Responsible for the planning, design and build of SIEM detections; automation and SOC workflow enrichments. Strong understanding of current threat landscape, data ingest and telemetry requirements. Experience with SIEM platforms such as Splunk, Azure Sentinel, Qradar, Exabeam, etc. Python scripting MITRE Caldera and ATT&CK Atomic Red Team SOAR automation … postive can do attitude Bias for action and execution of tasks Willingness to grow skillset Career Level - IC4 Responsible for authoring, tuning and deploying SIEM detections, Threat Hunting and automation via pyton scripting and SOAR tools. May participate in an incident management team, responding to security events in line with more »
Reading, England, United Kingdom Hybrid / WFH Options
Project People
commercial experience with the following technologies/systems: Check Point Firewall/NIDS/DLP/Anti-Virus/Identity Awareness/URL Filtering SIEM/Splunk Enterprise Desktop and Server Anti-Virus/Malware and endpoint protection technologies Vulnerability Security Scanning e.g. Nessus Microsoft Windows Server family of products. … of TCP/IP Identity and access management systems Active Directory, GPO Configuration Citrix/VMWare Desirable Experience: Experience of managing and developing a SIEM system, and feeding events into a SOC in order to identify and alert on security incidents Understanding of security issues and ability to allocate work more »
and risk levels Develop and maintain SecOps documentation, policies, and procedures Maintain cybersecurity solutions across systems, applications, and infrastructure Investigate security alerts from the SIEM tool and take appropriate incident response actions. Communicate with stakeholders about security incidents, detailing actions taken. Support the Cyber Incident Response Manager by triaging events more »
in requirements managementand associated tooling. Previous experience working on bids and/or large and complex change requests. Experience with Network Management or SIEM designs, tooling or support. Demonstrable experience owning a full technical solution from pre-sales stage through to delivery handover. Experience in presenting complex technical solutions more »
Gosport, Hampshire, South East, United Kingdom Hybrid / WFH Options
Sopra Steria Limited
and communicate effectively at all levels to both technical and non-technical audiences, assess and evaluate risk and understand the implications of new technologies. SIEM experience with designing, implementing and maintaining Splunk Excellent analytical and problem-solving skills coupled with ability to assess complex situations, identify risks, and recommend effective more »
Basingstoke, Hampshire, South East, United Kingdom
IO Associates
on bids and/or large and complex changes. Solid understanding of a variety of network and routing protocols. Experience with Network Management or SIEM designs, tooling or support. Demonstrable troubleshooting skills and approach to defect resolution. SDWAN experience is advantageous. Your benefits: 25 Days annual leave plus public holidays more »
remediation of vulnerabilities in line with best practise and policy. Assist with the investigation vulnerability results and remediation efforts. Assist with management of the SIEM service, including the ingestion of new log sources, configuration of alerting and providing expert knowledge to aid the investigation of alerts where required. Support the more »
Reading, England, United Kingdom Hybrid / WFH Options
Vallum Associates
/building dashboards/au- tomating common tasks) Preferred: • Experience in designing systems against a zero-trust architecture. • Experience with designing SOC architectures (ie SIEM, SOAR and vulnerability management solutions). • Expert-level certification in either AWS or Azure, with a Security specialization. • Experience in working within regulated environments, such more »
Hatfield, Hertfordshire, South East, United Kingdom Hybrid / WFH Options
Hays
experience of cyber security Extensive practical experience in managing Microsoft server systems, NGAV, Amazon Cloud services, AD, ADFS, M365, security, public clouds, Azure services, SIEM, vulnerability assessment, patch management, DLP, and endpoint protection. Substantial proven expertise in supporting large corporate systems and applications within a large enterprise networked environment. (Educational more »
commercial experience with the following technologies/systems: Check Point Firewall/NIDS/DLP/Anti-Virus/Identity Awareness/URL Filtering SIEM/Splunk Enterprise Desktop and Server Anti-Virus/Malware and endpoint protection technologies Vulnerability Security Scanning (e.g., Nessus) Microsoft Windows Server family of products more »
security best practices and engagement across IT Services and the broader business functions. Support the enterprise IT Security functions. Technical: Proven experience with commercial SIEM platforms; Elastic Security SOC, preferred, or Splunk Incident response software: Thrive Incident Response & Remediation Anti Virus: Microsoft Defender Cyber Triage Practical experience in the Microsoft more »
Surrey, England, United Kingdom Hybrid / WFH Options
Roc Search
SSR tools like Next.js • Modern web application development practices Desirable skills • Azure API Management • Virtual Network architectures • K8s security features (SecurityContext, network policies) • KQL • SIEM systems such as Sentinel • Cloudflare • A/B and MVT Testing • GitOps approach and DevOps workflow automation • BDD, ATDD, TDD • CRM, CMS and ERP Systems more »
5+ years commercial experience with the following technologies/systems: Firewall/NIDS/DLP/Anti-Virus/Identity Awareness/URL Filtering SIEM Enterprise Desktop and Server Anti-Virus/Malware and endpoint protection technologies Vulnerability Security Scanning Microsoft Windows Server family of products. Operational experience of PCI … Good understanding of TCP/IP Identity and access management systems Active Directory, GPO Configuration Citrix/VMWare Experience of managing and developing a SIEM system, and feeding events into a SOC in order to identify and alert on security incidents Understanding of security issues and ability to allocate work more »
Security Engineering, Network securityand/or SOC experience. Experienced engineer with demonstrable detailed knowledge of security products, Web Application Firewalls, SASE, access control, SIEM, AV, email and web security gateways, firewalls, load-balancers, ACLs, TCP/IP, routing and switching. Strong understanding of Security Infrastructure design, IT Security best more »
a similar Cyber/IT Security/InfoSec based role Experience in a wide range of Cyber Security areas. Knowledge of security tool sets (SIEM, FIM, EDR, NDR) Strong Communication skills and the ability to communicate and present at all levels Northreach is an equal opportunity employer and we do more »
Gosport, South East, United Kingdom Hybrid / WFH Options
Sopra Steria Limited
Do you have extensive experience with Splunk? Eligible for DV clearance? And can be based in either Gosport or Glasgow with some remote working? If yes to all of this then read on! As a Managing Security Engineer, you will more »
Cyber Defence Analyst - DV Clearance Required! The Cyber Defence Analyst will join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal more »
Reading, England, United Kingdom Hybrid / WFH Options
Areti Group
with the following technologies/systems: o Check Point Firewall/NIDS/DLP/Anti-Virus/Identity Awareness/URL Filtering o SIEM/Splunk o Enterprise Desktop and Server Anti-Virus/Malware and endpoint protection technologies Vulnerability Security Scanning e.g. Nessus o Microsoft Windows Server family … Citrix/VMWare 🌳 Ideally the candidate will be CISSP certified and be certified in Risk andinformation systems 🌳 Experience of managing and developing a SIEM system, and feeding events into a SOC in order to identify and alert on security incidents 🌳Understanding of security issues and ability to allocate work more »
security automation. Mondas delivers bespoke Cyber Security Solutions, helping our clients streamline their incident response and recovery process with our automated approach to SOAR, SIEM & XDR. Our Sales and Marketing team is the heartbeat of our business and has been crucial to the year on year growth we have experienced more »
security automation. Mondas delivers bespoke Cyber Security Solutions, helping our clients streamline their incident response and recovery process with our automated approach to SOAR, SIEM & XDR. Our Sales and Marketing team is the heartbeat of our business and has been crucial to the year on year growth we have experienced more »
Gosport, Hampshire, South East, United Kingdom Hybrid / WFH Options
Sopra Steria Limited
incidents, advising on containment points and response strategies. Threat understanding - Maintain a deep understanding of evolving cybersecurity threats What you will bring: Experience with SIEM tools including Splunk, QRadar, and Sentinel. Ability to assess and impact business changes on the security posture. Possess current certifications for enterprise level security platforms. more »
a similar Cyber/IT Security/InfoSec based role Experience in a wide range of Cyber Security areas. Experience with security tool sets (SIEM, FIM, EDR, NDR) The ability to contextualise, categorise and prioritise security events, incidents, and alerts Knowledge of security framework and standards implementation (NiST, ISO27001, PCI … spot and investigate anomalous behaviour Strong Communication skills and the ability to communicate and present at all levels IT Cyber Security Manager Technologies involved: SIEM - Logpoint Automated Intrusion and response - Darktrace AntiVirus/Malware detection Email Filtering & Web Security - Mimecast FIM - Tripwire VMware & VDI Horizon Windows Environment Microsoft Azure & O365 more »
Cyber Defence Analyst - DV Clearance Required! The Cyber Defence Analyst will join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal more »
Security Engineering, Network securityand/or SOC experience. Experienced engineer with demonstrable detailed knowledge of security products, Web Application Firewalls, SASE, access control, SIEM, AV, email and web security gateways, firewalls, load-balancers, ACLs, TCP/IP, routing and switching. Strong understanding of Security Infrastructure design, IT Security best more »
DV Cleared - SIEM Engineer/Security Response Engineer/ArcSight - 6 months+ - £600-£650 pd Inside IR35 - Full time on site Hampshire Looking for a number of DV Cleared ArcSight Specialists who have a strong experience with creating and maintaining design, installation and support documentation. All applicants must hold an … clearance Skills and Responsibilities: Design and automate the installation of COTS software products on RHEL and Windows Operating systems. Configure, maintain and support ArcSight SIEM toolset (ESM, SmartConnectors, Logger and ArcMC) Investigating/Resolving issues with ArcSight SIEM toolset Experience of creating bespoke custom (Flex/Regx) Connectors Knowledge of … installation and support documentation Design and automate the installation of COTS software products on RHEL and Windows Operating systems Configure, maintain and support ArcSight SIEM toolset (ESM, SmartConnectors, Logger and ArcMC) Investigating/Resolving issues with ArcSight SIEM toolset DV Cleared - ArcSight SME/Cyber Security Consultant - 6 months+ more »