Crawley, England, United Kingdom Hybrid / WFH Options
Matchtech
eradicate hidden threats. Policy Development: Develop and create SOC policies and technical standards using industry best practices. Log Management: Manage log sources within the SIEM solution and create alert use cases to identify patterns of anomalous activity. Incident Response: Lead the response to high-severity security incidents, providing senior-level more »
conveying technical aspects to an audience (e.g. product demos to the customer). Working knowledge of using the Scaled Agile Framework (SAFe). ArcSight SIEM toolset, or open to cross-train into ArcSight SIEM toolset (ESM, SmartConnectors, Logger and ArcMC). DV Cleared Application Packager - 5 days onsite near Reading more »
and risk levels Develop and maintain SecOps documentation, policies, and procedures Maintain cybersecurity solutions across systems, applications, and infrastructure Investigate security alerts from the SIEM tool and take appropriate incident response actions. Communicate with stakeholders about security incidents, detailing actions taken. Support the Cyber Incident Response Manager by triaging events more »
ISO27001/17 and STRIDE Threat Modelling Framework. Understanding of general security practices such as encryption, IAM, PAM, penetration testing, container security, securityinformationandeventmanagement etc. and supporting technologies. Ability to take ownership and work proactively . Organised with a proven ability to prioritise workload, meet deadlines, andmore »
tiers when necessary. Vulnerability Scanning: scan systems for vulnerabilities. and manage vulnerabilities discovered during scans. Security Tool Management: Configure and manage security tools (e.g., SIEM, IDS/IPS, antivirus). Ensure proper functioning and timely updates. Reporting and Documentation: Document incidents, actions taken, and findings. Prepare incident reports for further more »
Gosport, Hampshire, South East, United Kingdom Hybrid / WFH Options
Sopra Steria Limited
incidents, advising on containment points and response strategies. Threat understanding - Maintain a deep understanding of evolving cybersecurity threats What you will bring: Experience with SIEM tools including Splunk, QRadar, and Sentinel. Ability to assess and impact business changes on the security posture. Possess current certifications for enterprise level security platforms. more »
and communicate effectively at all levels to both technical and non-technical audiences, assess and evaluate risk and understand the implications of new technologies. SIEM experience with designing, implementing and maintaining Splunk Excellent analytical and problem-solving skills coupled with ability to assess complex situations, identify risks, and recommend effective more »
Crawley, West Sussex, South East, United Kingdom Hybrid / WFH Options
Matchtech
eradicate hidden threats. Policy Development: Develop and create SOC policies and technical standards using industry best practices. Log Management: Manage log sources within the SIEM solution and create alert use cases to identify patterns of anomalous activity. Incident Response: Lead the response to high-severity security incidents, providing senior-level … evidence of advanced threat hunting and incident response. Experience in log correlation, forensics investigations, and compliance with regulatory frameworks. Proficiency in security technologies including SIEM, SOAR, EDR, IDS/IPS, and behavioural analytics. Knowledge of adversarial tactics, techniques, and industry-standard frameworks like Mitre ATT&CK. Deep understanding of SIEMmore »
Basingstoke, Hampshire, South East, United Kingdom
Spectrum IT Recruitment
be occasional travel to other company offices/data centres. Essential experience: - IDS/IPS, Firewall, VPN, EDR/XDR - SecurityInformationEventManagement (SIEM) tools - TCP/IP - Network Troubleshooting - Penetration testing - ITIL If this sounds of interest please apply or contact/02380 765 286 Spectrum IT Recruitment more »
Identifying system vulnerabilities, conducting risk assesments Therefore, they are looking for candidates with the following skills and experience; - Experience with Microsoft Security products, Sentinel SIEMand Defender suite - General security knowledge : Vulnerability management, Backup Recovery, SIEM, Identity and access management - Risk managementand control frameworks knowledge - CompTIA Security+, CISSP, CCSP more »
Directory, Defender 365, Sentinel and Azure Virtual Desktop and Intune. Proven work experience as a Cybersecurity Analyst or similar role. Understanding of firewalls, proxies, SIEM, antivirus and IDPS concepts. Ability to identify and mitigate network vulnerabilities and explain how to avoid them. Knowledge of security frameworks and standards, such as more »
provided and completing control frameworks Qualifications Who we're looking for: A good understanding of general security practices such as encryption, IAM, securityinformationandeventmanagement etc. and supporting technologies Prior experience in delivering highly technical and innovative security engineering/design products You'll also enjoy collaborating with more »
on bids and/or large and complex changes. Solid understanding of a variety of network and routing protocols. Experience with Network Management or SIEM designs, tooling or support. Demonstrable troubleshooting skills and approach to defect resolution. SDWAN experience is advantageous Working Pattern (Mon-Fri, Shifts, on-call) This is more »
will also be given a great opportunity to develop your technical skills and grow in a dynamic, successful company. You will need: Knowledge of SIEM tools e.g Microsoft Sentinel, Google Chronicle. Excellent knowledge of EDR tools e.g CrowdStrike, SentinelOne, Microsoft Defender. Experience providing BAU support. Experience in a SOC environment. more »
analyse, and respond to cyber threats. Understanding of networking technology Cyber security service trends compliance requirements in enterprise organisations Core cyber security products including SIEM, Zero Trust and NDR/XDR products. Core network routing and switching protocols. Knowledge of network performance and optimisation and services Please apply ASAP to more »
and communication Important Knowledge Cybersecurity Capability Maturity Model (C2M2) and NIST Cyber Security Framework (CSF) Current awareness of the market for data analytics andSIEM platforms, including emerging leaders and Network security implementations (e.g host-based IDS, IPS), including their function and placement Cyber defence andinformationsecurity policies, procedures more »
NCSC) Cyber Assessment Framework (CAF) and ISA/IEC 62443, ISO/IEC 27001/27002, and GDPR. Working knowledge of security technologies including SIEM, SOAR, EDR, AV, IDS/IPS, NAC, AD, DLP, Web Filtering, Email Filtering, Behavioural Analytics. Knowledge of adversarial tactics, techniques, procedures (TTPs) and industry standard more »
implement Security as Code practices. Assist in securing data platforms and implementing internal SIEM. Collaborate on securing Microsoft 365 and Azure cloud services. Operate SIEMand SOAR capabilities and enhance identity governance. Requirements: Hands-on experience with Microsoft Sentinel and Defender suite. Proficiency in Azure Landing Zones security enhancement. Familiarity more »
on bids and/or large and complex changes. Solid understanding of a variety of network and routing protocols. Experience with Network Management or SIEM designs, tooling or support. Demonstrable troubleshooting skills and approach to defect resolution. SDWAN experience is advantageous. Your benefits: 25 Days annual leave plus public holidays more »
Code practices. • Assist in securing data platforms, including Data Bricks, Azure SQL, and other in-house developed apps/plugins. • Collaborate on implementing internal SIEM using Sentinel and work towards establishing an internal SOC. • Support the Infrastructure team in configuring firewalls securely and managing Fortinet FortiAnalyzer. • Provide guidance to Infrastructure … and Product teams on securing Microsoft 365 and Azure cloud services. • Establish and manage SIEMand SOAR capabilities using Azure Logic Apps or equivalents. • Enhance the usage and support of Entra ID (previously Azure AD) for IAM, Identity Governance, and PIM. • Document security processes, tool configurations, andsecurity service delivery more »
Oxfordshire, England, United Kingdom Hybrid / WFH Options
University of Oxford
on automation in collaboration with the Head of InformationSecurity Operations and the rest of the team. OxCERT runs an on-premises Elasticsearch-based SIEM solution, an Intrusion Detection System (IDS), and a vulnerability scanning service as well as other open source and commercial tools. We are one of the … Software and Open Source technologies and actively supports several related project communities. Current projects include the enhancement of the existing Elastic based securityinformationandeventmanagement system, the deployment of a new incident response tool, and development of an IT forensics capability. The team has achieved standing and recognition more »
At Direct Line Group, insurance is just the start. Combining decades of industry experience with talented people in every field from data, technology, customer care and auto repair, to HR, finance and procurement , we're a customer-obsessed market powerhouse. more »
Reading, Berkshire, United Kingdom Hybrid / WFH Options
Constant Recruitment Ltd
other administrative tasks as needed. Key Technologies and Skills: Microsoft Windows Server Active Directory Linux IBM operating systems Microsoft Excel QUALYS PALO ALTO CORTEX SIEM tools (e.g., Splunk, ArcSight, LogRhythm) Patching and Update ManagementSecurity Monitoring Automation tools (e.g., Ansible, Puppet, Chef) Scripting languages (e.g., Python, PowerShell, Bash) Compliance frameworks more »
Sevenoaks, Kent, United Kingdom Hybrid / WFH Options
Constant Recruitment Ltd
other administrative tasks as needed. Key Technologies and Skills: Microsoft Windows Server Active Directory Linux IBM operating systems Microsoft Excel QUALYS PALO ALTO CORTEX SIEM tools (e.g., Splunk, ArcSight, LogRhythm) Patching and Update ManagementSecurity Monitoring Automation tools (e.g., Ansible, Puppet, Chef) Scripting languages (e.g., Python, PowerShell, Bash) Compliance frameworks more »
cyber security technologies and services in use at the company Role & Accountabilities KEY Identity access management, experience/involvement with Security services such as SIEMand Vulnerability Management. Provide expert knowledge and act as a subject matter expert on key principles of (IAM) with an in-depth knowledge in the … remediation of vulnerabilities in line with best practise and policy. Assist with the investigation vulnerability results and remediation efforts. Assist with management of the SIEM service, including the ingestion of new log sources, configuration of alerting and providing expert knowledge to aid the investigation of alerts where required. Support the more »