1 to 25 of 31 SIEM Jobs in the South East

ISO27001/17 and STRIDE Threat Modelling Framework. Understanding of general security practices such as encryption, IAM, PAM, penetration testing, container security, security information and event management etc. and supporting technologies. Ability to take ownership and work proactively . Organised with a proven ability to prioritise workload, meet deadlines, and more »

and communication Important Knowledge Cybersecurity Capability Maturity Model (C2M2) and NIST Cyber Security Framework (CSF) Current awareness of the market for data analytics and SIEM platforms, including emerging leaders and Network security implementations (e.g host-based IDS, IPS), including their function and placement Cyber defence and information security policies, procedures more »

and risk levels Develop and maintain SecOps documentation, policies, and procedures Maintain cybersecurity solutions across systems, applications, and infrastructure Investigate security alerts from the SIEM tool and take appropriate incident response actions. Communicate with stakeholders about security incidents, detailing actions taken. Support the Cyber Incident Response Manager by triaging events more »

Directory, Defender 365, Sentinel and Azure Virtual Desktop and Intune. Proven work experience as a Cybersecurity Analyst or similar role. Understanding of firewalls, proxies, SIEM, antivirus and IDPS concepts. Ability to identify and mitigate network vulnerabilities and explain how to avoid them. Knowledge of security frameworks and standards, such as more »

NCSC) Cyber Assessment Framework (CAF) and ISA/IEC 62443, ISO/IEC 27001/27002, and GDPR. Working knowledge of security technologies including SIEM, SOAR, EDR, AV, IDS/IPS, NAC, AD, DLP, Web Filtering, Email Filtering, Behavioural Analytics. Knowledge of adversarial tactics, techniques, procedures (TTPs) and industry standard more »

tiers when necessary. Vulnerability Scanning: scan systems for vulnerabilities. and manage vulnerabilities discovered during scans. Security Tool Management: Configure and manage security tools (e.g., SIEM, IDS/IPS, antivirus). Ensure proper functioning and timely updates. Reporting and Documentation: Document incidents, actions taken, and findings. Prepare incident reports for further more »

and communicate effectively at all levels to both technical and non-technical audiences, assess and evaluate risk and understand the implications of new technologies. SIEM experience with designing, implementing and maintaining Splunk Excellent analytical and problem-solving skills coupled with ability to assess complex situations, identify risks, and recommend effective more »

Adherence to Protocols: Ensure all investigative steps follow established protocols. Advanced Threat Detection and Response: Utilize and fine-tune advanced threat detection tools, including SIEM systems, IDS/IPS, and EDR solutions. Customer Interaction: Customer-Facing Expertise: Directly interface with customers during incidents, providing clear and reassuring communication. Technical Queries more »

implement Security as Code practices. Assist in securing data platforms and implementing internal SIEM. Collaborate on securing Microsoft 365 and Azure cloud services. Operate SIEM and SOAR capabilities and enhance identity governance. Requirements: Hands-on experience with Microsoft Sentinel and Defender suite. Proficiency in Azure Landing Zones security enhancement. Familiarity more »

office. Projects that need to be completed Security Awareness OpenSource Software scanning Automated Vulnerability Scanning Kubernetes Vulnerability Scanning Supply Chain monitoring (container images etc.) SIEM and Monitoring/Alerting service AntiVirus/AntiMalware for End User devices Antivirus/Malware/Ransomware etc for Product/Platform DDos Protection Access more »

incidents, advising on containment points and response strategies. Threat understanding - Maintain a deep understanding of evolving cybersecurity threats What you will bring: Experience with SIEM tools including Splunk, QRadar, and Sentinel. Ability to assess and impact business changes on the security posture. Possess current certifications for enterprise level security platforms. more »

provided and completing control frameworks Qualifications Who we're looking for: A good understanding of general security practices such as encryption, IAM, security information and event management etc. and supporting technologies Prior experience in delivering highly technical and innovative security engineering/design products You'll also enjoy collaborating with more »

their specific security challenges and needs to identify customized solutions. Essential skills and experience Strong knowledge of security technologies (across multiple domains such as SIEM, Firewall, Network IPS, DLP, Cloud Security etc), information security concepts, and familiarity with security products. A good understanding of CSOC operations and managed security solutions more »

At Direct Line Group, insurance is just the start. Combining decades of industry experience with talented people in every field from data, technology, customer care and auto repair, to HR, finance and procurement , we're a customer-obsessed market powerhouse. more »

other administrative tasks as needed. Key Technologies and Skills: Microsoft Windows Server Active Directory Linux IBM operating systems Microsoft Excel QUALYS PALO ALTO CORTEX SIEM tools (e.g., Splunk, ArcSight, LogRhythm) Patching and Update Management Security Monitoring Automation tools (e.g., Ansible, Puppet, Chef) Scripting languages (e.g., Python, PowerShell, Bash) Compliance frameworks more »

other administrative tasks as needed. Key Technologies and Skills: Microsoft Windows Server Active Directory Linux IBM operating systems Microsoft Excel QUALYS PALO ALTO CORTEX SIEM tools (e.g., Splunk, ArcSight, LogRhythm) Patching and Update Management Security Monitoring Automation tools (e.g., Ansible, Puppet, Chef) Scripting languages (e.g., Python, PowerShell, Bash) Compliance frameworks more »

L2 & L3 Switching concepts IP routing technologies such as OSPF & BGP Redundancy protocols such as VRRP Security principles such as Stateful Firewall, UTM, IPSec & SIEM Wireless principles such as SSIDs, Encryption & Authentication Excellent written and oral communication skills; including the ability to translate technical jargon for a non-technical audience more »

be occasional travel to other company offices/data centres. Essential experience: - IDS/IPS, Firewall, VPN, EDR/XDR - Security Information Event Management (SIEM) tools - TCP/IP - Network Troubleshooting - Penetration testing - ITIL If this sounds of interest please apply or contact/02380 765 286 Spectrum IT Recruitment more »

smoothly as well as ordering new equipment and improving existing processes. Main projects will include: Patch Management, Windows 10 Deployment, Cloud Migration, MDM Deployment, SIEM Deployment, Perimeter Security & WAN Management, Cyber Essentials Level 2 & ISO 2001 (Not Essential!) The Ideal Candidate For this role it is essential that you are more »

will also be given a great opportunity to develop your technical skills and grow in a dynamic, successful company. You will need: Knowledge of SIEM tools e.g Microsoft Sentinel, Google Chronicle. Excellent knowledge of EDR tools e.g CrowdStrike, SentinelOne, Microsoft Defender. Experience providing BAU support. Experience in a SOC environment. more »

analyse, and respond to cyber threats. Understanding of networking technology Cyber security service trends compliance requirements in enterprise organisations Core cyber security products including SIEM, Zero Trust and NDR/XDR products. Core network routing and switching protocols. Knowledge of network performance and optimisation and services Please apply ASAP to more »

on bids and/or large and complex changes. Solid understanding of a variety of network and routing protocols. Experience with Network Management or SIEM designs, tooling or support. Demonstrable troubleshooting skills and approach to defect resolution. SDWAN experience is advantageous Working Pattern (Mon-Fri, Shifts, on-call) This is more »

in scripting languages such as BASH, PowerShell, and Python. Knowledge of databases like MySQL and PostgreSQL. Strong problem-solving and analytical skills. Understanding of SIEM solutions like Splunk. Familiarity with containerization and orchestration principles and tools such as Kubernetes, Docker Swarm, etc. Experience with automation tools like Ansible, Terraform, and more »

in requirements management and associated tooling. Previous experience working on bids and/or large and complex change requests. Experience with Network Management or SIEM designs, tooling or support. Demonstrable experience owning a full technical solution from pre-sales stage through to delivery handover. Experience in presenting complex technical solutions more »

on bids and/or large and complex changes. Solid understanding of a variety of network and routing protocols. Experience with Network Management or SIEM designs, tooling or support. Demonstrable troubleshooting skills and approach to defect resolution. SDWAN experience is advantageous. Your benefits: 25 Days annual leave plus public holidays more »