Off, 5 Nights on, 3 Off) Tech Stack across roles: Experience with Operating Systems & Computer Forensics Network, Routing & Switching experience with knowledge of SIEM Technologies Knowledge of Cybersecurity frameworks and standards If you are interested in any of these SOC roles and are working at any level across the SOC more »
Frameworks and governance such as NIST, SOCII, ISO27001 etc. Security certification such as CEH, CCNA, OSCP, GCIH etc Security tools/practices such as SIEM, EDR, NDR, OSINT etc Security clearance Commitment As a ‘bench’ Incident Manager you will be called whenever a suitable incident is raised by our clients more »
systems with a mix of both BAU and project work. Your role will involve the following,Using your knowledge of security tools such as SIEM, Firewalls and Cloud Security to monitor systemsProviding Windows Server and Network SupportAssess and respond to external threat intelligence reportsSupport ISO27001, Cyber Essentials Plus and other more »
Time Protocol (NTP) system to deliver accurate time to the Cyber Security suite of systems and facilities; Delivery of a SecurityInformation & EventManagement (SIEM) system for monitoring Cyber Security information. Network Hardening Project Protective Monitoring Project Qualifications Essential Must have experience in working with requirements capture and delivery. Familiar more »
and orchestration.Proven experience in deploying new projects, services and features to cloud.Ability to support SaaS platforms such as Mimecast, Varonis, Identity Management, Cisco Umbrella, SIEMand SASE services, as well as traditional on-premises servers and Windows operating systems, VMware and StorageKnowledge of device and mobility managementand applied security.Expertise more »
Threat Intelligence which is actionable information (e.g. IOCs/TTPs), conduct threat hunting activities; leveraging and analyzing sources of information as available through the SIEM, in addition identify and investigate potential suspicious activity as well as helping organizations identify, isolate, and contain security issues. You will also support the initial … activity, from a Protective Monitoring perspective, including supporting teams in identification, containment, and remediation of security related threat. Identify opportunities for SOC and client SIEM platform configuration improvements, use case development, monitoring rule creation, tuning & optimization. Assist in architectural design to facilitate the onboarding of new information systems, including the … Analyst/Senior Cyber Securityandsecurity operations experience Microsoft MDE, MDI, Sentinel, Lighthouse and DevOps experience Experience of onboarding, tuning, reporting, and configuring SIEM solutions Experience of threat intelligence Leadership and mentoring experience and skills Understanding of low-level concepts including operating systems and networking Commercial experience in Penetration more »
Leeds, England, United Kingdom Hybrid / WFH Options
Harvey Nash
implementing security by design. Other essentials: Background that covers cyber technology, security operations, incident response, architecture, and training. Experience in implementing technology such as SIEM, XDR, SOAR, etc. Background in Financial Services or other regulated industries (desired) Experience in leading through leaders and developing an internal capability Good soft skills more »
qualify prospective clients within the target market for Cyber and QA Systems Testing services, in the areas of Pen Testing, Red Teaming, SOC/SIEMand consultancy Build and maintain strong relationships with key decision-makers, influencers, and stakeholders at prospective client organisations. Conduct thorough needs assessments and solution presentations more »
Experience with Purple Teaming Understanding of computer forensics History with use of Firewalls and IDS/IPS devices Proven ability with SIEM (SecurityInformationandEventManagement) technologies Experience in networking, routing, and switching Use of frameworks such as NIST, ISO 27001,MITRE ATT&CK and CIS. Familiarity with cybersecurity more »
Senior SOC Analyst, SIEM - Cloud based: Sentinel/ManageEngine Log360/QRadar, Splunk, Incident Response Management, Hybrid London 1-2 days per week. We are hiring a Senior SOC Analyst to help build a new SOC function. The role will initially be very hands on, responsible for monitoring and triaging … focus on small client environments and the corporate sector, this role oversees security monitoring for the company delivered solutions and ensures the integration of SIEM platforms into a new Private Cloud solution. As the first recruit into the SOC Team, you will collaborate with management to establish and expand the … service according to business requirements. Main Duties and Responsibilities Monitoring & Investigation: Monitor SIEM tools to assure high security levels, analyse potential security incidents, conduct real-time analysis, support investigations, and document findings to improve incident response procedures. Response: Lead and coordinate incident response activities, develop and maintain incident response plans more »
Our partner are one of the UK's largest insurance companies, offering a wide range of general insurance products across motor, travel, commercial, home, pet and rescue. They have an exciting opportunity for a Senior Security Operations Analyst to join more »
threats, threat actors, and the tactics and techniques adopted. Proven experience with programming - Python, Rust, C++ or other major languages Knowledge of SecOps tooling (SIEM, SOAR, TI). more »
Reading, England, United Kingdom Hybrid / WFH Options
Project People
commercial experience with the following technologies/systems: Check Point Firewall/NIDS/DLP/Anti-Virus/Identity Awareness/URL Filtering SIEM/Splunk Enterprise Desktop and Server Anti-Virus/Malware and endpoint protection technologies Vulnerability Security Scanning e.g. Nessus Microsoft Windows Server family of products. … of TCP/IP Identity and access management systems Active Directory, GPO Configuration Citrix/VMWare Desirable Experience: Experience of managing and developing a SIEM system, and feeding events into a SOC in order to identify and alert on security incidents Understanding of security issues and ability to allocate work more »
our client, you will play a crucial role in implementing and managing their cybersecurity infrastructure. Your responsibilities will include: - Implementing and managing Azure Sentinel SIEM for threat detection, incident response, andsecurity monitoring. - Configuring and maintaining Microsoft Defender for endpoint protection and threat detection. - Developing and maintaining KQL (Kusto Query … junior members of the security team. Requirements: - Proven experience working as a Cyber Security Engineer or similar role. - In-depth knowledge of Azure Sentinel SIEM, Microsoft Defender, and KQL scripting. - One of the following certifications: AZ-500 (Microsoft Azure Security Technologies) or SC-200 (Microsoft Security Operations Analyst) or SC more »
to be on site 3 days a week in our Birmingham office. Why this job matters Your role as a Software Engineer in the SIEM Platform team, within Secure Development is to support the development, implementation, operation and support of BTs Strategic SIEM development. We are seeking a skilled Software … Engineer with expertise in Elasticsearch (or other SIEMand/or Data platforms) to join our dynamic team. As a Software Engineer you will play a critical role in designing, developing, and maintaining our securityinformationandeventmanagement (SIEM) system. Your focus will be on leveraging Elasticsearch and related … Enhance data enrichment by integrating threat intelligence feeds and contextual information. • SIEM Solution Development: o Collaborate with security analysts and architects to design and implement SIEM solutions using Elasticsearch. o Optimize SIEM rules, alerts, and dashboards for efficient threat detection. • Query Optimization and Performance Tuning: o Write efficient Elasticsearch queries more »
Qualys Total Cloud and address any findings relating to non-compliance. Auditing configurations in order to plan remediations and verify compliance requirements are met. SIEM Integration and Configuration for Microsoft Cloud Services: Configure cloud services and Defender for Cloud for integration with Rapid7 InsightIDR SIEM to enhance security monitoring and … incident response capabilities. Integrate SIEM for monitoring Entra ID sign-in, audit, and risk log categories. Work with Security Operations to build and test required alert/detection rules Experience: Professional experience in cloud security, particularly with Microsoft Azure, Entra ID and Microsoft 365. Proficiency with Rapid7 InsightIDR, Qualys, andmore »
London, England, United Kingdom Hybrid / WFH Options
Jisc
to defend against evolving cyber threats. We are actively developing our Security operation centre (SOC) services which includes a SecurityInformationandEventManagement (SIEM) services, 24x7 securityevent monitoring and endpoint detection and response services. About the role: Working within the Architecture and engineering team, reporting into the Lead … prioritise and manage resources within a collaborative team-based environment. • Knowledge or experience of working enterprise public cloud technologies. (desirable) • Experience with threat intelligence, SIEMand SOAR platforms. (desirable) All roles within our Jisc Cyber Security team require employees to have enhanced background screening checks which include but are not more »
in ensuring the safety andsecurity of organizations through proactive monitoring and incident response. Responsibilities: Provide continuous protective monitoring using state-of-the-art SIEM, IDS, and threat intelligence technologies. Offer expert advice and guidance to clients targeted by cyber attacks, maintaining high standards of support. Ensure timely and accurate …/Must have: Strong analytical skills with the ability to interpret complex data. Excellent communication skills, both verbal and written. Proficiency in industry-leading SIEM, IDS, and threat intelligence technologies. Ability to work effectively under pressure and adapt to rapidly changing situations. Prior experience with active directory administration and firewall more »
Edinburgh, Scotland, United Kingdom Hybrid / WFH Options
Denholm Associates
platform. This role presents an exciting opportunity to get involved in innovative projects designing security controls and delivering emerging security technologies. Good knowledge of SIEM tooling is essential. Reporting to the Cyber Security Engineering Manager, you will help to deliver improvements across a number of our cyber security domains including … Analytics, onboarding data and developing detection logic and analytics Essential Criteria: Demonstrable experience working in cyber security Experience supporting security tools, such as SOAR, SIEM, EDR, NGFW, CSPM, WAF, AV Industry recognised certifications such as Certified Splunk Architect, PCSAE, CISSP/CCSP, CEH or equivalent experience Experience working in a more »
Information Technology, Computer Science or relevant experience CISSP, CEH, OSCP, GCIH or applicable security field Incident, change and problem process management experience Experience in SIEM (Splunk, Sentinel), IPS and SOAR tools a plus Experience with investigating and managing major/complex cyber security incidents end-to-end Knowledge of adversarial … tactics, techniques, procedures (TTPs) & industry standard frameworks (Mitre Att&ck, ISO27000, ISO27001) Strong working knowledge of security technologies including but not limited to SIEM, EDR/EPP, AV, IDS, IPS, AD, DNS, SOAR E: j.bhard@locke-mccloud.com Locke & McCloud are the UK’s leading cyber security & informationsecurity staffing company more »
receiving personalised training plans and hands-on mentorship from highly technical and experienced Senior SOC Analysts/Leads. Responsibilities Monitor cyber defence security tooling – SIEM, IDS/IPS, EDR, VM, etc Investigate incidents utilising tooling in place, as well as proactively using open source investigations tooling, e.g. Wireshark, tcpdump, Mojo … findings to clients, handling calls and guiding through incidents. Requirements Previous experience working in a SOC environment or exposure to various security monitoring technologies (SIEM, Intrusion Detection/Prevention, Endpoint Detection, etc) Genuine interest in cyber securityand evidence to back that up – own home lab set up, PCAP Analysis more »
conveying technical aspects to an audience (e.g. product demos to the customer). Working knowledge of using the Scaled Agile Framework (SAFe). ArcSight SIEM toolset, or open to cross-train into ArcSight SIEM toolset (ESM, SmartConnectors, Logger and ArcMC). DV Cleared Application Packager - 5 days onsite near Reading more »
eager to continue their success, supporting a fast-pace, dynamic, trading organisation. The successful candidate will have recent involvement in implementing PAM, IDAM or SIEM tooling and have a range of technical knowledge and be able to add value around scripting, low balancing network infrastructure and an expert around installation … policies and procedures. Skills and requirements: Proficient working experience/knowledge of Linux operating systems including configurations, installation, and troubleshooting. Recent involvement in implementing SIEM tooling, IDAM or PAM. Previous experience managing F5 load balancers. Previous experience of diagnosing, trouble shooting and resolving technical issues TCP/IP, DNS, LDAP more »
City of London, London, United Kingdom Hybrid / WFH Options
Nigel Frank International
Requirements : Hands-on experience in vulnerability management, and configurating and tuning vulnerability management tools e.g. Qualys, Microsoft Defender Hands-on experience configurating and tuning SIEM solutions e.g. Microsoft Sentinel Hands-on experience securing and hardening cloud-based services e.g. M365, Azure, Salesforce Experience working withing global standards and best practices more »