City Of London, England, United Kingdom Hybrid / WFH Options
Sarafin Partners
processes Developing and maintains documentation for security systems and procedures Responding to and, where appropriate, resolving or escalating reported security incidents Monitoring system logs, SIEM tools and network traffic for unusual or suspicious activity. Investigating and resolving security violations by providing postmortem analysis to illuminate the issues and possible solutions More ❯
london (city of london), south east england, united kingdom Hybrid / WFH Options
Sarafin Partners
processes Developing and maintains documentation for security systems and procedures Responding to and, where appropriate, resolving or escalating reported security incidents Monitoring system logs, SIEM tools and network traffic for unusual or suspicious activity. Investigating and resolving security violations by providing postmortem analysis to illuminate the issues and possible solutions More ❯
City of London, London, United Kingdom Hybrid / WFH Options
Cyber Talent Limited
security principles, protocols, and standards. Proficiency with DevOps and DevSecOps tools (e.g. GitLab CI/CD, Ansible, Terraform). Experience with security tools like SIEM/SOAR (preferably Rapid7), IDS/IPS, vulnerability scanners, and code analysis tools (SonarCloud, Snyk, Chekov) Strong knowledge of network security, encryption, identity and access More ❯
network protocols, ports, and services * Understanding of encryption algorithms AES, RSA etc * Knowledge of Public Key Infrastructure (PKI), SSL/TLS certificates * Basics of SIEM * Basics of OS Patching Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the More ❯
City of London, London, United Kingdom Hybrid / WFH Options
Goodman Masson
conducting vulnerability assessments, supporting audits, and helping to strengthen third-party security compliance. Key Responsibilities: Monitor security systems and investigate incidents Operate firewalls, EDR, SIEM tools, and encryption software Support vulnerability testing and risk analysis Assist with third-party vendor assessments and internal audits Contribute to the ongoing improvement of More ❯
staff. THE ROLE: Design and implement short and long-term strategic plans to ensure IT network Work closely with and monitor logs generated from SIEM & Sophos MTR Configuring, maintaining and implementing intrusion detection systems and firewalls, virtual private networks, web protocols, and email security Create and update all relevant Jira More ❯
Employment Type: Permanent
Salary: £70000 - £80000/annum Progression, Training, Company Benef
staff. THE ROLE: Design and implement short and long-term strategic plans to ensure IT network Work closely with and monitor logs generated from SIEM & Sophos MTR Configuring, maintaining and implementing intrusion detection systems and firewalls, virtual private networks, web protocols, and email security Create and update all relevant Jira More ❯
Employment Type: Permanent
Salary: £80000 - £95000/annum Progression, Training, Company Benef
Central London, London, United Kingdom Hybrid / WFH Options
Carrington Recruitment Solutions Limited
software development methodologies and practices Ability to Rapid Risk Assessment and Threat Modeling Other technical skills required: Azure Security Monitoring including Application Insights, andSIEM Excellent communication skills to guarantee stakeholder alignment and successful outcomes at all stages of Product delivery and ongoing support. This is a great opportunity andMore ❯
Central London, London, United Kingdom Hybrid / WFH Options
Carrington Recruitment Solutions Limited
software development methodologies and practices Ability to Rapid Risk Assessment and Threat Modeling Other technical skills required: Azure Security Monitoring including Application Insights, andSIEM Excellent communication skills to guarantee stakeholder alignment and successful outcomes at all stages of Product delivery and ongoing support This is a great opportunity andMore ❯
software development methodologies and practices Ability to Rapid Risk Assessment and Threat Modeling Other technical skills required: Azure Security Monitoring including Application Insights, andSIEM Excellent communication skills to guarantee stakeholder alignment and successful outcomes at all stages of Product delivery and ongoing support. This is a great opportunity andMore ❯
City of London, London, United Kingdom Hybrid / WFH Options
Matchtech
Active SC clearance required Role Overview We are seeking an experienced Splunk Engineer/Security Architect to lead strategic and tactical improvements to the SIEMand associated components across a large-scale hybrid security environment. You'll play a pivotal role in enhancing monitoring capabilities, driving SIEM convergence, and supporting … to a national programme improving the government's ability to detect and respond to cyber threats across multiple portfolios. You'll work alongside the SIEM Product Owner and CSOC teams to define and deliver architectural and engineering enhancements using Splunk SaaS and related technologies. Key Responsibilities Produce and maintain architecture … development aligned with CSOC and MITRE ATT&CK framework Attend and represent the project at key technical forums (ADF, TDA, workshops) Deliver improvements to SIEM architecture, use cases, automation, and data enrichment Improve onboarding processes for directorates and manage onboarding QA Lead integration of SOAR, Attack Analyzer, and other tooling More ❯
SSO, and Privileged Access Management (PAM). Lead threat monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel, andSIEM platforms. Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). Conduct regular security risk assessments, penetration tests, and … Single Sign-On (SSO), and Privileged Access Management (PAM). Threat Management & Incident Response: Ability to detect, respond to, and mitigate cyber threats using SIEM, endpoint security, and vulnerability management tools. Networking & Infrastructure Security: Understanding of firewalls, VPNs, SD-WAN, DNS security, endpoint protection, and cloud security controls. IT Service More ❯
City of London, London, United Kingdom Hybrid / WFH Options
83zero Limited
Strong documentation skills (Microsoft Word, Project, Visio) and a grasp of Enterprise Architecture methods like TOGAF (desirable). Familiarity with secure Internet solutions (firewalls, SIEM), LAN environments, and cloud architectures (public/private) is a plus. Knowledge of sector-specific networks such as HSCN, PSN, or JANET is highly advantageous. More ❯
/Open API specs for vulnerabilities Advise on secure API design patterns Familiar with fallback controls such as WAF's, API gateways Experience using SIEM/logging tools to track API threats Familiarity with NIST, OWASP SAMM, or internal security frameworks Experience producing risk dashboards/reports for API's More ❯
City of London, London, United Kingdom Hybrid / WFH Options
Korn Ferry
/Open API specs for vulnerabilities Advise on secure API design patterns Familiar with fallback controls such as WAF's, API gateways Experience using SIEM/logging tools to track API threats Familiarity with NIST, OWASP SAMM, or internal security frameworks Experience producing risk dashboards/reports for API's More ❯
Central London / West End, London, United Kingdom Hybrid / WFH Options
Korn Ferry
/Open API specs for vulnerabilities Advise on secure API design patterns Familiar with fallback controls such as WAF's, API gateways Experience using SIEM/logging tools to track API threats Familiarity with NIST, OWASP SAMM, or internal security frameworks Experience producing risk dashboards/reports for API's More ❯
london (city of london), south east england, united kingdom Hybrid / WFH Options
Korn Ferry
/Open API specs for vulnerabilities Advise on secure API design patterns Familiar with fallback controls such as WAF's, API gateways Experience using SIEM/logging tools to track API threats Familiarity with NIST, OWASP SAMM, or internal security frameworks Experience producing risk dashboards/reports for API's More ❯
london (west end), south east england, united kingdom Hybrid / WFH Options
Korn Ferry
/Open API specs for vulnerabilities Advise on secure API design patterns Familiar with fallback controls such as WAF's, API gateways Experience using SIEM/logging tools to track API threats Familiarity with NIST, OWASP SAMM, or internal security frameworks Experience producing risk dashboards/reports for API's More ❯
london (city of london), south east england, united kingdom Hybrid / WFH Options
SR2 | Socially Responsible Recruitment | Certified B Corporation™
strength, and actionable recommendations. Key Responsibilities Threat modelling and simulation Vulnerability assessments Ethical hacking of networks, operating systems, and web application Utilise tools for SIEM, Data Loss Prevention, and endpoint detection Collaborate with third-party vendors The role is open for applications from 19/05 and the application period More ❯
london (west end), south east england, united kingdom Hybrid / WFH Options
SR2 | Socially Responsible Recruitment | Certified B Corporation™
strength, and actionable recommendations. Key Responsibilities Threat modelling and simulation Vulnerability assessments Ethical hacking of networks, operating systems, and web application Utilise tools for SIEM, Data Loss Prevention, and endpoint detection Collaborate with third-party vendors The role is open for applications from 19/05 and the application period More ❯
Key Responsibilities: Lead and manage the Security Operations Centre (SOC) Handle incident response (including drills, simulations, response actions) Oversee threat detection and monitoring (via SIEM tools) Drive vulnerability management Report security posture via dashboards and metrics Use Microsoft Sentinel, Defender, and KQL for threat detection and investigation Lead and develop … function within housing association/public sector. Strong experience with Microsoft Sentinel, Kusto (KQL), Azure Defender tools Hands-on incident response, threat monitoring, andSIEM use Knowledge of ISO 27001, GDPR, and NIST If you are interested, please apply immediately as first stage interviews are taking place this week. Alternatively More ❯
expert to local stakeholders in London. Conducts real-time and historical analysis using the full security suite owned by the business including Endpoint Protection, SIEM, Firewall, Endpoint Detection & Response, Intrusion Detection Systems, Email Gateway, Web Content Filtering & Identity Management technology. Conducts incident response triage analysis on suspected hosts to determine … potential ongoing attacks and its scope. Skills/Experience required: Expert familiarity with SOC operations, scheduling, and tools including SIEM, SOAR, and DFIR products. Knowledge of the incident response lifecycle and cybersecurity leading practices. Solid understanding of security policy construction and publication. In-depth knowledge of regulations (e.g., SOX, privacy More ❯
System Design Document HA/DR, including load balancing impacts on IvantiEPMM Create Low-Level Design incorporating EMMIntegrations, SNOW Integration, OSS andEvent Logging, SIEM integration, ZimperiumMTD Design, build, configure, test, and implement Ivanti Endpoint Manager Mobile (EPMM) Application Architecture Job Requirements: Experience as an Architect, with a focus on … with Ivanti Endpoint Manager Mobile (EPMM) Understanding of High Availability (HA) and Disaster Recovery (DR) documentation Familiarity with EMM Integrations, OSS andEvent Logging, SIEM integration, Ability to design, build, configure, test, and implement complex software solutions Excellent problem-solving and analytical skills Strong communication and collaboration skills Key background More ❯
of onboarding CNI and all other systems. Configuration of all infrastructure including AWS - EC2, S3 buckets, SQS queues is also required. You must have SIEM Engineering and Architecture skills, specifically in Splunk SaaS. Full end to end experience of delivery lifecycle experience for improvements to Splunk SaaS is also essential. … You must have experience of defining improvements within Cyber departments, particularly, SIEM improvements within Cyber Security Operations Centre (CSOC) functions that result in an increase in SIEM Maturity Levels. Please apply ASAP to discuss further. More ❯