securityand a keen eye for identifying and mitigating digital threats. Experience in monitoring, analysing, and responding to security events and incidents. Proficiency with SIEM tools and understanding of the latest cyber security trends and threat landscapes. A collaborative mindset and the ability to communicate effectively across various teams. Certifications more »
network architectures and technologies. . Working with frameworks and technologies that support data-intensive distributed applications. . Experience maintaining and administrating data analytical andSIEM platforms. . Experience using host and network-based IDS/IPS . Experience using packet capture solutions. . Skill in developing and deploying signatures. . more »
will also be given a great opportunity to develop your technical skills and grow in a dynamic, successful company. You will need: Knowledge of SIEM tools e.g Microsoft Sentinel, Google Chronicle. Excellent knowledge of EDR tools e.g CrowdStrike, SentinelOne, Microsoft Defender. Experience providing BAU support. Experience in a SOC environment. more »
analyse, and respond to cyber threats. Understanding of networking technology Cyber security service trends compliance requirements in enterprise organisations Core cyber security products including SIEM, Zero Trust and NDR/XDR products. Core network routing and switching protocols. Knowledge of network performance and optimisation and services Please apply ASAP to more »
Manchester Area, United Kingdom Hybrid / WFH Options
InfoSec People Ltd
etc Excellent understanding of cybersecurity trends Ability to interpret customer landscape and challenges Strong presentation and client-facing skills Desired Skills: Knowledge across EDR, SIEM, Vulnerability Management Operational experience with security technologies Existing relationships in Manchester area Self-motivation and ability to work autonomously Job Specifics: This is a hybrid more »
on bids and/or large and complex changes. Solid understanding of a variety of network and routing protocols. Experience with Network Management or SIEM designs, tooling or support. Demonstrable troubleshooting skills and approach to defect resolution. SDWAN experience is advantageous Working Pattern (Mon-Fri, Shifts, on-call) This is more »
of achieving and exceeding sales targets in the SaaS, technology, or software sectors. - Experience selling any of the following: Security Tooling such as Cyber, SIEM, Code Analysis, Cloud, such as Cloud Infra or Cloud monitoring, Developer Tools, CI/CD or Gitlab, Github etc or a range of other technical more »
in scripting languages such as BASH, PowerShell, and Python. Knowledge of databases like MySQL and PostgreSQL. Strong problem-solving and analytical skills. Understanding of SIEM solutions like Splunk. Familiarity with containerization and orchestration principles and tools such as Kubernetes, Docker Swarm, etc. Experience with automation tools like Ansible, Terraform, andmore »
Helensburgh, Scotland, United Kingdom Hybrid / WFH Options
Lockheed Martin
with ITIL4 practices. Deliver concise progress reports and compelling presentations to clients. Serve as a subject matter expert in SecurityInformationandEventManagement (SIEM), providing recommendations for product enhancements. Conduct thorough analysis of SIEM outputs, promptly identifying and escalating any incidents or breaches. Provide assurance support to team members … Information Systems Security Professional (CISSP). Experience in Government/Ministry of Defence settings is advantageous. Proficiency in implementing ITIL processes. Strong expertise in SIEM operations. Competence in Risk Managementand NIST Cyber Security Controls. Client-facing experience with exceptional stakeholder management skills. Ability to thrive in a fast-paced more »
to be on site 3 days a week in our Birmingham office. Why this job matters Your role as a Software Engineer in the SIEM Platform team, within Secure Development is to support the development, implementation, operation and support of BTs Strategic SIEM development. We are seeking a skilled Software … Engineer with expertise in Elasticsearch (or other SIEMand/or Data platforms) to join our dynamic team. As a Software Engineer you will play a critical role in designing, developing, and maintaining our securityinformationandeventmanagement (SIEM) system. Your focus will be on leveraging Elasticsearch and related … Enhance data enrichment by integrating threat intelligence feeds and contextual information. • SIEM Solution Development: o Collaborate with security analysts and architects to design and implement SIEM solutions using Elasticsearch. o Optimize SIEM rules, alerts, and dashboards for efficient threat detection. • Query Optimization and Performance Tuning: o Write efficient Elasticsearch queries more »
that critical business operations continue unhindered. Key Responsibilities Monitor and analyze security events and alerts from multiple sources, including securityinformationandeventmanagement (SIEM) software, network and host-based intrusion detection systems, firewall logs, and system logs (Windows and Unix), and databases Separate true threats from false positives using … Maintain a strong awareness of the current threat landscape Basic Qualifications Excellent teamwork skills Knowledge of and experience with intrusion detection/prevention systems andSIEM software Strong knowledge and understanding of network protocols and devices. Strong experience with Mac OS, Windows, and Unix systems. Ability to analyze event logs … recommendations for security tools to tool administrators. Familiarity with tools such as Wireshark, TCP Dump, Security Onion, and Splunk Strong knowledge of the following: SIEM Packet Analysis SSL Decryption Malware Detection HIDS/NIDS Network Monitoring Tools Case Management System Knowledge Base Web Security Gateway Email Security Data Loss Prevention more »
in requirements managementand associated tooling. Previous experience working on bids and/or large and complex change requests. Experience with Network Management or SIEM designs, tooling or support. Demonstrable experience owning a full technical solution from pre-sales stage through to delivery handover. Experience in presenting complex technical solutions more »
Cardiff, South Glamorgan, Wales, United Kingdom Hybrid / WFH Options
OpenTech Partners
and acquiring new partners. Basic knowledge of the client's portfolio, including Data, UC, Mobility, Cloud, and Contact Centre. Proficiency in security selling, including SIEM, EDR, MDR, SOC, and PEN Test. Ability to manage the sales cycle and qualification process effectively. more »
Edinburgh, Midlothian, Scotland, United Kingdom Hybrid / WFH Options
OpenTech Partners
and acquiring new partners. Basic knowledge of the client's portfolio, including Data, UC, Mobility, Cloud, and Contact Centre. Proficiency in security selling, including SIEM, EDR, MDR, SOC, and PEN Test. Ability to manage the sales cycle and qualification process effectively. Maintaining and developing client relationships. more »
Nottingham, Nottinghamshire, East Midlands, United Kingdom Hybrid / WFH Options
Littlefish
payments will be made). Your main duties will include: Technical ownership of the Security Operations Centre (SOC) tooling, most notably the AlienVault & Sentinel SIEM platforms but including other supporting tooling as required, such as components of the Microsoft Defender XDR suite. Responsible for the implementation of the SIEM platform … in customer environments. Ranging from the initial ingestion and tuning of data feeds (from both a SIEM, log collector and source device perspective), and heightened support of the implementation. Ensure the progression of the engineering maintenance plan by assuring that all in scope solutions are reviewed by the engineering team … with agreed quality SLAs and KPIs and industry best practice. Required to work closely with the SOC post-implementation, to support and maintain the SIEM platform on behalf of the SOC, contributing to the ongoing development and maintenance of use cases and rulesets as required. Provide chargeable technical Cyber thought more »
The successful candidates will work in the Security Operations Centre on both reactive and proactive security engagements with regards to SecurityInformation & EventManagement (SIEM), Intrusion Detection Systems (IDS), Cyber Threat Intelligence (CTI) and Threat Mining (TM). Role Responsibilities Provide around the clock protective monitoring through the use of … industry leading SIEM, IDS and threat Intelligence Technologies. Provide advice and guidance to client targets of cyber-attacks and malicious activity to a high standard. Provide incident reporting capabilities ensuring that all information is provided in a timely, accurate and effective manner. Provide analytical support to other SOC team members … during security incidents and Threat Mining engagements. Assistance with onboarding process - deployment of SIEM , EDR and Vulnerability Management tools Assistance with active directory administration. Assistance with firewall management. Key Skills Experience in a SOC environment Excellent communication skills and comfortable in a client facing role. A keen interest in cyber more »
Doncaster, South Yorkshire, Yorkshire, United Kingdom
Forward Role
The successful candidates will work in the Security Operations Centre on both reactive and proactive security engagements with regards to SecurityInformation & EventManagement (SIEM), Intrusion Detection Systems (IDS), Cyber Threat Intelligence (CTI) and Threat Mining (TM). Role Responsibilities Provide around the clock protective monitoring through the use of … industry leading SIEM, IDS and threat Intelligence Technologies. Provide advice and guidance to client targets of cyber-attacks and malicious activity to a high standard. Provide incident reporting capabilities ensuring that all information is provided in a timely, accurate and effective manner. Provide analytical support to other SOC team members … during security incidents and Threat Mining engagements. Assistance with onboarding process - deployment of SIEM , EDR and Vulnerability Management tools Assistance with active directory administration. Assistance with firewall management. Key Skills Experience in a SOC environment Excellent communication skills and comfortable in a client facing role. A keen interest in cyber more »
Corsham, England, United Kingdom Hybrid / WFH Options
J&C Associates Ltd
IT Recruitment specialist that provides support to the clients across UK, Europe and Australia. We have an excellent job opportunity for you. Role Title: SIEM/Incident SME(Need Active DV Clearance) Location: Hybrid onsite in one of the following locations 2/3 days per week - Corsham, Portsmouth or … cyber defence hardware. • Support Junior Analysts to manage SOC systems. • Previous experience of Enterprise ICS/network architectures and technologies • Experience and knowledge of SIEM solutions; having the ability to identify use cases and their creation, their deployment and tuning. • Experience as a mentor/coach to junior analysts Your … C2M2) • Excellent communication skills • Experience of writing Defence/Government documentation Desirable Qualifications: • Broad Spectrum Cyber Course (SANS SEC401 or SEC501 or equivalent) • SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent) • Advanced Analyst Course (SANS SEC503 or equivalent more »
South West London, London, United Kingdom Hybrid / WFH Options
Espire Infolabs Limited
GIAC GSEC, GCIH or other comparable degree or other relevant experience. IT skills Network Security System Administration Malware Analysis SecurityInformationandEventManagement (SIEM) Incident Response Tools Professional Competencies Solid grasp of cybersecurity concepts, including threat identification, risk assessment, and incident management, coupled with practical experience in applying securitymore »
leading software company who require an experienced Splunk Engineer to take the lead in the implementation, deployment and configuration of Splunk amidst a new SIEM evolution project. As the Splunk Engineer, you will be responsible for configuring use cases, ingesting log sources, and designing and deploying indices within the Splunk more »
on bids and/or large and complex changes. Solid understanding of a variety of network and routing protocols. Experience with Network Management or SIEM designs, tooling or support. Demonstrable troubleshooting skills and approach to defect resolution. SDWAN experience is advantageous. Your benefits: 25 Days annual leave plus public holidays more »
SOC team to ensure the effective support and delivery of the following: Provide around the clock protective monitoring through the use of industry leading SIEM, IDS and threat Intelligence Technologies. Provide advice and guidance to client targets of cyber attacks and malicious activity to a high standard. Provide incident reporting … and effective manner. Provide analytical support to other SOC team members during security incidents and Threat Mining engagements. Assistance with onboarding process - deployment of SIEM, EDR and Vulnerability Management tools Direct communication with customers on threats and alerts Providing customers with reports and presenting findings Assistance with active directory administration. more »
Code practices. • Assist in securing data platforms, including Data Bricks, Azure SQL, and other in-house developed apps/plugins. • Collaborate on implementing internal SIEM using Sentinel and work towards establishing an internal SOC. • Support the Infrastructure team in configuring firewalls securely and managing Fortinet FortiAnalyzer. • Provide guidance to Infrastructure … and Product teams on securing Microsoft 365 and Azure cloud services. • Establish and manage SIEMand SOAR capabilities using Azure Logic Apps or equivalents. • Enhance the usage and support of Entra ID (previously Azure AD) for IAM, Identity Governance, and PIM. • Document security processes, tool configurations, andsecurity service delivery more »
Qualys Total Cloud and address any findings relating to non-compliance. Auditing configurations in order to plan remediations and verify compliance requirements are met. SIEM Integration and Configuration for Microsoft Cloud Services: Configure cloud services and Defender for Cloud for integration with Rapid7 InsightIDR SIEM to enhance security monitoring and … incident response capabilities. Integrate SIEM for monitoring Entra ID sign-in, audit, and risk log categories. Work with Security Operations to build and test required alert/detection rules Experience: Professional experience in cloud security, particularly with Microsoft Azure, Entra ID and Microsoft 365. Proficiency with Rapid7 InsightIDR, Qualys, andmore »
Solihull, West Midlands, United Kingdom Hybrid / WFH Options
iDPP
Python, Bash, or PowerShell. Familiarity with security frameworks and standards such as NIST, CIS, and ISO 27001. Experience with securityinformationandeventmanagement (SIEM) tools. Strong analytical and problem-solving skills. Excellent communication and interpersonal skills. Relevant certifications such as AWS Certified Security Specialty, CISSP, or CEH are a more »