24 of 24 SIEM Jobs in Central London

processes Developing and maintains documentation for security systems and procedures Responding to and, where appropriate, resolving or escalating reported security incidents Monitoring system logs, SIEM tools and network traffic for unusual or suspicious activity. Investigating and resolving security violations by providing postmortem analysis to illuminate the issues and possible solutions More ❯

processes Developing and maintains documentation for security systems and procedures Responding to and, where appropriate, resolving or escalating reported security incidents Monitoring system logs, SIEM tools and network traffic for unusual or suspicious activity. Investigating and resolving security violations by providing postmortem analysis to illuminate the issues and possible solutions More ❯

security principles, protocols, and standards. Proficiency with DevOps and DevSecOps tools (e.g. GitLab CI/CD, Ansible, Terraform). Experience with security tools like SIEM/SOAR (preferably Rapid7), IDS/IPS, vulnerability scanners, and code analysis tools (SonarCloud, Snyk, Chekov) Strong knowledge of network security, encryption, identity and access More ❯

network protocols, ports, and services * Understanding of encryption algorithms AES, RSA etc * Knowledge of Public Key Infrastructure (PKI), SSL/TLS certificates * Basics of SIEM * Basics of OS Patching Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the More ❯

conducting vulnerability assessments, supporting audits, and helping to strengthen third-party security compliance. Key Responsibilities: Monitor security systems and investigate incidents Operate firewalls, EDR, SIEM tools, and encryption software Support vulnerability testing and risk analysis Assist with third-party vendor assessments and internal audits Contribute to the ongoing improvement of More ❯

staff. THE ROLE: Design and implement short and long-term strategic plans to ensure IT network Work closely with and monitor logs generated from SIEM & Sophos MTR Configuring, maintaining and implementing intrusion detection systems and firewalls, virtual private networks, web protocols, and email security Create and update all relevant Jira More ❯

staff. THE ROLE: Design and implement short and long-term strategic plans to ensure IT network Work closely with and monitor logs generated from SIEM & Sophos MTR Configuring, maintaining and implementing intrusion detection systems and firewalls, virtual private networks, web protocols, and email security Create and update all relevant Jira More ❯

software development methodologies and practices Ability to Rapid Risk Assessment and Threat Modeling Other technical skills required: Azure Security Monitoring including Application Insights, and SIEM Excellent communication skills to guarantee stakeholder alignment and successful outcomes at all stages of Product delivery and ongoing support. This is a great opportunity and More ❯

software development methodologies and practices Ability to Rapid Risk Assessment and Threat Modeling Other technical skills required: Azure Security Monitoring including Application Insights, and SIEM Excellent communication skills to guarantee stakeholder alignment and successful outcomes at all stages of Product delivery and ongoing support This is a great opportunity and More ❯

software development methodologies and practices Ability to Rapid Risk Assessment and Threat Modeling Other technical skills required: Azure Security Monitoring including Application Insights, and SIEM Excellent communication skills to guarantee stakeholder alignment and successful outcomes at all stages of Product delivery and ongoing support. This is a great opportunity and More ❯

Active SC clearance required Role Overview We are seeking an experienced Splunk Engineer/Security Architect to lead strategic and tactical improvements to the SIEM and associated components across a large-scale hybrid security environment. You'll play a pivotal role in enhancing monitoring capabilities, driving SIEM convergence, and supporting … to a national programme improving the government's ability to detect and respond to cyber threats across multiple portfolios. You'll work alongside the SIEM Product Owner and CSOC teams to define and deliver architectural and engineering enhancements using Splunk SaaS and related technologies. Key Responsibilities Produce and maintain architecture … development aligned with CSOC and MITRE ATT&CK framework Attend and represent the project at key technical forums (ADF, TDA, workshops) Deliver improvements to SIEM architecture, use cases, automation, and data enrichment Improve onboarding processes for directorates and manage onboarding QA Lead integration of SOAR, Attack Analyzer, and other tooling More ❯

SSO, and Privileged Access Management (PAM). Lead threat monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). Conduct regular security risk assessments, penetration tests, and … Single Sign-On (SSO), and Privileged Access Management (PAM). Threat Management & Incident Response: Ability to detect, respond to, and mitigate cyber threats using SIEM, endpoint security, and vulnerability management tools. Networking & Infrastructure Security: Understanding of firewalls, VPNs, SD-WAN, DNS security, endpoint protection, and cloud security controls. IT Service More ❯

Strong documentation skills (Microsoft Word, Project, Visio) and a grasp of Enterprise Architecture methods like TOGAF (desirable). Familiarity with secure Internet solutions (firewalls, SIEM), LAN environments, and cloud architectures (public/private) is a plus. Knowledge of sector-specific networks such as HSCN, PSN, or JANET is highly advantageous. More ❯

/Open API specs for vulnerabilities Advise on secure API design patterns Familiar with fallback controls such as WAF's, API gateways Experience using SIEM/logging tools to track API threats Familiarity with NIST, OWASP SAMM, or internal security frameworks Experience producing risk dashboards/reports for API's More ❯

/Open API specs for vulnerabilities Advise on secure API design patterns Familiar with fallback controls such as WAF's, API gateways Experience using SIEM/logging tools to track API threats Familiarity with NIST, OWASP SAMM, or internal security frameworks Experience producing risk dashboards/reports for API's More ❯

/Open API specs for vulnerabilities Advise on secure API design patterns Familiar with fallback controls such as WAF's, API gateways Experience using SIEM/logging tools to track API threats Familiarity with NIST, OWASP SAMM, or internal security frameworks Experience producing risk dashboards/reports for API's More ❯

/Open API specs for vulnerabilities Advise on secure API design patterns Familiar with fallback controls such as WAF's, API gateways Experience using SIEM/logging tools to track API threats Familiarity with NIST, OWASP SAMM, or internal security frameworks Experience producing risk dashboards/reports for API's More ❯

/Open API specs for vulnerabilities Advise on secure API design patterns Familiar with fallback controls such as WAF's, API gateways Experience using SIEM/logging tools to track API threats Familiarity with NIST, OWASP SAMM, or internal security frameworks Experience producing risk dashboards/reports for API's More ❯

strength, and actionable recommendations. Key Responsibilities Threat modelling and simulation Vulnerability assessments Ethical hacking of networks, operating systems, and web application Utilise tools for SIEM, Data Loss Prevention, and endpoint detection Collaborate with third-party vendors The role is open for applications from 19/05 and the application period More ❯

strength, and actionable recommendations. Key Responsibilities Threat modelling and simulation Vulnerability assessments Ethical hacking of networks, operating systems, and web application Utilise tools for SIEM, Data Loss Prevention, and endpoint detection Collaborate with third-party vendors The role is open for applications from 19/05 and the application period More ❯

Key Responsibilities: Lead and manage the Security Operations Centre (SOC) Handle incident response (including drills, simulations, response actions) Oversee threat detection and monitoring (via SIEM tools) Drive vulnerability management Report security posture via dashboards and metrics Use Microsoft Sentinel, Defender, and KQL for threat detection and investigation Lead and develop … function within housing association/public sector. Strong experience with Microsoft Sentinel, Kusto (KQL), Azure Defender tools Hands-on incident response, threat monitoring, and SIEM use Knowledge of ISO 27001, GDPR, and NIST If you are interested, please apply immediately as first stage interviews are taking place this week. Alternatively More ❯

expert to local stakeholders in London. Conducts real-time and historical analysis using the full security suite owned by the business including Endpoint Protection, SIEM, Firewall, Endpoint Detection & Response, Intrusion Detection Systems, Email Gateway, Web Content Filtering & Identity Management technology. Conducts incident response triage analysis on suspected hosts to determine … potential ongoing attacks and its scope. Skills/Experience required: Expert familiarity with SOC operations, scheduling, and tools including SIEM, SOAR, and DFIR products. Knowledge of the incident response lifecycle and cybersecurity leading practices. Solid understanding of security policy construction and publication. In-depth knowledge of regulations (e.g., SOX, privacy More ❯

System Design Document HA/DR, including load balancing impacts on IvantiEPMM Create Low-Level Design incorporating EMMIntegrations, SNOW Integration, OSS and Event Logging, SIEM integration, ZimperiumMTD Design, build, configure, test, and implement Ivanti Endpoint Manager Mobile (EPMM) Application Architecture Job Requirements: Experience as an Architect, with a focus on … with Ivanti Endpoint Manager Mobile (EPMM) Understanding of High Availability (HA) and Disaster Recovery (DR) documentation Familiarity with EMM Integrations, OSS and Event Logging, SIEM integration, Ability to design, build, configure, test, and implement complex software solutions Excellent problem-solving and analytical skills Strong communication and collaboration skills Key background More ❯

of onboarding CNI and all other systems. Configuration of all infrastructure including AWS - EC2, S3 buckets, SQS queues is also required. You must have SIEM Engineering and Architecture skills, specifically in Splunk SaaS. Full end to end experience of delivery lifecycle experience for improvements to Splunk SaaS is also essential. … You must have experience of defining improvements within Cyber departments, particularly, SIEM improvements within Cyber Security Operations Centre (CSOC) functions that result in an increase in SIEM Maturity Levels. Please apply ASAP to discuss further. More ❯