leading software company who require an experienced Splunk Engineer to take the lead in the implementation, deployment and configuration of Splunk amidst a new SIEM evolution project. As the Splunk Engineer, you will be responsible for configuring use cases, ingesting log sources, and designing and deploying indices within the Splunk more »
Encryption techniques, Event monitoring, Anti-Malware and Endpoint protection software, (Trellix product experience as additional advantage) . Strong subject matter knowledge in relation to SIEM tool configuration, logging, alerting and monitoring. Strong knowledge of forensics tools, (Axiom product experience as additional advantage) Demonstrable subject matter knowledge in at least one more »
cover both detailed, build, configure and test of the security functions, on the platform. The role will then assist in the integration of the SIEM into the main CGI SOC. The role will finally evolve into to the monitoring of the platform from the CGI SOC for the duration of … the project up to initially March 27. Install and configure the Elastic SIEM onto the Platform Comprehensively test and refine the SIEM to meet security compliance Undertake monitoring, analysis and incident resolution activities Continually Improve the SOC configuration and automation Support addition of new rules for the product against emerging … service delivery Ability to work well in a mixed client CGI team Ability to quickly pick up new and unfamiliar technologies Track record in SIEM/SOAR activities, such as log gathering, Event monitoring, Incident alerting Information Assurance Principles Experience of installing and configuring SIEM Required qualifications to be successful more »
engineering team. Knowledge: Knowledge of big data technologies and ecosystems (e.g., NiFi). Knowledge of current market and emerging leaders in data analytical andSIEM platforms. Knowledge of network security implementations (e.g., host-based IDS, IPS), including their function and placement in a network. Knowledge of intrusion detection systems and … ICS/network architectures and technologies. Working with frameworks and technologies that support data-intensive distributed applications. Experience maintaining and administrating data analytical andSIEM platforms. Experience using host and network-based IDS/IPS Experience using packet capture solutions. Skill in developing and deploying signatures. Skill to apply cybersecurity … Cyber Foundation Pathway, SANS SEC 301 Intro to InformationSecurity, SANS 401 Security Essentials Bootcamp. Certified engineer in a market leading data analysis/SIEM platform. SANS SEC501 Advanced Security Essentials Enterprise Defender. SANS SEC 511 Continuous Monitoring & Security Operations. SANS SEC555: SIEM with Tactical Analytics Due to the high more »
Greater Cheshire West and Chester Area, United Kingdom Hybrid / WFH Options
psd group
reduction across all IT Systems Essential Skills & Experience: Experience with analysing event logs and recognizing cyber intrusions or attacks. Experience using tools such as SIEM, IDS/IPS, antivirus and endpoint protection (e.g. Microsoft Sentinel and Microsoft Defender for Endpoint) Understanding of relevant Cyber Security standards, legislation and regulations including more »
Glasgow, Scotland, United Kingdom Hybrid / WFH Options
Nine Twenty Recruitment
methodologies. Proficient with Microsoft, Windows, and related technologies. Familiarity with networking and network infrastructure. Experienced in designing, implementing, and managing Security services such as SIEM, Endpoint protection, EDR, and Vulnerability management platforms. To be considered for this position, please apply today or contact Sophie on snorton@weareninetwenty.com more »
Corsham, England, United Kingdom Hybrid / WFH Options
J&C Associates Ltd
IT Recruitment specialist that provides support to the clients across UK, Europe and Australia. We have an excellent job opportunity for you. Role Title: SIEM/Incident SME(Need Active DV Clearance) Location: Hybrid onsite in one of the following locations 2/3 days per week - Corsham, Portsmouth or … cyber defence hardware. • Support Junior Analysts to manage SOC systems. • Previous experience of Enterprise ICS/network architectures and technologies • Experience and knowledge of SIEM solutions; having the ability to identify use cases and their creation, their deployment and tuning. • Experience as a mentor/coach to junior analysts Your … C2M2) • Excellent communication skills • Experience of writing Defence/Government documentation Desirable Qualifications: • Broad Spectrum Cyber Course (SANS SEC401 or SEC501 or equivalent) • SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent) • Advanced Analyst Course (SANS SEC503 or equivalent more »
will play a pivotal role in safeguarding our organization's critical infrastructure and data against cyber threats. Your expertise in designing, implementing, and maintaining SIEM solutions will help us proactively identify and mitigate security incidents, ensuring the confidentiality, integrity, and availability of our systems. The requirement for being in the … office is 4 days per month. Responsibilities: Work with the technical lead/SME for the CSOC andSIEM service offering by managing and improving the platforms to meet the requirements of the business and/or client. Assist in establishing and maintaining processes, tooling, and metrics that help provide … implemented through onboarding or continuous improvement activities. Qualifications & Experience: Professional experience of working in an Incident Response Team or a similar environment. Knowledge of SIEM platforms such as Azure Sentinel, Microsoft Defender, Splunk, ArcSight, QRadar, or LogRhythm. Strong analytical and problem-solving skills with the ability to handle complex securitymore »
Glasgow, Scotland, United Kingdom Hybrid / WFH Options
Head Resourcing
to state affiliated groups. Preventing and detecting common attacker techniques and the MITRE ATT&CK framework. Tuning and configuring cyber security tools, for example SIEMand EDR tooling. How enterprise IT networks, Active Directory and Azure AD operate. Service Management of key partners This role comes with excellent benefits such more »
ll need: · Extensive experience of working within a SOC or adjacent role. · Experienced in responding to cyber incidents. · Conversant with common security tooling (E.g., SIEM, SOAR, EDR, NDR). · Understanding of threat actors, their tactics, techniques, and procedures. · Understanding of securityevent data, the value of different data sources andmore »
Cloud and/or any experience on AppOmni Strong understanding of industry security framework and benchmarks such as NIST and CIS Previous experience with SIEM tools and integration Security Engineering experience Excellent analytical and troubleshooting skills across complex systems. Able to articulate complicated processes to non-technical stakeholders. Experience creating more »
securityand a keen eye for identifying and mitigating digital threats. Experience in monitoring, analysing, and responding to security events and incidents. Proficiency with SIEM tools and understanding of the latest cyber security trends and threat landscapes. A collaborative mindset and the ability to communicate effectively across various teams. Certifications more »
Harrogate, North Yorkshire, United Kingdom Hybrid / WFH Options
Hays Technology
practical understanding of some of the core security frameworks (NIST, Cyber Essentials +, ISO27001), and a level of understanding of core security analysis tools (SIEM, IAM/PAM, Firewalls, EDR, Vulnerability scanning tools etc). Your new role will involve Assisting with the implementation and enhancement of the security strategy … risk and compliance) background Experience working with 3rd party suppliers and MSSPs on the enhancement of organisational security Some technical cyber experience (utilisation of SIEM/Vulnerability/IAM tools) Excellent communication skills alongside a proactive and business solution-focused mindset Thorough understanding of, and practical application experience of, commonplace more »
West Midlands, United Kingdom Hybrid / WFH Options
Lorien
tools to enable the detection and defence from threats to the society. Essential skills: * Experience of configuring security tools including one of the following: SIEM, EDR, AV, WAF or Secure Web Gateways. * Experience of integrating tools in an enterprise environment. * Proven problem-solving, analytical skills * Knowledge of Microsoft Defender Experience more »
Sevenoaks, Kent, South East, United Kingdom Hybrid / WFH Options
Constant Recruitment
other administrative tasks as needed. Key Technologies and Skills: Microsoft Windows Server Active Directory Linux IBM operating systems Microsoft Excel QUALYS PALO ALTO CORTEX SIEM tools (e.g., Splunk, ArcSight, LogRhythm) Patching and Update ManagementSecurity Monitoring Automation tools (e.g., Ansible, Puppet, Chef) Scripting languages (e.g., Python, PowerShell, Bash) Compliance frameworks more »
Basingstoke, Hampshire, South East, United Kingdom Hybrid / WFH Options
Circle Group
Adherence to Protocols: Ensure all investigative steps follow established protocols. Advanced Threat Detection and Response: Utilize and fine-tune advanced threat detection tools, including SIEM systems, IDS/IPS, and EDR solutions. Customer Interaction: Customer-Facing Expertise: Directly interface with customers during incidents, providing clear and reassuring communication. Technical Queries more »
Leeds, West Yorkshire, Yorkshire, United Kingdom Hybrid / WFH Options
Circle Group
Adherence to Protocols: Ensure all investigative steps follow established protocols. Advanced Threat Detection and Response: Utilize and fine-tune advanced threat detection tools, including SIEM systems, IDS/IPS, and EDR solutions. Customer Interaction: Customer-Facing Expertise: Directly interface with customers during incidents, providing clear and reassuring communication. Technical Queries more »
Bradford, Yorkshire, United Kingdom Hybrid / WFH Options
Caraffi Limited
policies, and standards. Evaluate risk and compliance for large-scale solutions, focusing on environments with 5000+ endpoints, and implement security infrastructure solutions such as SIEM, Access Governance, SASE, and Endpoint Protection. Adhere to informationsecurity standards (eg, ISO 27001, ISF, NIST), industry security guidance (OWASP & CIS), and risk assessment frameworks more »
South West London, London, United Kingdom Hybrid / WFH Options
Espire Infolabs Limited
Espire infolabs is looking forSIEM Onboarding Engineer for London, UK with remote working flexibility, Job Title: SIEM Onboarding Engineer Job Type: FTC-Fixed Term Contract(6 Months + Possible extensions) Job Location: London, UK(Remote) Job Description: The SIEM Onboarding Engineer plays a critical role in enhancing our organizations security … posture by integrating various devices and data sources into our SIEM environment, utilizing OpenSearch. The SIEM Onboarding Engineer will work closely with business units to identify devices for onboarding, manage the data pipeline, and assist other engineers in configuring their data sources to provide a resilient pipeline.The SIEM Onboarding Engineer … tool whenever possible. Responsibilities: Device Integration: Work with various business units to identify devices and data sources that need to be onboarded to our SIEM (OpenSearch with Security Analytics). Data Pipeline Management: Configure and manage data collection agents to ensure data is reliably ingested into the SIEM. Automation: Leverage more »
threats as they arise. Required Skills: Experience with Qualys, Microsoft Defender, and Ironscales Ability to identify and mitigate network vulnerabilities Understanding of firewalls, proxies, SIEM, antivirus and IDPS concepts Experience of working directly with SIEM/SOC and how to get the best from this service Ability to develop and … evolve SOC andSIEM operation with third party Experience with network penetration testing and techniques Develop and promote best practice for informationsecurity, and conduct threat research Experience writing detail incident reports and documenting detections so that future breaches can be mitigated effectively Desirable skills: Experience working in a multi more »
Cardiff, South Glamorgan, United Kingdom Hybrid / WFH Options
yolk recruitment
and procedural writing. Experience using ticketing systems for task resolution. Certified Threat Intelligence Analyst (CTIA) certification or equivalent. Any experience with Threat Intelligence Platforms, SIEM systems, DMARC Compliance, MySQL and Clickhouse databases would be a bonus! And this is what you'll get in return: Salary up to more »
Manchester, North West, United Kingdom Hybrid / WFH Options
Eviden Technology Services Limited
of several of the following technologies: Endpoint, network and infrastructure threat protection Cloud Security within Azure and/or AWS IAM Identity Access ManagementSIEMand MDR VA Vulnerability Analysis and mitigation DLP Data loss prevention PKI Public key infrastructure Ability to guide engineering teams through the deployment where required more »
and communicate effectively at all levels to both technical and non-technical audiences, assess and evaluate risk and understand the implications of new technologies. SIEM experience with designing, implementing and maintaining Splunk Excellent analytical and problem-solving skills coupled with ability to assess complex situations, identify risks, and recommend effective more »