1 to 25 of 29 SIEM Jobs in the East of England

Role Overview: Utilising knowledge of security operations, incident response, and detection engineering, you will be responsible for the delivery of SIEM detections and security automations. The successful candidate will be proficient in automation and orchestration tools (e.g., SOAR platforms, scripting languages like Python, PowerShell) and have experience with integrating security tools (e.g., SIEM, EDR, firewalls) APIs, and Case Management tools … for data enrichment. Responsibilities: Build security automations, logging, and SIEM detections to improve the CDO's efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline CDO operations, including incident response, threat hunting, cyber threat intelligence and vulnerability management. Collaborate with CDO analysts to identify repetitive tasks and automate them to improve operational efficiency. … Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions. Continuously evaluate automation solutions for performance, reliability, and scalability, making improvements, as necessary. Collaborate with third-party vendors and service providers to leverage automation opportunities and ensure successful integrations. Lead technical migration of log sources into More ❯

Security: Implement and monitor DNS security solutions to prevent cyber threats. Incident Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. Monitor, audit, and improve infrastructure security posture using automated tooling. Policy & Procedures: Define and enforce security policies, incident response strategies, and structured … with Terraform for IaC security automation. Knowledge of DevOps pipelines (CI/CD) and security hardening. Deep understanding of PCI DSS compliance, security frameworks, and audit processes. Familiarity with SIEM solutions, security orchestration platforms, and log management. Strong experience with incident response planning, threat detection, and mitigation. Ability to define security policies, procedures, and structured action plans for compliance and More ❯

Security: Implement and monitor DNS security solutions to prevent cyber threats. Incident Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. Monitor, audit, and improve infrastructure security posture using automated tooling. Policy & Procedures: Define and enforce security policies, incident response strategies, and structured … with Terraform for IaC security automation. Knowledge of DevOps pipelines (CI/CD) and security hardening. Deep understanding of PCI DSS compliance, security frameworks, and audit processes. Familiarity with SIEM solutions, security orchestration platforms, and log management. Strong experience with incident response planning, threat detection, and mitigation. Ability to define security policies, procedures, and structured action plans for compliance and More ❯

NAC, IPS/IDS, and SD-WAN. Understanding of Zero Trust Architecture, microsegmentation, and secure cloud networking (e.g., Azure, AWS, GCP). Experience with security information and event management (SIEM), threat intelligence, and vulnerability management. Excellent communication and documentation skills, with the ability to influence and educate stakeholders. Relevant certifications strongly preferred (e.g., CISSP, CCNP Security, CCIE Security, GIAC, Azure More ❯

start ASAP, based in Cambridge ( Hybrid), Inside IR35 Role Overview: Utilising knowledge of security operations, incident response, and detection engineering, you will be responsible for the delivery of Microsoft SIEM detections and security automations. The successful candidate will be proficient in automation and orchestration tools (e.g., SOAR platforms, scripting languages like Python, PowerShell, KQL) and have experience with integrating security … tools (e.g., SIEM, EDR, firewalls) APIs, and Case Management tools for data enrichment. Key Skills and Experience Experience contributing to large-scale, sprint-based, security automation and detection engineering projects in a SOC/Cyber Defense or similar environment Recent hands-on experience with managing and implementing Microsoft Sentinel log sources and detection, with knowledge of the related technical best … with at least 5 years in a technical role in security operations and/or security software development. Solid understanding of security operations, automations standard processes, detection engineering and SIEM management. Experience with cloud security tools and platforms and their integration into SOC operations. Responsibilities: Lead technical migration of log sources into Microsoft Sentinel SIEM. Build security automations, logging, and More ❯

start ASAP, based in Cambridge ( Hybrid), Inside IR35 Role Overview: Utilising knowledge of security operations, incident response, and detection engineering, you will be responsible for the delivery of Microsoft SIEM detections and security automations. The successful candidate will be proficient in automation and orchestration tools (e.g., SOAR platforms, scripting languages like Python, PowerShell, KQL) and have experience with integrating security … tools (e.g., SIEM, EDR, firewalls) APIs, and Case Management tools for data enrichment. Key Skills and Experience Experience contributing to large-scale, sprint-based, security automation and detection engineering projects in a SOC/Cyber Defense or similar environment Recent hands-on experience with managing and implementing Microsoft Sentinel log sources and detection, with knowledge of the related technical best … with at least 5 years in a technical role in security operations and/or security software development. Solid understanding of security operations, automations standard processes, detection engineering and SIEM management. Experience with cloud security tools and platforms and their integration into SOC operations. Responsibilities: Lead technical migration of log sources into Microsoft Sentinel SIEM. Build security automations, logging, and More ❯

with complicated security-related concepts to technical and non-technical audiences. Proficient in the use of PowerBI or a similar dashboarding application. Knowledge of security systems (including working with SIEM data). SQL or database knowledge would be desirable. Relevant certifications such as CISSP, CISM, or CRISC (or equivalent) are preferred. Proven experience in managing and delivering technical projects and More ❯

in security-aligned projects (e.g. PAM, MFA, vulnerability remediation Solid understanding of security operations principles, including the incident response lifecycle. Familiarity with detection and response technologies (e.g. EDR, antivirus, SIEM, vulnerability scanners). Knowledge of key cybersecurity frameworks and standards (e.g. NIST CSF, CIS Controls). Ability to analyse and interpret technical security alerts and logs. Understanding of endpoint, server More ❯

and log management. Experience analysing log data and network security events. Desirable Skills: Understanding of static malware analysis and reverse engineering. CREST Practitioner Intrusion Analyst certification. Familiarity with additional SIEM tools such as QRadar. Benefits: 25 days annual leave, with the option to purchase more Health cash plan Life assurance Pension scheme Generous flexible benefits fund More ❯

e.g. GxP and that Tech continuity plans are in place for all critical areas. People Management: Collaborate with internal owners of security technologies such as antivirus, IDS/IPS, SIEM, endpoint detection & response, configuration management, privileged identity management, etc. Why you? Basic Qualifications: We are looking for professionals with these required skills to achieve our goals: Bachelor's Degree - Technical More ❯

nights (6pm6am), 4 days off . Essential Skills and Experience: Proven experience in a Security Operations Centre (SOC) environment Previous people management or line management experience Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk Knowledge and use of the Mitre Att&ck Framework for detection and threat analysis In-depth understanding of: Client-server applications and multi-tier … Active DV Clearance Scripting or programming with Python , Perl , Bash , PowerShell , or C++ Recognised certifications such as CREST Practitioner Intrusion Analyst or Blue Team Level 1 Familiarity with additional SIEM technologies, especially QRadar Role & Responsibilities As a SOC Shift Lead , you will ensure the smooth operation and continual enhancement of SOC processes and personnel. You will play a pivotal role More ❯

nights (6pm6am), 4 days off . Essential Skills and Experience: Proven experience in a Security Operations Centre (SOC) environment Previous people management or line management experience Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk Knowledge and use of the Mitre Att&ck Framework for detection and threat analysis In-depth understanding of: Client-server applications and multi-tier … Active DV Clearance Scripting or programming with Python , Perl , Bash , PowerShell , or C++ Recognised certifications such as CREST Practitioner Intrusion Analyst or Blue Team Level 1 Familiarity with additional SIEM technologies, especially QRadar Role & Responsibilities As a SOC Shift Lead , you will ensure the smooth operation and continual enhancement of SOC processes and personnel. You will play a pivotal role More ❯

engineering. DV Clearance. Programming and scripting such as Python, Perl, Bash, PowerShell, C++. CREST Practitioner Intrusion Analyst/Blue Teams Level 1 or other SOC related certifications. Experience with SIEM technologies, namely Sentinel and Splunk, with some experience with QRadar. If you are interested in this role but not sure if your skills and experience are exactly what were looking More ❯

engineering. DV Clearance. Programming and scripting such as Python, Perl, Bash, PowerShell, C++. CREST Practitioner Intrusion Analyst/Blue Teams Level 1 or other SOC related certifications. Experience with SIEM technologies, namely Sentinel and Splunk, with some experience with QRadar. If you are interested in this role but not sure if your skills and experience are exactly what were looking More ❯

Advice: Provide guidance on the selection, implementation, and optimization of security tools such as firewalls, intrusion detection systems (IDS), intrusion prevention systems (IPS), and security information and event management (SIEM) systems. Support Security Architecture & Design: Assess the design, implementation, and maintenance of developed products to protect against threats and vulnerabilities. Security Awareness Training: Promote security awareness within the sector through More ❯

in malware analysis or reverse engineering. Experience with scripting or programming (Python, PowerShell, Bash, etc.). Relevant SOC certifications (e.g., CREST, Blue Team Level 1). Exposure to additional SIEM tools such as QRadar. Benefits: 25 days annual leave (plus option to purchase more). Health cash plan, life assurance, and company pension. Flexible benefits fund tailored to your lifestyle More ❯

and Storage Spaces Direct HPE Hardware Design of Highly Available Systems Experience in - Delivering projects and solutions from inception to completion Any experience with the following software products: Rubrik SIEM Solarwinds Zabbix Grafana Azure DevOp’s Jenkins What can we do for you? The majority of this role will be remote(Hybrid) but will require some travel to our bright More ❯

Security Automation Engineer (SOAR Engineer) A Global Organisation requires a Contract SOAR Engineer to improve the current SOC's efficiency by developing security automations, logging mechanisms, and SIEM detection rules - enhancing the SOC efficiency. Day Rate: £750 - £810pd IR35 Status: Inside Duration: 6 months initially Travel: 2 days a week in Hertfordshire This Security Automation Engineer will have the previous More ❯

Security Automation Engineer (SOAR Engineer) A Global Organisation requires a Contract SOAR Engineer to improve the current SOC's efficiency by developing security automations, logging mechanisms, and SIEM detection rules - enhancing the SOC efficiency. Day Rate: £750 - £810pd IR35 Status: Inside Duration: 6 months initially Travel: 2 days a week in Hertfordshire This Security Automation Engineer will have the previous More ❯

Security Automation Engineer (SOAR Engineer) A Global Organisation requires a Contract SOAR Engineer to improve the current SOC's efficiency by developing security automations, logging mechanisms, and SIEM detection rules - enhancing the SOC efficiency. Day Rate: £750 - £810pd IR35 Status: Inside Duration: 6 months initially Travel: 2 days a week in Hertfordshire This Security Automation Engineer will have the previous More ❯

lead across 3 main areas – 1) Log Onboarding, 2) Advanced KQL for Detection Engineering, and 3) Automation in Logic Apps. What You’ll Be Doing: Creating slick automations and SIEM detections to boost their incident response game. Leading the charge on integrating log sources into Microsoft Sentinel. Designing and maintaining workflows and playbooks for everything from threat hunting to vulnerability … incident response, and attack surface management to fine-tune our detections. Key Skills Required: Sentinel expertise, delivering technical solutions within large, complex businesses Security operations, automation best practices, and SIEM management. Advanced KQL skills Advanced Logic Apps experience A track record of contributing to large-scale security automation projects. Working Policy Hybrid working places are in place for this role More ❯

lead across 3 main areas – 1) Log Onboarding, 2) Advanced KQL for Detection Engineering, and 3) Automation in Logic Apps. What You’ll Be Doing: Creating slick automations and SIEM detections to boost their incident response game. Leading the charge on integrating log sources into Microsoft Sentinel. Designing and maintaining workflows and playbooks for everything from threat hunting to vulnerability … incident response, and attack surface management to fine-tune our detections. Key Skills Required: Sentinel expertise, delivering technical solutions within large, complex businesses Security operations, automation best practices, and SIEM management. Advanced KQL skills Advanced Logic Apps experience A track record of contributing to large-scale security automation projects. Working Policy Hybrid working places are in place for this role More ❯

end to end network infrastructure automation capabilities Proficiency in configuring, managing, and troubleshooting firewalls. Cisco, Palo Alto etc, Experience with intrusion detection/prevention systems, as well as with SIEM tools and security incident response. Design and implement secure network architectures, including firewalls, intrusion detection/prevention systems, and encryption technologies. Must have very strong communication skills to manager senior More ❯

Our client is currently seeking to appoint an experienced Security & Network Engineer to strengthen their team in their Ipswich offices. You will be member of the IT Operations team, supporting the delivery of vital projects and the production and presentation More ❯

clients across defence, aerospace, and national security. Whether you’re an experienced analyst or an ambitious junior ready to move up, this is your opportunity to work with leading SIEM platforms like Microsoft Sentinel and Splunk in a dynamic, threat-rich environment that never stands still. What You’ll Be Doing Monitoring and triaging alerts across secure environments Investigating complex … teams Staying one step ahead of attackers by integrating evolving threat intel What We’re Looking For Proven hands-on experience in a SOC environment Strong working knowledge of SIEM tools, especially Microsoft Sentinel or Splunk Solid understanding of core network protocols and modern security architecture DV clearance eligibility (must have lived in the UK for 10+ years) Aa a More ❯