1 to 25 of 162 SIEM Jobs in the UK excluding London

Cyber Security Lead - Bristol - Hybrid working - £85,000 - £95,000 pa - Not-for-profit organisation Cyber Security/Lead/Cloud/SIEM/Strategy We have a fantastic opportunity for a Cyber Security Lead to work for a superb company in Bristol. Our client is looking for a Cyber … the cyber security strategy across the organisation. You will monitor threats from vulnerability managements tools and support the design, implementation and management of any SIEM tools. You will promote a level of cyber security culture and awareness across the organisation Provide leadership and insights into security threats You will lead … best practice in relation to Cyber Security Around 7+ years of experience working in Security Engineering Strong knowledge of security tooling and technologies including SIEM, vulnerability management, DLP etc Experience of working in environments using ISO27001 or Cyber Essentials Plus Good knowledge of cloud platforms - AWS and Azure Good understanding more »

Are you an expert Engineer who has been involved designing and implementing a SIEM solution based on a set of customer requirements? Are you eager for something new and want to join our experienced team on a transformation journey? Join our well-established Cyber Security Operations team within Aerospace, Defense … our HemelHempstead site 3 days a week. What you will be doing: Maintaining the health of the SOCs technology stack Design and implement a SIEM based on a set of customer requirements Crafting and delivering solutions to onboard customers into the Managed SOC Provide engineering support to analysts Aid in … priorities within a fast paced environment It would be great if you have: Deploying solutions into Cloud (especially where Infrastructure as Code is used) SIEM detection-rule writing Use of log filtering and forwarding technology (such as Splunk forwarders, Logstash, Fluentd, Fluent Bit, etc.) If you are interested in this more »

Role Title: SIEM/Incident SME Duration: 6 months Location: Hybrid/Corsham, Portsmouth or Northallerton - 2/3 days per week at ONE site Rate: £700/d - Umbrella only PLEASE NOTE: Applicants must hold active DV Clearance to be considered for this role Would you like to join … cyber defence hardware. Support Junior Analysts to manage SOC systems. Previous experience of Enterprise ICS/network architectures and technologies Experience and knowledge of SIEM solutions; having the ability to identify use cases and their creation, their deployment and tuning. Experience as a mentor/coach to Junior Analysts Key … C2M2) Excellent communication skills Experience of writing Defence/Government documentation Desirable Qualifications : Broad Spectrum Cyber Course (SANS SEC401 or SEC501 or equivalent) SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent) Advanced Analyst Course (SANS SEC503 or equivalent) All profiles will be reviewed against the required more »

SIEM/Incident SME CONTRACTOR MUST HOLD DV CLEARANCE Role Title: SIEM/Incident SME Location: Hybrid onsite in one of the following locations 2/3 days per week - Corsham, Portsmouth or Northallerton Duration: 6 months Role Description: Main Tech Skills required are ELK (Elastic, Logstash, Kibana) and Tanium … . Support Junior Analysts to manage SOC systems. . Previous experience of Enterprise ICS/network architectures and technologies . Experience and knowledge of SIEM solutions; having the ability to identify use cases and their creation, their deployment and tuning. . Experience as a mentor/coach to Junior Analysts … communication skills . Experience of writing Defence/Government documentation Desirable Qualifications: . Broad Spectrum Cyber Course (SANS SEC401 or SEC501 or equivalent) . SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent) . Advanced Analyst Course (SANS SEC503 or equivalent) If this role is of interest more »

SIEM/Incident SME Location: Hybrid onsite in one of the following locations 2/3 days per week - Corsham, Portsmouth or Northallerton Duration: 6 months MUST BE PAYE THROUGH UMBRELLA We are heading up a recruitment drive for a global consultancy that require a DV Cleared SIEM/Incident … cyber defence hardware. Support Junior Analysts to manage SOC systems. Previous experience of Enterprise ICS/network architectures and technologies Experience and knowledge of SIEM solutions; having the ability to identify use cases and their creation, their deployment and tuning. Experience as a mentor/coach to Junior Analysts Your … C2M2) Excellent communication skills Experience of writing Defence/Government documentation Desirable Qualifications: Broad Spectrum Cyber Course (SANS SEC401 or SEC501 or equivalent) SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent) Advanced Analyst Course (SANS SEC503 or equivalent more »

incidents, advising on containment points and response strategies. Threat understanding - Maintain a deep understanding of evolving cybersecurity threats What you will bring: Experience with SIEM tools including Splunk, QRadar, and Sentinel. Ability to assess and impact business changes on the security posture. Possess current certifications for enterprise level security platforms. more »

of several of the following technologies: Endpoint, network and infrastructure threat protection Cloud Security within Azure and/or AWS IAM Identity Access Management SIEM and MDR VA Vulnerability Analysis and mitigation DLP Data loss prevention PKI Public key infrastructure Ability to guide engineering teams through the deployment where required more »

ensuring the security and integrity of our systems and data. This role will have a strong focus on project work with integrations into the SIEM and you will be empowered to drive and build your own security improvement initiatives as part of the role. You will be responsible for designing … threats and vulnerabilities. You will act as a security SME with input into wider digital projects to ensure logging and monitoring coverage into the SIEM platform. This role requires technical expertise, problem-solving skills, and a strong commitment to maintaining the highest level of security. What you'll be doing … SIEM Management: Develop and maintain efficient log ingestion processes to collect, process, and analyse logs from various systems, applications, and network devices Identify and address any gaps in log ingestion coverage to ensure comprehensive visibility into potential security threats Enhance SIEM telemetry by configuring and optimising data sources, correlation rules more »

of several of the following technologies: Endpoint, network and infrastructure threat protection Cloud Security within Azure and/or AWS IAM Identity Access Management SIEM and MDR VA Vulnerability Analysis and mitigation DLP Data loss prevention PKI Public key infrastructure Ability to guide engineering teams through the deployment where required more »

and communicate effectively at all levels to both technical and non-technical audiences, assess and evaluate risk and understand the implications of new technologies. SIEM experience with designing, implementing and maintaining Splunk Excellent analytical and problem-solving skills coupled with ability to assess complex situations, identify risks, and recommend effective more »

Develop a comprehensive an in-depth understanding of our company's CyberSecurity offering, including but not limited to Public & Private cloud, managed firewall, SOC, SIEM, EDR, managed services and professional services. Articulate the value propositions and benefits to potential clients based on their unique business needs. Make recommendations and drive more »

and communicate effectively at all levels to both technical and non-technical audiences, assess and evaluate risk and understand the implications of new technologies. SIEM experience with designing, implementing and maintaining Splunk Excellent analytical and problem-solving skills coupled with ability to assess complex situations, identify risks, and recommend effective more »

and Support penetration testing and vulnerability testing. - Support development of Supply Chain Security Policy and Processes. SKILLS - Extensive security risk management knowledge. - Experience with SIEM Monitoring, AV, DDoS Protection, vulnerability scanning and EDR. - Knowledge of authentication and authorisation techniques, network sniffing and working with remote access technologies. - Familiarity with NIST more »

GIAC GSEC, GCIH or other comparable degree or other relevant experience. IT skills Network Security System Administration Malware Analysis Security Information and Event Management (SIEM) Incident Response Tools Professional Competencies Solid grasp of cybersecurity concepts, including threat identification, risk assessment, and incident management, coupled with practical experience in applying security more »

Qualys Total Cloud and address any findings relating to non-compliance. Auditing configurations in order to plan remediations and verify compliance requirements are met. SIEM Integration and Configuration for Microsoft Cloud Services: Configure cloud services and Defender for Cloud for integration with Rapid7 InsightIDR SIEM to enhance security monitoring and … incident response capabilities. Integrate SIEM for monitoring Entra ID sign-in, audit, and risk log categories. Work with Security Operations to build and test required alert/detection rules Experience: Professional experience in cloud security, particularly with Microsoft Azure, Entra ID and Microsoft 365. Proficiency with Rapid7 InsightIDR, Qualys, and more »

payments will be made). Your main duties will include: Technical ownership of the Security Operations Centre (SOC) tooling, most notably the AlienVault & Sentinel SIEM platforms but including other supporting tooling as required, such as components of the Microsoft Defender XDR suite. Responsible for the implementation of the SIEM platform … in customer environments. Ranging from the initial ingestion and tuning of data feeds (from both a SIEM, log collector and source device perspective), and heightened support of the implementation. Ensure the progression of the engineering maintenance plan by assuring that all in scope solutions are reviewed by the engineering team … with agreed quality SLAs and KPIs and industry best practice. Required to work closely with the SOC post-implementation, to support and maintain the SIEM platform on behalf of the SOC, contributing to the ongoing development and maintenance of use cases and rulesets as required. Provide chargeable technical Cyber thought more »

incidents, advising on containment points and response strategies. Threat understanding - Maintain a deep understanding of evolving cybersecurity threats What you will bring: Experience with SIEM tools including Splunk, QRadar, and Sentinel. Ability to assess and impact business changes on the security posture. Possess current certifications for enterprise level security platforms. more »

experience of cyber security Extensive practical experience in managing Microsoft server systems, NGAV, Amazon Cloud services, AD, ADFS, M365, security, public clouds, Azure services, SIEM, vulnerability assessment, patch management, DLP, and endpoint protection. Substantial proven expertise in supporting large corporate systems and applications within a large enterprise networked environment. (Educational more »

of several of the following technologies: Endpoint, network and infrastructure threat protection Cloud Security within Azure and/or AWS IAM Identity Access Management SIEM and MDR VA Vulnerability Analysis and mitigation DLP Data loss prevention PKI Public key infrastructure Ability to guide engineering teams through the deployment where required more »

recommendations. Design, implement, and provide support for customer security solutions. Serve as a senior security escalation point for the Service Desk. Configure and maintain SIEM systems. Participate in presales meetings with customers. Required Skills: Certified Cyber Essentials Assessor. Certified Cyber Essentials Lead Assessor. Experience in scoping and conducting penetration tests. … Strong understanding of SIEM and EDR solutions. Experienced in designing and delivering cybersecurity solutions across diverse environments. Proficient in both on-premise and cloud technologies. Excellent organizational skills, effective communication, and a strong customer service focus. Benefits include: Unlimited annual leave (yes seriously) Flexible working options Social events Accreditations and more »

and communicate effectively at all levels to both technical and non-technical audiences, assess and evaluate risk and understand the implications of new technologies. SIEM experience with designing, implementing and maintaining Splunk Excellent analytical and problem-solving skills coupled with ability to assess complex situations, identify risks, and recommend effective more »

Key requirements: Vendor certification of the following would be beneficial: VMware, MS Windows System Support, Cisco knowledge - LAN/WAN, Juniper, IP Trade. McAfee SIEM Security - Security Information Events Management knowledge IT/ICT further education Vendor certification of the following would be beneficial: VMware, MS Windows System Support, Cisco more »

Cyber Security Experience of working in environments using ISO27001 or Cyber Essentials Plus would be beneficial Strong knowledge of security tooling and technologies including SIEM, vulnerability management, DLP etc Good knowledge and understanding of public Cloud platforms (e.g. AWS and Azure) Good understanding of the current threat landscape Excellent communication more »

Proven work experience as a Cybersecurity Analyst or Engineer or similar role · Experience with computer network penetration testing and techniques · Understanding of firewalls, proxies, SIEM, antivirus and IDPS concepts · Ability to identify and mitigate network vulnerabilities and explain how to avoid them · Knowledge of security frameworks and standards, such as more »

and communication Important Knowledge Cybersecurity Capability Maturity Model (C2M2) and NIST Cyber Security Framework (CSF) Current awareness of the market for data analytics and SIEM platforms, including emerging leaders and Network security implementations (e.g host-based IDS, IPS), including their function and placement Cyber defence and information security policies, procedures more »