1 to 25 of 30 Permanent SIEM Jobs in the South East

eradicate hidden threats. Policy Development: Develop and create SOC policies and technical standards using industry best practices. Log Management: Manage log sources within the SIEM solution and create alert use cases to identify patterns of anomalous activity. Incident Response: Lead the response to high-severity security incidents, providing senior-level more »

conveying technical aspects to an audience (e.g. product demos to the customer). Working knowledge of using the Scaled Agile Framework (SAFe). ArcSight SIEM toolset, or open to cross-train into ArcSight SIEM toolset (ESM, SmartConnectors, Logger and ArcMC). DV Cleared Application Packager - 5 days onsite near Reading more »

and risk levels Develop and maintain SecOps documentation, policies, and procedures Maintain cybersecurity solutions across systems, applications, and infrastructure Investigate security alerts from the SIEM tool and take appropriate incident response actions. Communicate with stakeholders about security incidents, detailing actions taken. Support the Cyber Incident Response Manager by triaging events more »

ISO27001/17 and STRIDE Threat Modelling Framework. Understanding of general security practices such as encryption, IAM, PAM, penetration testing, container security, security information and event management etc. and supporting technologies. Ability to take ownership and work proactively . Organised with a proven ability to prioritise workload, meet deadlines, and more »

tiers when necessary. Vulnerability Scanning: scan systems for vulnerabilities. and manage vulnerabilities discovered during scans. Security Tool Management: Configure and manage security tools (e.g., SIEM, IDS/IPS, antivirus). Ensure proper functioning and timely updates. Reporting and Documentation: Document incidents, actions taken, and findings. Prepare incident reports for further more »

incidents, advising on containment points and response strategies. Threat understanding - Maintain a deep understanding of evolving cybersecurity threats What you will bring: Experience with SIEM tools including Splunk, QRadar, and Sentinel. Ability to assess and impact business changes on the security posture. Possess current certifications for enterprise level security platforms. more »

and communicate effectively at all levels to both technical and non-technical audiences, assess and evaluate risk and understand the implications of new technologies. SIEM experience with designing, implementing and maintaining Splunk Excellent analytical and problem-solving skills coupled with ability to assess complex situations, identify risks, and recommend effective more »

eradicate hidden threats. Policy Development: Develop and create SOC policies and technical standards using industry best practices. Log Management: Manage log sources within the SIEM solution and create alert use cases to identify patterns of anomalous activity. Incident Response: Lead the response to high-severity security incidents, providing senior-level … evidence of advanced threat hunting and incident response. Experience in log correlation, forensics investigations, and compliance with regulatory frameworks. Proficiency in security technologies including SIEM, SOAR, EDR, IDS/IPS, and behavioural analytics. Knowledge of adversarial tactics, techniques, and industry-standard frameworks like Mitre ATT&CK. Deep understanding of SIEM more »

be occasional travel to other company offices/data centres. Essential experience: - IDS/IPS, Firewall, VPN, EDR/XDR - Security Information Event Management (SIEM) tools - TCP/IP - Network Troubleshooting - Penetration testing - ITIL If this sounds of interest please apply or contact/02380 765 286 Spectrum IT Recruitment more »

Identifying system vulnerabilities, conducting risk assesments Therefore, they are looking for candidates with the following skills and experience; - Experience with Microsoft Security products, Sentinel SIEM and Defender suite - General security knowledge : Vulnerability management, Backup Recovery, SIEM, Identity and access management - Risk management and control frameworks knowledge - CompTIA Security+, CISSP, CCSP more »

Directory, Defender 365, Sentinel and Azure Virtual Desktop and Intune. Proven work experience as a Cybersecurity Analyst or similar role. Understanding of firewalls, proxies, SIEM, antivirus and IDPS concepts. Ability to identify and mitigate network vulnerabilities and explain how to avoid them. Knowledge of security frameworks and standards, such as more »

provided and completing control frameworks Qualifications Who we're looking for: A good understanding of general security practices such as encryption, IAM, security information and event management etc. and supporting technologies Prior experience in delivering highly technical and innovative security engineering/design products You'll also enjoy collaborating with more »

on bids and/or large and complex changes. Solid understanding of a variety of network and routing protocols. Experience with Network Management or SIEM designs, tooling or support. Demonstrable troubleshooting skills and approach to defect resolution. SDWAN experience is advantageous Working Pattern (Mon-Fri, Shifts, on-call) This is more »

will also be given a great opportunity to develop your technical skills and grow in a dynamic, successful company. You will need: Knowledge of SIEM tools e.g Microsoft Sentinel, Google Chronicle. Excellent knowledge of EDR tools e.g CrowdStrike, SentinelOne, Microsoft Defender. Experience providing BAU support. Experience in a SOC environment. more »

analyse, and respond to cyber threats. Understanding of networking technology Cyber security service trends compliance requirements in enterprise organisations Core cyber security products including SIEM, Zero Trust and NDR/XDR products. Core network routing and switching protocols. Knowledge of network performance and optimisation and services Please apply ASAP to more »

and communication Important Knowledge Cybersecurity Capability Maturity Model (C2M2) and NIST Cyber Security Framework (CSF) Current awareness of the market for data analytics and SIEM platforms, including emerging leaders and Network security implementations (e.g host-based IDS, IPS), including their function and placement Cyber defence and information security policies, procedures more »

NCSC) Cyber Assessment Framework (CAF) and ISA/IEC 62443, ISO/IEC 27001/27002, and GDPR. Working knowledge of security technologies including SIEM, SOAR, EDR, AV, IDS/IPS, NAC, AD, DLP, Web Filtering, Email Filtering, Behavioural Analytics. Knowledge of adversarial tactics, techniques, procedures (TTPs) and industry standard more »

implement Security as Code practices. Assist in securing data platforms and implementing internal SIEM. Collaborate on securing Microsoft 365 and Azure cloud services. Operate SIEM and SOAR capabilities and enhance identity governance. Requirements: Hands-on experience with Microsoft Sentinel and Defender suite. Proficiency in Azure Landing Zones security enhancement. Familiarity more »

on bids and/or large and complex changes. Solid understanding of a variety of network and routing protocols. Experience with Network Management or SIEM designs, tooling or support. Demonstrable troubleshooting skills and approach to defect resolution. SDWAN experience is advantageous. Your benefits: 25 Days annual leave plus public holidays more »

Code practices. • Assist in securing data platforms, including Data Bricks, Azure SQL, and other in-house developed apps/plugins. • Collaborate on implementing internal SIEM using Sentinel and work towards establishing an internal SOC. • Support the Infrastructure team in configuring firewalls securely and managing Fortinet FortiAnalyzer. • Provide guidance to Infrastructure … and Product teams on securing Microsoft 365 and Azure cloud services. • Establish and manage SIEM and SOAR capabilities using Azure Logic Apps or equivalents. • Enhance the usage and support of Entra ID (previously Azure AD) for IAM, Identity Governance, and PIM. • Document security processes, tool configurations, and security service delivery more »

on automation in collaboration with the Head of Information Security Operations and the rest of the team. OxCERT runs an on-premises Elasticsearch-based SIEM solution, an Intrusion Detection System (IDS), and a vulnerability scanning service as well as other open source and commercial tools. We are one of the … Software and Open Source technologies and actively supports several related project communities. Current projects include the enhancement of the existing Elastic based security information and event management system, the deployment of a new incident response tool, and development of an IT forensics capability. The team has achieved standing and recognition more »

At Direct Line Group, insurance is just the start. Combining decades of industry experience with talented people in every field from data, technology, customer care and auto repair, to HR, finance and procurement , we're a customer-obsessed market powerhouse. more »

other administrative tasks as needed. Key Technologies and Skills: Microsoft Windows Server Active Directory Linux IBM operating systems Microsoft Excel QUALYS PALO ALTO CORTEX SIEM tools (e.g., Splunk, ArcSight, LogRhythm) Patching and Update Management Security Monitoring Automation tools (e.g., Ansible, Puppet, Chef) Scripting languages (e.g., Python, PowerShell, Bash) Compliance frameworks more »

other administrative tasks as needed. Key Technologies and Skills: Microsoft Windows Server Active Directory Linux IBM operating systems Microsoft Excel QUALYS PALO ALTO CORTEX SIEM tools (e.g., Splunk, ArcSight, LogRhythm) Patching and Update Management Security Monitoring Automation tools (e.g., Ansible, Puppet, Chef) Scripting languages (e.g., Python, PowerShell, Bash) Compliance frameworks more »

cyber security technologies and services in use at the company Role & Accountabilities KEY Identity access management, experience/involvement with Security services such as SIEM and Vulnerability Management. Provide expert knowledge and act as a subject matter expert on key principles of (IAM) with an in-depth knowledge in the … remediation of vulnerabilities in line with best practise and policy. Assist with the investigation vulnerability results and remediation efforts. Assist with management of the SIEM service, including the ingestion of new log sources, configuration of alerting and providing expert knowledge to aid the investigation of alerts where required. Support the more »