24 of 24 SIEM Jobs in Cardiff

environments (e.g., Azure) and end-user devices. Hands-on expertise with security tools and technologies, such as Defender for Cloud, Defender for Endpoint, and SIEM solutions. Solid background in implementing and managing security policies via Microsoft Intune and Group Policy (GPO) to secure endpoints and applications. Proven ability to monitor More ❯

and effective communication skills, including with non-technical audiences. Self-motivated with a positive attitude, committed to security as a business enabler. Knowledge of SIEM tools and advanced hunting queries. Experience Needed: Managing serious cyber incidents as a digital forensic incident responder. Operating within large, complex enterprise environments. Understanding of More ❯

or other Public Cloud Solutions) Analysis and Incident Response experience with Cloud systems such as AWS or GCP Experience working and supporting analytics/SIEM platforms Experience working in CSIRT/SOC functions Experience supporting and conducting Incident Response engagements Experience in endpoint based investigations Experience in cloud based investigations More ❯

SOC staff based on industry best practice. Experience in business growth and bid development is desirable. What We’re Looking for: Experience in operating SIEM tools and vulnerability management software and being able to interpret and prioritise alerts, incidents and threat intelligence. Security Blue Team 1 or higher CompTIA Cyber More ❯

evaluating and enhancing our security infrastructure Collaborate with IT, DevOps and SecOps teams to architect, configure and implement security monitoring and defense tools (is. SIEM, IDS/IPS, ASM, WAF) to safeguard against security breaches, cyber threats and unauthorized access Report on and assist with all security events and incidents. More ❯

improvements. Prepare comprehensive reports for clients. Technical skills: Demonstrated experience in responding to and investigating incidents whilst utilizing various monitoring, detection and investigation tooling – SIEM, SOAR, EDR etc. Proficiency in log analysis of Networking, Windows, Mac and Linux and Cloud. Understanding of evidence collection process based on priority. Strong understanding More ❯

will require active SC-Clearance and prior experience with a broad range of cybersecurity tools. Key Responsibilities: Working closely with the SOC to implement SIEM technology Automating security workflows to streamline incident response Utilising cloud environments across both Azure and AWS. Assisting with Incident Management Contributing to platform automation and More ❯

do it? Technical background, willingness to learn, and experience within a Security Operations Centre (SOC). Understanding of SOC tools and technologies, such as SIEM, IDS/IPS, EDR and threat intelligence platforms. Proven experience of assessing maturity, managing SOC services and delivering improvements within a SOC environment. Experience bringing More ❯

Log Analytics). Proficiency in KQL (Kusto Query Language) for log analysis. Experience with automation scripting (PowerShell, Python, or Azure Functions). Familiarity with SIEM tools (Splunk, ELK, Azure Sentinel) Microsoft Certified: Azure Solutions Architect Expert (AZ-305) Microsoft Certified: Azure Security Engineer Associate (AZ-500) Your Personal Skills and More ❯

Security Operations related roles Solid understanding of SOC best practices and relevant regulations Experience deploying, configuring, and managing security tools within SOC environments (e.g., SIEM, IDS/IPS, EDR, etc.). Excellent communication skills, verbally and written #J-18808-Ljbffr More ❯

cyber incidents, offering reassurance and expert guidance Produce detailed incident reports with root cause analysis and actionable recommendations Perform forensic and log analysis using SIEM, EDR, SOAR, and other security tools Collaborate across teams to enhance response playbooks and internal processes Stay informed on emerging threats and tactics to strengthen More ❯

security protocols. CISCO CCNA or equivalent. You may also have/work with: VMware Certified Professional (VCP). Microsoft Certified Professional (MCP). SOC, SIEM, SNMP. Interest in IOT/OT/ICS. Experience with network monitoring and management tools. If this sounds like something you want to be involved More ❯

to understand technical capabilities to ensure solutions align with security challenges and business objectives. Technical Requirements: Hands-on experience with security technologies such as SIEM, EDR, SOAR, vulnerability, threat intelligence etc. Experience in pre-sales, solution consulting, or technical advisory roles Proactive mindset and strong customer engagement skills Please apply More ❯

global business risk/objectives. This role is focused on technical operations and support of various information security tools including event/incident management (SIEM), cloud security, endpoint detection and response, email security, and vulnerability management. This position will be responsible for supporting the Director IT Security in reviewing and … will be done monthly. Deploy new information security tools, services, processes, and procedures to support the information security roadmap. Support information security services including SIEM, MDR, endpoint technology, secure email gateway, cloud security, certificate management, network security, and vulnerability management. Respond to critical incidents in a timely manner in partnership More ❯

Password Vault Web Access) PSM (Privileged Session Manager) AAM (Application Access Manager) Conjur (Secrets Management) Integrate CyberArk with other security tools and platforms (e.g., SIEM, IAM, ITSM). Configure and manage safes, platforms, and policies within CyberArk. 3. Operational Management: Monitor and maintain the CyberArk environment to ensure optimal performance … PVWA, PSM, AAM, Conjur). Strong understanding of privileged access management concepts and best practices. Experience with integrating CyberArk with other security tools (e.g., SIEM, IAM, ITSM). Proficiency in scripting languages (e.g., PowerShell, Python) for automation and customization. Excellent problem-solving and troubleshooting skills. Preferred: Experience with cloud platforms More ❯

Top 10 Able to review Swagger/Open API specs for vulnerabilities Familiar with fallback controls such as WAF's, API gateways Experience using SIEM/logging tools to track API threats Familiarity with NIST, OWASP SAMM, or internal security frameworks Experience producing risk dashboards/reports for API's More ❯

This role offers an opportunity to work with market-leading vendors across networking (Cisco), data infrastructure (NetApp, IBM, cloud), and security solutions (NOC, SOC, SIEM) . While the focus is on new business development , there’s potential to inherit a small number of key accounts to support your success. What More ❯

and compliance responsibilities. Role Highlights Monitor, detect, and respond to security incidents and vulnerabilities Own and manage key elements of the security stack, including SIEM and DLP tools Lead audits, penetration testing, and remediation actions to uphold ISO27001 & SOC2 compliance Collaborate with product teams to embed security into the development … KPI-driven security reports and dashboards for internal stakeholders Experience needed: 1+ year in a SOC or similar cybersecurity role Hands-on experience with SIEM, IDS/IPS, and vulnerability scanning tools Knowledge of AWS, Linux, Windows, IAM (e.g. Okta), and firewalls Understanding of ISO27001, SOC2, GDPR, and third-party More ❯

Security Analyst - Splunk (BBBH195) Cardiff, Wales About Bridewell One of the most exciting prospects in the UK cyber security sector today, Bridewell is a leading cyber security services company specialising in protecting and transforming critical business functions for some of More ❯

Social network you want to login/join with: Senior Microsoft Sentinel/SIEM Engineer, cardiff col-narrow-left Client: Cloud Decisions Location: cardiff, United Kingdom Job Category: Other - EU work permit required: Yes col-narrow-right Job Views: 3 Posted: 31.05.2025 Expiry Date: 15.07.2025 col-wide Job Description: Job … You'll own and optimise enterprise-wide log onboarding into Microsoft Sentinel – deploying standard and custom connectors, Function Apps, and parsers to build tailored SIEM solutions that drive real-world threat detection and response. Log ingestion at scale across numerous hybrid and multi-cloud environments Enhance custom Function Apps and … Experience building and integrating complex Microsoft Sentinel at SMC and enterprise Understanding of security telemetry across identity, endpoint, cloud, and network layers Experience in SIEM content development, including KQL, analytics rules, and custom data connectors Scripting and engineering skills – Python, PowerShell, APIs, Function Apps A background in cyber threat detection More ❯

the implementation and management of various security technologies. Main responsibilities: Analysing security events and incidents relating to internal and customer assets. Designing and developing SIEM security use cases. Designing and implementing security controls and secure configurations. Maintaining proactive vulnerability scanning ensuring that all known vulnerabilities are addressed in line with … internal stakeholders to discuss security related matters. Skills Required: Proven hands-on experience as a Security Engineer or similar working with tools such as SIEM, vulnerability management, endpoint detection & response (EDR), applications security, identity, and access management, etc. Ability to work in a small high performing team, collaborating with other … with experience of learning, adapting and utilising different security technologies, including but not limited to private and cloud infrastructure. Technical knowledge and experience with SIEM, SOAR, IDPS, DDoS, Malware Protection, Vulnerability Management, and Application Security tooling, etc. Knowledge of Information Security frameworks (CIS, NIST, NCSC CAF), supporting processes and toolsets. More ❯

internal cyber teams, including GRC and Cyber Defence, to analyse, escalate, and manage security incidents effectively Utilise a range of security tools such as SIEM, IDS, antivirus, vulnerability scanners, and Microsoft Azure security solutions to detect and assess threats Contribute to the continuous improvement of SOC processes and capabilities, with …/IP, DNS and VPNs Knowledge of Windows domain services such as Active Directory and Windows Server Hands-on experience with SOC tools including SIEM, IDS, antivirus, vulnerability management platforms, and Microsoft Azure security solutions Familiarity with the MITRE ATT&CK framework Experience working in an ITIL-based service management More ❯

with a passion for cyber defence — from junior SOC analysts to aspiring incident responders — helping them build practical detection and analysis skills in a SIEM-driven environment. * We need OffSec certified Instructors or willingness to complete OffSec Instructor Bootcamp (OSIB)* Key Responsibilities: Deliver the SOC-200 course content to bootcamp … learner success throughout the training programme Experience Required: Experience delivering cyber security training (SOC-focused delivery preferred) Familiar with tools and frameworks such as SIEM , MITRE ATT&CK , ELK , and endpoint/network forensics Comfortable delivering to diverse learners (remote or classroom-based) Strong communication, mentoring, and instructional skills OffSec More ❯

is your chance to make a difference at scale – influencing strategy, steering major bids, and delivering cutting-edge secure digital infrastructure across cloud, SOC, SIEM, EDR/XDR, and advisory services. London | Manchester | Bristol | Birmingham | Glasgow | Belfast Critical experience: Sales leadership | specialist Cybersecurity Solutions Sales | SI, Systems Integrator, Technology Services … and Technology products and services business Skilled in managing high-performing specialist teams (6–8+) A persuasive C-suite influencer with deep vendor knowledge (SIEM, SOC, Cloud Sec, Endpoint, etc.) A strategy-setter with a growth mindset and proven results in a major technology environment Why Join? This is a More ❯