looking for a SOC Manager to help them grow their Security Operation department from the ground up.Key skills required for this role Security Operations, SIEM, SOC Important SOC, Security Operation, SIEM, SOAR Job descriptionTitle: Cyber Security Operations ManagerLocation: Either Crawley or London (Hybrid)Salary: Up to 80,000 base plus … and developing incident response playbooks/processes, Security Orchestration, Automation and Response (SOAR), running red-team exercises and tabletop crisis war games.Working knowledge of SIEMand SOAR solutions, Identity and Access Managementand Data Loss Prevention technologies preferably including FortiSIEM, Q-Radar, Sentinel, Darktrace, Microsoft Defender.Experience managing suppliers for an more »
you will have good security qualifications such as SANS/CREST qualifications, however, equivalent experience is just as well regarded. Strong working knowledge of SIEM, SOAR, EDR tooling is essential, as is an understanding of the MITRE ATT&CK framework. Experience in CNI/Defence sectors is also desirable.This is more »
About The RoleHippo Digital is recruiting a Principal SIEM Engineer to join our Hippo Herd. SIEM Engineers work in multi-disciplinary teams who build, support & maintain enterprise scale data platforms and solutions helping clients to drive transformation through improved data access and visibility.As a Principal SIEM Engineer, you will have … in a nutshell:Splunk Core Certified accredited SME acting as both consultant and engineer on large scale Splunk Enterprise Security projectsCreating/tuning of SIEM detection rules to satisfy client requirementsProviding technical consultancy for Hippo clients predominantly in the cyber security spaceWorking in hybrid teams across multiple clientsLeading and providing more »
in managing security consultants. Demonstrable consulting experience, trusted advisor, working in partnership with customers and a good relationship builder. Previous experience of working with SIEM products like Splunk, Exabeam, ArcSight, Sentinel, Cisco Sourcefire or other IPS/IDS products is essential Security transformation programmes – design andmanagement of security solution more »
Qualys Total Cloud and address any findings relating to non-compliance. Auditing configurations in order to plan remediations and verify compliance requirements are met. SIEM Integration and Configuration for Microsoft Cloud Services: Configure cloud services and Defender for Cloud for integration with Rapid7 InsightIDR SIEM to enhance security monitoring and … incident response capabilities. Integrate SIEM for monitoring Entra ID sign-in, audit, and risk log categories. Work with Security Operations to build and test required alert/detection rules Experience: Professional experience in cloud security, particularly with Microsoft Azure, Entra ID and Microsoft 365. Proficiency with Rapid7 InsightIDR, Qualys, andmore »
Security Services and Solutions providers as they expand their SOC capability with the growth of SMC customers. An accredited Managed SOC service offering multiple SIEM vendor services, although with a primary focus on Microsoft Sentinel, they're looking for 2 experienced Security Operations Analysts to support the growth of the … The Role: In this role you will be a senior member of the Managed Services team and play a pivotal role in the Sentinel SIEM service offering. You will support the maturation of the service through the implementation of documentation, processes and policies that will improve and maintain the efficiency … and support junior SOC Analysts in their personal growth . Provide support to customers on the use of the SOC Managed Service and the SIEM tool Create policies and documentation to support the maturation of the SOC practice Work closely with the Head of Securityand Compliance to improve the more »
VMware, Messaging (Exchange 2016+), IIS, SQL 2012+, Linux appliances, architecture and OS, backup technologies, Citrix, and Cisco networking. Expertise in security technologies such as SIEM, firewalls, intrusion detection/prevention systems, anti-virus software, authentication systems, log management, and content filtering. Solid grasp of security approaches including ISMS, risk analysis more »
Will Need to Succeed: Minimum 5+ years of experience working in 24x7 enterprise operations, preferably security operations Minimum 3+ years of experience working with SIEM, including running investigations (correlating events on different aspects such as source/destination addresses, usernames, and process names) Demonstrable comprehension of InformationSecurity including malware more »
of security principles, practices, and technologies, including encryption, authentication, and access control. Experience with security tools and technologies such as SAST, DAST, vulnerability scanners, SIEM, and WAF. Proficiency with CI/CD tools like Jenkins, GitLab, CircleCI, or similar, and infrastructure-as-code tools like Terraform, CloudFormation, or Ansible. Hands more »
conveying technical aspects to an audience (e.g. product demos to the customer). Working knowledge of using the Scaled Agile Framework (SAFe). ArcSight SIEM toolset, or open to cross-train into ArcSight SIEM toolset (ESM, SmartConnectors, Logger and ArcMC). DV Cleared Application Packager - 5 days onsite near Reading more »
on Sentinel, IAC, and SecOps. Previous experience working in start-ups or software development companies is highly desirable. Proficiency with Microsoft Sentinel and other SIEM platforms. Strong experience with Infrastructure as Code (IAC) tools such as Terraform, CloudFormation, or ARM. Hands-on experience with security tools and technologies In-depth more »
principles, techniques, and protocols Detailed technical knowledge related to endpoints, servers, infrastructure and networking technologies Strong experience in supporting security systems, including vulnerability management, SIEM, DLP,SOAR, EDR solution, Network Firewalls etc. Working knowledge of IT processes (i.e., ITIL) including incident, problem, defect, change and release management The Cyber Securitymore »
Edinburgh, Scotland, United Kingdom Hybrid / WFH Options
Denholm Associates
platform. This role presents an exciting opportunity to get involved in innovative projects designing security controls and delivering emerging security technologies. Good knowledge of SIEM tooling is essential. Reporting to the Cyber Security Engineering Manager, you will help to deliver improvements across a number of our cyber security domains including … Analytics, onboarding data and developing detection logic and analytics Essential Criteria: Demonstrable experience working in cyber security Experience supporting security tools, such as SOAR, SIEM, EDR, NGFW, CSPM, WAF, AV Industry recognised certifications such as Certified Splunk Architect, PCSAE, CISSP/CCSP, CEH or equivalent experience Experience working in a more »
and risk levels Develop and maintain SecOps documentation, policies, and procedures Maintain cybersecurity solutions across systems, applications, and infrastructure Investigate security alerts from the SIEM tool and take appropriate incident response actions. Communicate with stakeholders about security incidents, detailing actions taken. Support the Cyber Incident Response Manager by triaging events more »
above is beneficial. Experience: Proven experience in designing highly secure on-premise IT infrastructure. Technical Expertise: Experience with technologies such as VMware, VxRail, Networks, SIEM, AntiVirus, PKI/HSM, Cross Domain Gateways, IDAM/RBAC/ABAC/MFA, Windows Technologies, High Grade Crypto. Design Principles: Knowledge of Secure by more »
Reading, England, United Kingdom Hybrid / WFH Options
Project People
commercial experience with the following technologies/systems: Check Point Firewall/NIDS/DLP/Anti-Virus/Identity Awareness/URL Filtering SIEM/Splunk Enterprise Desktop and Server Anti-Virus/Malware and endpoint protection technologies Vulnerability Security Scanning e.g. Nessus Microsoft Windows Server family of products. … of TCP/IP Identity and access management systems Active Directory, GPO Configuration Citrix/VMWare Desirable Experience: Experience of managing and developing a SIEM system, and feeding events into a SOC in order to identify and alert on security incidents Understanding of security issues and ability to allocate work more »
to be on site 3 days a week in our Birmingham office. Why this job matters Your role as a Software Engineer in the SIEM Platform team, within Secure Development is to support the development, implementation, operation and support of BTs Strategic SIEM development. We are seeking a skilled Software … Engineer with expertise in Elasticsearch (or other SIEMand/or Data platforms) to join our dynamic team. As a Software Engineer you will play a critical role in designing, developing, and maintaining our securityinformationandeventmanagement (SIEM) system. Your focus will be on leveraging Elasticsearch and related … Enhance data enrichment by integrating threat intelligence feeds and contextual information. • SIEM Solution Development: o Collaborate with security analysts and architects to design and implement SIEM solutions using Elasticsearch. o Optimize SIEM rules, alerts, and dashboards for efficient threat detection. • Query Optimization and Performance Tuning: o Write efficient Elasticsearch queries more »
engineering team. Knowledge: • Knowledge of big data technologies and ecosystems (e.g., NiFi). • Knowledge of current market and emerging leaders in data analytical andSIEM platforms. • Knowledge of network security implementations (e.g., host-based IDS, IPS), including their function and placement in a network. • Knowledge of intrusion detection systems and … ICS/network architectures and technologies. • Working with frameworks and technologies that support data-intensive distributed applications. • Experience maintaining and administrating data analytical andSIEM platforms. • Experience using host and network-based IDS/IPS • Experience using packet capture solutions. • Skill in developing and deploying signatures. • Skill to apply cybersecurity … Cyber Foundation Pathway, SANS SEC 301 Intro to InformationSecurity, SANS 401 Security Essentials Bootcamp. • Certified engineer in a market leading data analysis/SIEM platform. • SANS SEC501 Advanced Security Essentials Enterprise Defender. • SANS SEC 511 Continuous Monitoring & Security Operations. • SANS SEC555: SIEM with Tactical Analytics more »
role 3+ experience with cloud vulnerabilities 2+ years of experience with endpoint protection tools 2+ years of experience with securityinformationandeventmanagement (SIEM) tools 1+ years of experience with perimeter security Primary Functions Operate within the global Cybersecurity Team within the Information Technology department Ensure global alignment with … needed with security awareness content such as communications, posters, presentations Experience with securitymanagement/configuration cloud tools and services Experience maintaining and troubleshooting: endpoint security, SIEM systems, network security, cloud security, and perimeter security tools. Experience with Active Directory Experience with Microsoft desktop and server operating systems, RedHat Linux more »
tiers when necessary. Vulnerability Scanning: scan systems for vulnerabilities. and manage vulnerabilities discovered during scans. Security Tool Management: Configure and manage security tools (e.g., SIEM, IDS/IPS, antivirus). Ensure proper functioning and timely updates. Reporting and Documentation: Document incidents, actions taken, and findings. Prepare incident reports for further more »
Experience: Bachelor’s degree in a related technical area. One or more relevant certifications such as CISSP, CISM, GCIH, CEH, or OSCP. Proficiency in SIEM Platforms, vulnerability management tools, and incident management processes. Experience in managing security functions or SOC capabilities. Strong analytical skills to analyze security monitoring data andmore »
London, England, United Kingdom Hybrid / WFH Options
Jisc
to defend against evolving cyber threats. We are actively developing our Security operation centre (SOC) services which includes a SecurityInformationandEventManagement (SIEM) services, 24x7 securityevent monitoring and endpoint detection and response services. About the role: Working within the Architecture and engineering team, reporting into the Lead … expertise with threat intelligence, SIEMand SOAR platforms as you will work with our threat intelligence teams to develop effective ways to integrate and automate our SIEM, SOAR and intelligence into efficient and accurate presentations of data for analysis. You will need to be able to demonstrate your previous experience … communication skills, able to discuss complex technical topics with technical and non-technical audiences and to persuade them to follow best practice. • Threat intelligence, SIEMand SOAR qualifications or equivalent. (desirable) All roles within our Jisc Cyber Security team require employees to have enhanced background screening checks which include but more »
ISO27001/17 and STRIDE Threat Modelling Framework. Understanding of general security practices such as encryption, IAM, PAM, penetration testing, container security, securityinformationandeventmanagement etc. and supporting technologies. Ability to take ownership and work proactively . Organised with a proven ability to prioritise workload, meet deadlines, andmore »
with firewall configuration, Next Gen Firewalls, Load-Balancers, and intrusion detection/prevention platforms. Proficiency in Python, PowerShell scripting, and Shell scripts. Familiarity with SIEM platforms is preferred. Security certification such as CISSP, GCIA, or CISM is a plus. Our client is an equal opportunity employer who are committed to more »
years of experience with perimeter security administration (Web proxy, SMTP gateway, firewall) 3 or more years of experience with securityinformationandeventmanagement (SIEM) tools 3 or more years of experience with endpoint protection tools 2 or more years of experience working with threat intelligence feeds and IOCs Cybersecurity more »