for the job You have a good understanding of IT more »
South West London, London, United Kingdom Hybrid / WFH Options
Espire Infolabs Limited
GIAC GSEC, GCIH or other comparable degree or other relevant experience. IT skills Network Security System Administration Malware Analysis SecurityInformationandEventManagement (SIEM) Incident Response Tools Professional Competencies Solid grasp of cybersecurity concepts, including threat identification, risk assessment, and incident management, coupled with practical experience in applying securitymore »
engineering team. Knowledge: • Knowledge of big data technologies and ecosystems (e.g., NiFi). • Knowledge of current market and emerging leaders in data analytical andSIEM platforms. • Knowledge of network security implementations (e.g., host-based IDS, IPS), including their function and placement in a network. • Knowledge of intrusion detection systems and … ICS/network architectures and technologies. • Working with frameworks and technologies that support data-intensive distributed applications. • Experience maintaining and administrating data analytical andSIEM platforms. • Experience using host and network-based IDS/IPS • Experience using packet capture solutions. • Skill in developing and deploying signatures. • Skill to apply cybersecurity … Cyber Foundation Pathway, SANS SEC 301 Intro to InformationSecurity, SANS 401 Security Essentials Bootcamp. • Certified engineer in a market leading data analysis/SIEM platform. • SANS SEC501 Advanced Security Essentials Enterprise Defender. • SANS SEC 511 Continuous Monitoring & Security Operations. • SANS SEC555: SIEM with Tactical Analytics more »