101 to 125 of 162 SIEM Jobs in the UK excluding London

of different threat scenarios, investigations, incident response processes and remdiation techniques. * Good knowledge of cyber security systems and tooling * Reasonable knowledge of Security Information and Event Management systems * Reasonable knowledge of Firewall systems (Fortigate essential) * Foundational knowledge of Security Orchestration, Automation and Response (SOAR) systems * Good knowledge of common operating … equipment * Relevant certifications such as CompTIA Security+, CISSP, CISM, or equivalent are a plus; or a desire to progress towards these certificationsProficiency in using SIEM tools, log analysis platforms, and firewall management consoles (FortiGate experience preferred). * Good understanding of risk management, cybersecurity principles, best practices, and frameworks such as more »

that critical business operations continue unhindered. Key Responsibilities Monitor and analyze security events and alerts from multiple sources, including security information and event management (SIEM) software, network and host-based intrusion detection systems, firewall logs, and system logs (Windows and Unix), and databases Separate true threats from false positives using … Maintain a strong awareness of the current threat landscape Basic Qualifications Excellent teamwork skills Knowledge of and experience with intrusion detection/prevention systems and SIEM software Strong knowledge and understanding of network protocols and devices. Strong experience with Mac OS, Windows, and Unix systems. Ability to analyze event logs … recommendations for security tools to tool administrators. Familiarity with tools such as Wireshark, TCP Dump, Security Onion, and Splunk Strong knowledge of the following: SIEM Packet Analysis SSL Decryption Malware Detection HIDS/NIDS Network Monitoring Tools Case Management System Knowledge Base Web Security Gateway Email Security Data Loss Prevention more »

and ensures that critical business operations continue unhindered.Key ResponsibilitiesMonitor and analyze security events and alerts from multiple sources, including security information and event management (SIEM) software, network and host-based intrusion detection systems, firewall logs, and system logs (Windows and Unix), and databasesSeparate true threats from false positives using network … and software monitoring systemsMaintain a strong awareness of the current threat landscapeBasic QualificationsExcellent teamwork skillsKnowledge of and experience with intrusion detection/prevention systems and SIEM softwareStrong knowledge and understanding of network protocols and devices.Strong experience with Mac OS, Windows, and Unix systems.Ability to analyze event logs and recognize signs more »

and acquiring new partners. Basic knowledge of the client's portfolio, including Data, UC, Mobility, Cloud, and Contact Centre. Proficiency in security selling, including SIEM, EDR, MDR, SOC, and PEN Test. Ability to manage the sales cycle and qualification process effectively. more »

and acquiring new partners. Basic knowledge of the client's portfolio, including Data, UC, Mobility, Cloud, and Contact Centre. Proficiency in security selling, including SIEM, EDR, MDR, SOC, and PEN Test. Ability to manage the sales cycle and qualification process effectively. more »

and acquiring new partners. Basic knowledge of the client's portfolio, including Data, UC, Mobility, Cloud, and Contact Centre. Proficiency in security selling, including SIEM, EDR, MDR, SOC, and PEN Test. Ability to manage the sales cycle and qualification process effectively. Maintaining and developing client relationships. more »

on bids and/or large and complex changes. Solid understanding of a variety of network and routing protocols. Experience with Network Management or SIEM designs, tooling or support. Demonstrable troubleshooting skills and approach to defect resolution. SDWAN experience is advantageous. Your benefits: 25 Days annual leave plus public holidays more »

investigating incidents, and assisting in incident response. You will also play a vital role in maintaining and optimizing our security information and event management (SIEM) platform. While previous experience in a Managed Security Service Provider (MSSP) environment is advantageous, it is not a strict requirement. Key Responsibilities Utilize a SIEM … incident analysis and investigation, escalating issues as necessary. Contribute to containment strategies during security incidents, data loss, or breaches. Assist in the design and implementation of SIEM use cases to enhance detection capabilities. Ensure the SIEM platform's health through daily checks and proactive maintenance. Employ various applications and systems … and Hunting methodologies. Experience supporting Incident and Change Management processes. SOC Analyst - Fully remote UK (£50,000 - £70,000 + Bonus) Desired Skills and Experience SIEM/SOC/Threat Hunting/Cyber Security/QRadar more »

5+ years commercial experience with the following technologies/systems: Firewall/NIDS/DLP/Anti-Virus/Identity Awareness/URL Filtering SIEM Enterprise Desktop and Server Anti-Virus/Malware and endpoint protection technologies Vulnerability Security Scanning Microsoft Windows Server family of products. Operational experience of PCI … Good understanding of TCP/IP Identity and access management systems Active Directory, GPO Configuration Citrix/VMWare Experience of managing and developing a SIEM system, and feeding events into a SOC in order to identify and alert on security incidents Understanding of security issues and ability to allocate work more »

commercial experience with the following technologies/systems: Check Point Firewall/NIDS/DLP/Anti-Virus/Identity Awareness/URL Filtering SIEM/Splunk Enterprise Desktop and Server Anti-Virus/Malware and endpoint protection technologies Vulnerability Security Scanning e.g. Nessus Microsoft Windows Server family of products. … of TCP/IP Identity and access management systems Active Directory, GPO Configuration Citrix/VMWare Desirable Experience: Experience of managing and developing a SIEM system, and feeding events into a SOC in order to identify and alert on security incidents Understanding of security issues and ability to allocate work more »

The successful candidates will work in the Security Operations Centre on both reactive and proactive security engagements with regards to Security Information & Event Management (SIEM), Intrusion Detection Systems (IDS), Cyber Threat Intelligence (CTI) and Threat Mining (TM). Role Responsibilities Provide around the clock protective monitoring through the use of … industry leading SIEM, IDS and threat Intelligence Technologies. Provide advice and guidance to client targets of cyber-attacks and malicious activity to a high standard. Provide incident reporting capabilities ensuring that all information is provided in a timely, accurate and effective manner. Provide analytical support to other SOC team members … during security incidents and Threat Mining engagements. Assistance with onboarding process - deployment of SIEM , EDR and Vulnerability Management tools Assistance with active directory administration. Assistance with firewall management. Key Skills Experience in a SOC environment Excellent communication skills and comfortable in a client facing role. A keen interest in cyber more »

The successful candidates will work in the Security Operations Centre on both reactive and proactive security engagements with regards to Security Information & Event Management (SIEM), Intrusion Detection Systems (IDS), Cyber Threat Intelligence (CTI) and Threat Mining (TM). Role Responsibilities Provide around the clock protective monitoring through the use of … industry leading SIEM, IDS and threat Intelligence Technologies. Provide advice and guidance to client targets of cyber-attacks and malicious activity to a high standard. Provide incident reporting capabilities ensuring that all information is provided in a timely, accurate and effective manner. Provide analytical support to other SOC team members … during security incidents and Threat Mining engagements. Assistance with onboarding process - deployment of SIEM , EDR and Vulnerability Management tools Assistance with active directory administration. Assistance with firewall management. Key Skills Experience in a SOC environment Excellent communication skills and comfortable in a client facing role. A keen interest in cyber more »

guidance and direction in all aspects of security operations.Develop and implement robust security strategies and policies to protect company assets and data.Configure and maintain SIEM tools to monitor and analyze security events across the organization.Collaborate with DEVOPS teams to ensure security best practices are integrated into the development and deployment … for continuous improvement.Qualifications:Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience).Extensive hands-on experience configuring and managing SIEM tools (e.g., Splunk, ArcSight, QRadar).Proficiency in working within a DEVOPS environment, with strong knowledge of AWS services and security best practices.Proven experience working as more »

Code practices. • Assist in securing data platforms, including Data Bricks, Azure SQL, and other in-house developed apps/plugins. • Collaborate on implementing internal SIEM using Sentinel and work towards establishing an internal SOC. • Support the Infrastructure team in configuring firewalls securely and managing Fortinet FortiAnalyzer. • Provide guidance to Infrastructure … and Product teams on securing Microsoft 365 and Azure cloud services. • Establish and manage SIEM and SOAR capabilities using Azure Logic Apps or equivalents. • Enhance the usage and support of Entra ID (previously Azure AD) for IAM, Identity Governance, and PIM. • Document security processes, tool configurations, and security service delivery more »

our client, you will play a crucial role in implementing and managing their cybersecurity infrastructure. Your responsibilities will include: - Implementing and managing Azure Sentinel SIEM for threat detection, incident response, and security monitoring. - Configuring and maintaining Microsoft Defender for endpoint protection and threat detection. - Developing and maintaining KQL (Kusto Query … junior members of the security team. Requirements: - Proven experience working as a Cyber Security Engineer or similar role. - In-depth knowledge of Azure Sentinel SIEM, Microsoft Defender, and KQL scripting. - One of the following certifications: AZ-500 (Microsoft Azure Security Technologies) or SC-200 (Microsoft Security Operations Analyst) or SC more »

to be on site 3 days a week in our Birmingham office. Why this job matters Your role as a Software Engineer in the SIEM Platform team, within Secure Development is to support the development, implementation, operation and support of BTs Strategic SIEM development. We are seeking a skilled Software … Engineer with expertise in Elasticsearch (or other SIEM and/or Data platforms) to join our dynamic team. As a Software Engineer you will play a critical role in designing, developing, and maintaining our security information and event management (SIEM) system. Your focus will be on leveraging Elasticsearch and related … Enhance data enrichment by integrating threat intelligence feeds and contextual information. • SIEM Solution Development: o Collaborate with security analysts and architects to design and implement SIEM solutions using Elasticsearch. o Optimize SIEM rules, alerts, and dashboards for efficient threat detection. • Query Optimization and Performance Tuning: o Write efficient Elasticsearch queries more »

Qualys Total Cloud and address any findings relating to non-compliance. Auditing configurations in order to plan remediations and verify compliance requirements are met. SIEM Integration and Configuration for Microsoft Cloud Services: Configure cloud services and Defender for Cloud for integration with Rapid7 InsightIDR SIEM to enhance security monitoring and … incident response capabilities. Integrate SIEM for monitoring Entra ID sign-in, audit, and risk log categories. Work with Security Operations to build and test required alert/detection rules Experience: Professional experience in cloud security, particularly with Microsoft Azure, Entra ID and Microsoft 365. Proficiency with Rapid7 InsightIDR, Qualys, and more »

Qualys Total Cloud and address any findings relating to non-compliance. Auditing configurations in order to plan remediations and verify compliance requirements are met. SIEM Integration and Configuration for Microsoft Cloud Services: Configure cloud services and Defender for Cloud for integration with Rapid7 InsightIDR SIEM to enhance security monitoring and … incident response capabilities. Integrate SIEM for monitoring Entra ID sign-in, audit, and risk log categories. Work with Security Operations to build and test required alert/detection rules Experience: Professional experience in cloud security, particularly with Microsoft Azure, Entra ID and Microsoft 365. Proficiency with Rapid7 InsightIDR, Qualys, and more »

verify compliance requirements are met.SIEM Integration and Configuration for Microsoft Cloud Services:Configure cloud services and Defender for Cloud for integration with Rapid7 InsightIDR SIEM to enhance security monitoring and incident response capabilities.Integrate SIEM for monitoring Entra ID sign-in, audit, and risk log categories.Work with Security Operations to build more »

Job DescriptionSOC Manager/Lead London/WFH to £70kAre you an experienced SOC Manager/Lead with a strong knowledge of SIEM?You could be progressing you career in an impactful role at a tech company that provide cyber security products to a range of finance, government, defence, law … role in ensuring the security and resilience of both internal and client based information systems. You'll provide subject matter expertise, selecting the appropriate SIEM platform and then once it's embedded ensuring BAU and leading security monitoring, carrying out indepth investigations and actively participating in incident response.This is a … a week.About you:You're an experienced SOC Analyst with the ability to troubleshoot and resolve complex security issuesYou have a strong understanding of SIEM systems e.g. IBM QRadar, FortiSIEM, Splunk, Sentinel and are able to recommend the right tool for the jobYou have a good understanding of IT security more »

role & is looking for more autonomy. Other duties will include monitoring information security & distributing to relevant touch points; maintenance of Security tools, such as SIEM, IDS, DLP etc; generate & monitor security information dashboards, researching/reviewing and implementing IT/Cyber Security information solutions and tools; an interest in learning … Security within IT Infrastructure and Systems Background in Microsoft Security technologies & tools Strong analytical/problem solving skills Experience in any/combination of SIEM, Defender 365, Sentinel, DLP, IDS Incident Response & Management in IT Security Extremely important that you can work autonomously Willingness and ability to learn quickly Any more »

SOC team to ensure the effective support and delivery of the following: Provide around the clock protective monitoring through the use of industry leading SIEM, IDS and threat Intelligence Technologies. Provide advice and guidance to client targets of cyber attacks and malicious activity to a high standard. Provide incident reporting … and effective manner. Provide analytical support to other SOC team members during security incidents and Threat Mining engagements. Assistance with onboarding process - deployment of SIEM, EDR and Vulnerability Management tools Direct communication with customers on threats and alerts Providing customers with reports and presenting findings Assistance with active directory administration. more »

will play a pivotal role in safeguarding our organization's critical infrastructure and data against cyber threats. Your expertise in designing, implementing, and maintaining SIEM solutions will help us proactively identify and mitigate security incidents, ensuring the confidentiality, integrity, and availability of our systems. Responsibilities: - Work with the technical lead …/SME for the CSOC and SIEM service offering by managing and improving the platforms to meet the requirements of the business and/or client - Assist in establishing and maintaining processes, tooling and metrics that help provide a high level of productivity, supportability, and operational readiness - Actively participate in … implemented through onboarding or continuous improvement activities Qualifications & Experience: Professional experience of working in an Incident Response Team or a similar environment Knowledge of SIEM platforms such as Azure Sentinel, Microsoft Defender, Splunk, ArcSight, QRadar, or LogRhythm. Strong analytical and problem-solving skills with the ability to handle complex security more »

experienced individual will know what the role entails, but some key points to be considered: - Demonstrable experience of managing security solutions (secure Code Scanning, SIEM, IPS, IDS, Vulnerability Scanning, Penetration Testing,) directly, or through an MSSP, in a cloud-based environment. - Knowledge of security compliance standards relevant to the SaaS … such as PCI, GDPR, ISO 27001, SOC2, NIST - Skills in leveraging application monitoring tools- AWS monitoring/alert tools (CloudTrail, GuardDuty), Qualys tools and SIEM experience, to detect and respond to security events/incidents. - Industry certifications such as CISSP, CISM, CEH, ECSA, LPT, OSCP, AWS certified security, or equivalent more »

experienced individual will know what the role entails, but some key points to be considered: - Demonstrable experience of managing security solutions (secure Code Scanning, SIEM, IPS, IDS, Vulnerability Scanning, Penetration Testing,) directly, or through an MSSP, in a cloud-based environment. - Knowledge of security compliance standards relevant to the SaaS … such as PCI, GDPR, ISO 27001, SOC2, NIST - Skills in leveraging application monitoring tools- AWS monitoring/alert tools (CloudTrail, GuardDuty), Qualys tools and SIEM experience, to detect and respond to security events/incidents. - Industry certifications such as CISSP, CISM, CEH, ECSA, LPT, OSCP, AWS certified security, or equivalent more »