truly matter—this is the place for you. Examples of tasks that would be undertaken include: Monitor and analyse security events using SIEM tools (e.g., Splunk, QRadar) Investigate and respond to security incidents and alerts Perform vulnerability assessments … interview.
Person specification Essential Criteria Experience in analysing SecurityInformationandEventManagement (SIEM) SIEM reports and managing security incidents. Excellent analytical and problem-solving skills. Effective communication skills, with the ability to work well More ❯
key and secrets management, data loss prevention, and protective marking and classification capabilities. Cyber Security Operations: Proficient in incident response, vulnerability management, SIEM, SOAR, threat modeling, threat hunting, intelligence, data analytics, and anti-phishing methodologies. Infrastructure and Endpoint Security: Experience with endpoint security control technologies (EDR More ❯
bristol, south west england, United Kingdom Hybrid / WFH Options
Intec Select
cause analysis, and provide incident response support Conduct regular vulnerability assessments and penetration testing; assist in remediation efforts Maintain and manage SIEM (SecurityInformationandEventManagement) tools and log analysis Develop and enforce security policies, standards, and procedures Work with IT and development teams to implement secure system designs … experience in an informationsecurity or cybersecurity role Strong understanding of security principles, frameworks, and practices (e.g., CIA triad, defense in depth) Experience with SIEM tools, intrusion detection/prevention systems (IDS/IPS), firewalls, and endpoint protection Familiarity with vulnerability scanning tools (e.g., Nessus, Qualys) and remediation processes Knowledge More ❯
improvements. Prepare comprehensive reports for clients. Technical skills: Demonstrated experience in responding to and investigating incidents whilst utilizing various monitoring, detection and investigation tooling – SIEM, SOAR, EDR etc. Proficiency in log analysis of Networking, Windows, Mac and Linux and Cloud. Understanding of evidence collection process based on priority. Strong understanding More ❯
bristol, south west england, United Kingdom Hybrid / WFH Options
Logiq
staff based on industry best practice. Experience in business growth and bid development is desirable. What We’re Looking for: Essential Experience in operating SIEM tools and vulnerability management software and being able to interpret and prioritise alerts, incidents and threat intelligence. Desirable Security Blue Team 1 or higher CompTIA More ❯
to transition into securityand gain hands-on experience with cutting-edge technology. Gain hands on experience: - Threat Detection & Response – Monitor security alerts using SIEM platforms (Splunk, Sentinel, QRadar etc.) and act fast to counter potential threats. Incident Investigation – Analyse security incidents, conduct forensic investigations, and support remediation efforts. Vulnerability More ❯
Bristol, Avon, South West, United Kingdom Hybrid / WFH Options
Sanderson Recruitment
Solid background in network, application, and data security Practical experience with a wide range of security tools and technologies, including firewalls, IDS/IPS, SIEM, endpoint protection, and native cloud solutions Strong analytical and problem-solving abilities, with a talent for diagnosing and resolving complex security challenges Excellent communication andMore ❯
Greater Bristol Area, United Kingdom Hybrid / WFH Options
55 Exec Search
Act as a point of contact, managing ongoing communications and ensuring technical needs are met Threat Detection & Analysis: Triage and analyse alerts across multiple SIEM platforms (e.g., Microsoft Sentinel, custom ELK stacks). Log & Threat Intelligence Analysis: Perform detailed log analysis and threat intelligence research to uncover root causes andMore ❯
bristol, south west england, United Kingdom Hybrid / WFH Options
Lawrence Harvey
against basic and advanced threat actors. You will be responsible for the automation workflow design and use case development. You will work on the SIEM detection content development and false positive reduction. You will be in charge of robust and detailed incident response to threats, investigation, and triage of day More ❯
NETbuilder is a leading provider of digital solutions, software, consulting, and managed services. We work across multiple sectors, with specialist expertise in the financial, government and commercial markets. Since 1999, we have been providing end-to-end solutions across Digital More ❯
and Access Management (including RBAC and A/PBAC, permissions management), • Cryptographic techniques and implementations • IT asset managementand tracking • Vulnerability Managementand Patching • SIEM principles, products and supporting logging infrastructure • Containerisation and virtual machine security • Delivering secure solutions against project expectations • Strong awareness of and commitment to industry best More ❯
Security Operations related roles Solid understanding of SOC best practices and relevant regulations Experience deploying, configuring, and managing security tools within SOC environments (e.g., SIEM, IDS/IPS, EDR, etc.). Excellent communication skills, verbally and written If this looks interesting to you, please apply or email Georgia on g.cummings More ❯
bristol, south west england, United Kingdom Hybrid / WFH Options
Hamilton Barnes 🌳
cyber incidents, offering reassurance and expert guidance Produce detailed incident reports with root cause analysis and actionable recommendations Perform forensic and log analysis using SIEM, EDR, SOAR, and other security tools Collaborate across teams to enhance response playbooks and internal processes Stay informed on emerging threats and tactics to strengthen More ❯
Infrastructure – Experience with Windows Server setup, Active Directory, VMWare (or similar), VEEAM (or equivalent) backups, and infrastructure monitoring. Additional Tools – Familiarity with vulnerability management, SIEM, PowerShell scripting, and Infrastructure as Code (Terraform/Ansible preferred). The Package: Base salary: up to £60,000 24 days annual leave Employee Assistance More ❯
scripting or programming languages. Practical knowledge and demonstrated experience in areas such as Data Loss Prevention (DLP), Data Privacy/Protection, DSPM/CSPM, SIEM, or vulnerability management is highly preferred. Proven success in a technical, customer-facing role within a software or SaaS company. Full spec available, please apply More ❯
to understand technical capabilities to ensure solutions align with security challenges and business objectives. Technical Requirements: Hands-on experience with security technologies such as SIEM, EDR, SOAR, vulnerability, threat intelligence etc. Experience in pre-sales, solution consulting, or technical advisory roles Proactive mindset and strong customer engagement skills Please apply More ❯
global business risk/objectives. This role is focused on technical operations and support of various informationsecurity tools including event/incident management (SIEM), cloud security, endpoint detection and response, email security, and vulnerability management. This position will be responsible for supporting the Director IT Security in reviewing and … will be done monthly. Deploy new informationsecurity tools, services, processes, and procedures to support the informationsecurity roadmap. Support informationsecurity services including SIEM, MDR, endpoint technology, secure email gateway, cloud security, certificate management, network security, and vulnerability management. Respond to critical incidents in a timely manner in partnership More ❯
/Open API specs for vulnerabilities Advise on secure API design patterns Familiar with fallback controls such as WAF's, API gateways Experience using SIEM/logging tools to track API threats Familiarity with NIST, OWASP SAMM, or internal security frameworks Experience producing risk dashboards/reports for API's More ❯
bristol, south west england, United Kingdom Hybrid / WFH Options
asobbi
This role offers an opportunity to work with market-leading vendors across networking (Cisco), data infrastructure (NetApp, IBM, cloud), andsecurity solutions (NOC, SOC, SIEM) . While the focus is on new business development , there’s potential to inherit a small number of key accounts to support your success. What More ❯
Password Vault Web Access) PSM (Privileged Session Manager) AAM (Application Access Manager) Conjur (Secrets Management) Integrate CyberArk with other security tools and platforms (e.g., SIEM, IAM, ITSM). Configure and manage safes, platforms, and policies within CyberArk. 3. Operational Management: Monitor and maintain the CyberArk environment to ensure optimal performance … PVWA, PSM, AAM, Conjur). Strong understanding of privileged access management concepts and best practices. Experience with integrating CyberArk with other security tools (e.g., SIEM, IAM, ITSM). Proficiency in scripting languages (e.g., PowerShell, Python) for automation and customization. Excellent problem-solving and troubleshooting skills. Preferred: Experience with cloud platforms More ❯
bristol, south west england, United Kingdom Hybrid / WFH Options
Dynamic Search Solutions
Job Title: SIEM Engineer Location: Remote Salary: £40,000 - £50,000 The Company An exciting opportunity has arisen at an award-winning Microsoft Partner for a SIEM Engineer. The business is a fast-growing, industry-leading managed service and managed security service provider, delivering to mid-sized and large enterprise … clients. This is a fantastic opportunity for a SIEM Engineer to continue developing their expertise in security platforms at an established Microsoft Partner. The company places strong emphasis on staff development, offering support for training and professional certifications. You’ll also gain exposure to cutting-edge technologies, working across securityMore ❯
bristol, south west england, United Kingdom Hybrid / WFH Options
Cloud Decisions
You'll own and optimise enterprise-wide log onboarding into Microsoft Sentinel – deploying standard and custom connectors, Function Apps, and parsers to build tailored SIEM solutions that drive real-world threat detection and response. Log ingestion at scale across numerous hybrid and multi-cloud environments Enhance custom Function Apps and … Experience building and integrating complex Microsoft Sentinel at SMC and enterprise Understanding of security telemetry across identity, endpoint, cloud, and network layers Experience in SIEM content development, including KQL, analytics rules, and custom data connectors Scripting and engineering skills – Python, PowerShell, APIs, Function Apps A background in cyber threat detection More ❯
technologies. Create and maintain detection rules and logic to identify suspicious activity and potential security threats. Participate in the creation, implementation, and optimisation of SIEMevent correlation rules, logic, and content to filter out security events associated with known network behaviour, false positives, and errors. Support the transition of project … technologies such as NDR/content filtering/FW/IPS/IDS/DDOS, EDR/MDR, DAST/SAST, Identity Access Management, SIEM & SOAR, log management. Preferable experience in Azure, AWS, Defender, Darktrace. Experience and technical knowledge in multiple areas of cyber defence operations. Experience as a Cyber More ❯
contract XSIAM Engineer with deep expertise in Palo Alto Networks technologies , ideally coming from an XSOAR background , and possessing strong experience across XDR andSIEM environments. This is a key role within our security operations function, focused on enhancing detection, automation, and response capabilities. *For this role you must be … and manage security automation workflows , drawing from previous XSOAR experience Integrate and optimize XDR capabilities to support proactive threat detection Set up and maintain SIEM-style log ingestion , correlation rules, and enrichment pipelines Build custom dashboards and reporting tools for real-time security insights Troubleshoot complex issues related to XSIAM … XSIAM in real-world environments but will consider strong XSOAR Consultants who want to evolve into XSIAM. Strong understanding of Security Operations, XDR , andSIEM principles Proficient in scripting and automation (e.g., Python, PowerShell) Solid experience with log analysis , event correlation, and alert tuning Needs to be eligible for SC More ❯