1 to 25 of 48 Permanent SIEM Jobs in the South East

5+ years commercial experience with the following technologies/systems: Firewall/NIDS/DLP/Anti-Virus/Identity Awareness/URL Filtering SIEM Enterprise Desktop and Server Anti-Virus/Malware and endpoint protection technologies Vulnerability Security Scanning Microsoft Windows Server family of products. Operational experience of PCI … Good understanding of TCP/IP Identity and access management systems Active Directory, GPO Configuration Citrix/VMWare Experience of managing and developing a SIEM system, and feeding events into a SOC in order to identify and alert on security incidents Understanding of security issues and ability to allocate work more »

SSR tools like Next.js • Modern web application development practices Desirable skills • Azure API Management • Virtual Network architectures • K8s security features (SecurityContext, network policies) • KQL • SIEM systems such as Sentinel • Cloudflare • A/B and MVT Testing • GitOps approach and DevOps workflow automation • BDD, ATDD, TDD • CRM, CMS and ERP Systems more »

vulnerability experience In summary, Deliver - Deploy - Install Ideal candidate: Knowledge or experience using Tenable.io Or equivalent experience with vulnerability software - essential Experience with EDR, SIEM, Compute, VMWare, Dell, Cisco Datacenters are also highly desirable more »

Are you an expert Engineer who has been involved designing and implementing a SIEM solution based on a set of customer requirements? Are you eager for something new and want to join our experienced team on a transformation journey? Join our well-established Cyber Security Operations team within Aerospace, Defense … our HemelHempstead site 3 days a week. What you will be doing: Maintaining the health of the SOCs technology stack Design and implement a SIEM based on a set of customer requirements Crafting and delivering solutions to onboard customers into the Managed SOC Provide engineering support to analysts Aid in … priorities within a fast paced environment It would be great if you have: Deploying solutions into Cloud (especially where Infrastructure as Code is used) SIEM detection-rule writing Use of log filtering and forwarding technology (such as Splunk forwarders, Logstash, Fluentd, Fluent Bit, etc.) If you are interested in this more »

cyber security technologies and services in use at the company Role & Accountabilities KEY Identity access management, experience/involvement with Security services such as SIEM and Vulnerability Management. Provide expert knowledge and act as a subject matter expert on key principles of (IAM) with an in-depth knowledge in the … remediation of vulnerabilities in line with best practise and policy. Assist with the investigation vulnerability results and remediation efforts. Assist with management of the SIEM service, including the ingestion of new log sources, configuration of alerting and providing expert knowledge to aid the investigation of alerts where required. Support the more »

incidents, advising on containment points and response strategies. Threat understanding - Maintain a deep understanding of evolving cybersecurity threats What you will bring: Experience with SIEM tools including Splunk, QRadar, and Sentinel. Ability to assess and impact business changes on the security posture. Possess current certifications for enterprise level security platforms. more »

experience of cyber security Extensive practical experience in managing Microsoft server systems, NGAV, Amazon Cloud services, AD, ADFS, M365, security, public clouds, Azure services, SIEM, vulnerability assessment, patch management, DLP, and endpoint protection. Substantial proven expertise in supporting large corporate systems and applications within a large enterprise networked environment. (Educational more »

Proven work experience as a Cybersecurity Analyst or Engineer or similar role · Experience with computer network penetration testing and techniques · Understanding of firewalls, proxies, SIEM, antivirus and IDPS concepts · Ability to identify and mitigate network vulnerabilities and explain how to avoid them · Knowledge of security frameworks and standards, such as more »

and communication Important Knowledge Cybersecurity Capability Maturity Model (C2M2) and NIST Cyber Security Framework (CSF) Current awareness of the market for data analytics and SIEM platforms, including emerging leaders and Network security implementations (e.g host-based IDS, IPS), including their function and placement Cyber defence and information security policies, procedures more »

NCSC) Cyber Assessment Framework (CAF) and ISA/IEC 62443, ISO/IEC 27001/27002, and GDPR. Working knowledge of security technologies including SIEM, SOAR, EDR, AV, IDS/IPS, NAC, AD, DLP, Web Filtering, Email Filtering, Behavioural Analytics. Knowledge of adversarial tactics, techniques, procedures (TTPs) and industry standard more »

implement Security as Code practices. Assist in securing data platforms and implementing internal SIEM. Collaborate on securing Microsoft 365 and Azure cloud services. Operate SIEM and SOAR capabilities and enhance identity governance. Requirements: Hands-on experience with Microsoft Sentinel and Defender suite. Proficiency in Azure Landing Zones security enhancement. Familiarity more »

on bids and/or large and complex changes. Solid understanding of a variety of network and routing protocols. Experience with Network Management or SIEM designs, tooling or support. Demonstrable troubleshooting skills and approach to defect resolution. SDWAN experience is advantageous. Your benefits: 25 Days annual leave plus public holidays more »

investigating incidents, and assisting in incident response. You will also play a vital role in maintaining and optimizing our security information and event management (SIEM) platform. While previous experience in a Managed Security Service Provider (MSSP) environment is advantageous, it is not a strict requirement. Key Responsibilities Utilize a SIEM … incident analysis and investigation, escalating issues as necessary. Contribute to containment strategies during security incidents, data loss, or breaches. Assist in the design and implementation of SIEM use cases to enhance detection capabilities. Ensure the SIEM platform's health through daily checks and proactive maintenance. Employ various applications and systems … and Hunting methodologies. Experience supporting Incident and Change Management processes. SOC Analyst - Fully remote UK (£50,000 - £70,000 + Bonus) Desired Skills and Experience SIEM/SOC/Threat Hunting/Cyber Security/QRadar more »

Code practices. • Assist in securing data platforms, including Data Bricks, Azure SQL, and other in-house developed apps/plugins. • Collaborate on implementing internal SIEM using Sentinel and work towards establishing an internal SOC. • Support the Infrastructure team in configuring firewalls securely and managing Fortinet FortiAnalyzer. • Provide guidance to Infrastructure … and Product teams on securing Microsoft 365 and Azure cloud services. • Establish and manage SIEM and SOAR capabilities using Azure Logic Apps or equivalents. • Enhance the usage and support of Entra ID (previously Azure AD) for IAM, Identity Governance, and PIM. • Document security processes, tool configurations, and security service delivery more »

on automation in collaboration with the Head of Information Security Operations and the rest of the team. OxCERT runs an on-premises Elasticsearch-based SIEM solution, an Intrusion Detection System (IDS), and a vulnerability scanning service as well as other open source and commercial tools. We are one of the … Software and Open Source technologies and actively supports several related project communities. Current projects include the enhancement of the existing Elastic based security information and event management system, the deployment of a new incident response tool, and development of an IT forensics capability. The team has achieved standing and recognition more »

on experience with firewall configuration, Next Gen Firewalls, Load-Balancers, and intrusion detection/prevention platforms.Proficiency in Python, PowerShell scripting, and Shell scripts.Familiarity with SIEM platforms is preferred.Security certification such as CISSP, GCIA, or CISM is a plus.Our client is an equal opportunity employer who are committed to fostering an more »

000Benefits: 10% pension contributions, flexible working, in house L&D, 28 days holiday +BHSkills required for this role:- Experience working with SIEM solutions (ideally Sentinel)- Vulnerability management (Nessus)- Incident Response- Implementing appropriate mediationDesirables:- SC Clearance- Large guideline expérience (ISO27001, Cyber Essentials, etc)This role gives the right candidate an opportunity more »

Do you have extensive experience with Splunk? Eligible for DV clearance? And can be based in either Gosport or Glasgow with some remote working? If yes to all of this then read on! As a Managing Security Engineer, you will more »

and risk levels Develop and maintain SecOps documentation, policies, and procedures Maintain cybersecurity solutions across systems, applications, and infrastructure Investigate security alerts from the SIEM tool and take appropriate incident response actions. Communicate with stakeholders about security incidents, detailing actions taken. Support the Cyber Incident Response Manager by triaging events more »

systems with a mix of both BAU and project work. Your role will involve the following,Using your knowledge of security tools such as SIEM, Firewalls and Cloud Security to monitor systemsProviding Windows Server and Network SupportAssess and respond to external threat intelligence reportsSupport ISO27001, Cyber Essentials Plus and other more »

commercial experience with the following technologies/systems: Check Point Firewall/NIDS/DLP/Anti-Virus/Identity Awareness/URL Filtering SIEM/Splunk Enterprise Desktop and Server Anti-Virus/Malware and endpoint protection technologies Vulnerability Security Scanning e.g. Nessus Microsoft Windows Server family of products. … of TCP/IP Identity and access management systems Active Directory, GPO Configuration Citrix/VMWare Desirable Experience: Experience of managing and developing a SIEM system, and feeding events into a SOC in order to identify and alert on security incidents Understanding of security issues and ability to allocate work more »

conveying technical aspects to an audience (e.g. product demos to the customer). Working knowledge of using the Scaled Agile Framework (SAFe). ArcSight SIEM toolset, or open to cross-train into ArcSight SIEM toolset (ESM, SmartConnectors, Logger and ArcMC). DV Cleared Application Packager - 5 days onsite near Reading more »

regulations.Experience and in-depth technical knowledge of deploying, maintaining, and configuring various security technologies within a large and complex environment (anti-malware/EDR, SIEM solutions, vulnerability scanners, patch management, CASB, DLP, penetration testing tools, etc.).Knowledge of TCP/IP and related network protocols, including standard protocols like TCP more »

architecture, procurements and projects.Requirements You will have worked a as Security Operations Engineer or similar role.You will have solid understanding of AWS, Microsoft security, SIEM, SOC, and programming.Solid experience of relevant security frameworks such as ISO27001, GDPR & HIPAA, NIST Cybersecurity Framework.Proven experience AWS and Azure cloud computing experience Understanding of more »

have:Incident response and security monitoringUnderstanding of threat modellingInvestigation experience into Information and Cyber security incidentsBroad technical understanding covering Windows, Linux, Unix, Networking, Cisco, SIEM, IAM, DLP, LAN/WAN, Wireshark, VMware, SSL and othersExperience and knowledge of NIST, COBIT, GCIA, GCIH, GCFA etc.This is an excellent opportunity to work more »