326 to 350 of 363 SIEM Jobs in England

Discover and vault service/application/shared accounts Configure session proxies, Just-in-Time access, and break-glass procedures Integrate PAM with SIEM and Active Directory/Entra ID Manage upgrades, patches, and troubleshoot platform issues Maintain documentation, policies, and runbooks Support audit and compliance reporting Essential Requirements: Hands … Credential vaulting, password rotation, and session monitoring experience Onboarding Windows, Linux/Unix, and network devices to PAM Knowledge of AD privileged accounts and SIEM integration Understanding of ISO 27001/NIST CSF frameworks Strong troubleshooting and documentation skills Desirable: Degree in InfoSec, CS, or STEM Beyond Trust certifications Experience ...

real time, and driving continuous improvement across a modern IT environment. Key Responsibilities Own and manage the organisation's cyber security tooling including firewalls, SIEM, IPS, endpoint protection, vulnerability management, and threat monitoring. Support and maintain core network infrastructure across LAN/WAN, Layer 2/3 networking … operational stability, compliance, documentation, and high service standards. Experience Required Strong experience across cyber security operations and network infrastructure. Hands-on knowledge of firewalls, SIEM tools, endpoint security, and networking technologies. Experience responding to security incidents and managing vulnerabilities. Strong troubleshooting and problem-solving capabilities. Relevant certifications such as Security+ ...

Support complaint management and relationship recovery where required, always with the customer experience front of mind. Security Operations & Incident Support Provide expert guidance on SIEM/XDR services, detection strategies and operational uplift. Support incident response activities, from investigation through to lessons learned and improvement planning. Analyse incidents, logs, integrations … leadership. Lead SecOps meetings, operational reviews and security consultations. Technical Experience & Skills Microsoft & Azure Security Defender for Endpoint/Server/365 Office 365 SIEM/Observability Hands-on experience with Microsoft Sentinel Experience with Datadog or similar observability platforms Security Tooling Cloud Security Strong understanding of cloud security principles ...

real time, and driving continuous improvement across a modern IT environment. Key Responsibilities Own and manage the organisation's cyber security tooling including firewalls, SIEM, IPS, endpoint protection, vulnerability management, and threat monitoring. Support and maintain core network infrastructure across LAN/WAN, Layer 2/3 networking … operational stability, compliance, documentation, and high service standards. Experience Required Strong experience across cyber security operations and network infrastructure. Hands-on knowledge of firewalls, SIEM tools, endpoint security, and networking technologies. Experience responding to security incidents and managing vulnerabilities. Strong troubleshooting and problem-solving capabilities. Relevant certifications such as Security+ ...

technologies and play a hands-on role in building a more resilient and secure environment. Key Responsibilities Take ownership of monitoring and developing SIEM activity across the environment, helping to improve detection capability over time Manage and enhance endpoint and threat detection tooling (including EDR, XDR, and MDR platforms … backup, disaster recovery, and data protection measures Skills & Experience: Demonstrable experience in a cybersecurity or infrastructure-focused security role Practical, hands-on exposure to SIEM platforms and vulnerability management tools Strong understanding of endpoint detection and response technologies (EDR, XDR, MDR) Good working knowledge of common cyber threats, attack methods ...

Responsibilities Security Tooling Operations Monitor, triage, and investigate alerts across core platforms including Wiz, Zscaler, and CrowdStrike Security Operations Perform daily alert reviews across SIEM and security tooling Contribute to runbooks, playbooks, and operational documentation Support threat intelligence analysis and apply findings to detection and response activities Work closely with … CrowdStrike Falcon Zscaler Wiz Experience working in a Security Operations or SOC environment Proven experience in alert triage, incident investigation, and response Familiarity with SIEM platforms and security telemetry analysis Understanding of cloud security concepts (Azure, AWS, or GCP) Desirable Skills Knowledge of MITRE ATT&CK or Cyber Kill Chain ...

enhancing detection efficacy, reducing false positives, and ensuring robust coverage against evolving threat landscapes. Key Responsibilities Design and implement detection use cases across SIEM and SOAR platforms using threat intelligence and incident data Develop, map, and maintain detection logic aligned to MITRE ATT&CK frameworks Continuously tune and optimise correlation … evolve a repository of use cases, KPIs, and SOC performance metrics Requirements 3+ years of commercial experience in SOC content engineering, detection engineering, or SIEM administration Strong commercial experience with Splunk Strong hands-on experience with SIEM platforms and query languages (e.g. SPL, KQL) Solid understanding of detection engineering principles ...

with BAE Systems in Preston on helping them source a Systems Administrator that has a couple of years' experience working with Linux (RHEL) and SIEM technologies. About the Role This role focuses on the day-to-day administration, monitoring, and support of Red Hat Linux servers within an enterprise environment. … system health, troubleshooting issues, and ensuring reliable performance across both Linux and Windows platforms. Alongside core system administration duties, you'll support security tooling (SIEM and SOAR), ensuring systems are correctly configured to collect, process, and deliver accurate data. You'll also help onboard new systems and data sources, ensuring ...

rotational basis. Develop and tune detection rules to improve alert quality and reduce false positives. Write and optimise queries (e.g., KQL) across SIEM platforms. Collaboration & Support: Work closely with internal teams and third-party providers to investigate and resolve incidents. Support MSSP interactions and escalations where required. Participate in incident …/Tier 3 preferred). Strong background in incident investigation and response. Experience handling escalated alerts and security tickets. Technical Skills: Experience with SIEM platforms (e.g., Microsoft Sentinel). Experience with EDR/XDR tools (e.g., CrowdStrike). ServiceNow or similar ITSM/SecOps platforms. Ability to write and optimise ...

SIEM Engineer – Watford, UK Up to £85,000 salary depending on experience Full time onsite role in Watford DV clearance required ABOUT THE CLIENT Our client is a highly respected technology and security services provider supporting organisations operating in complex and security critical environments. Their teams design and deliver advanced … ensure the right controls, tooling and processes are in place to protect critical systems and data. You will take ownership of detection engineering, SIEM platform performance and the full lifecycle of security detection content, ensuring security monitoring remains effective, scalable and reliable. Key responsibilities include: Acting SME on Splunk Enterprise ...

security monitoring strategy and best practice. What you will bring: Proven experience deploying and managing Splunk at enterprise scale. Strong hands-on knowledge of SIEM engineering, including indexing, parsing, onboarding and performance tuning. Experience designing and optimising detection content, including MITRE ATT&CK-aligned use cases and alert tuning … experience with KQL and EQL would be beneficial, but is not essential. Experience with automation and Infrastructure-as-Code within security monitoring or SIEM environments. Solid understanding of SIEM platform operations, including clustering, scaling, high availability, disaster recovery and performance optimisation. Strong problem-solving skills and a proactive approach ...

solution deployment.Should have experience in configuring and managing security products such as firewalls, intrusion detection/prevention systems (IDS/IPS), SIEM (Security Information and Event Management) systems, Log Collector and Identity Management solution.Should have customer facing skills and lead security discussion with customers.You will bringA bachelor’s degree ...

ability to apply it to a variety of business situations. Desirable Expert knowledge of concept, procedures and processes of Security Information and Event Management (SIEM); ability to utilise related applications to protect organisational networks from cyber risks. Qualifications Essential Masters level degree in Cyber Security a relevant subject, or equivalent ...

MSPs to ensure security controls are implemented and sustained. Contribute to governance artefacts - policies, standards and documentation that underpin OT security. Support integration with SIEM/SOC functions for OT environments. What our client is looking for Strong OT security experience within ICS or critical infrastructure - ideally from … process industries. Hands-on experience implementing OT security strategies, policies and standards. Solid understanding of OT networks, segmentation and common industrial protocols. Familiarity with SIEM/SOC integration for OT environments. Experience working with operations/engineering teams and advising MSPs or third-party security providers. Excellent communication and documentation ...

investigations and incident response for OT-related cyber events Analyse industrial network traffic to identify anomalies, threats and protocol misuse Integrate OT telemetry into SIEM and EDR platforms to enhance visibility and correlation Support secure by design initiatives for new OT systems, including segmentation and access control validation Assess vulnerabilities … control systems (ICS) - including SCADA, PLCs, DCS Hands-on experience with OT security tools (e.g. Claroty, Nozomi, Dragos or similar NDR platforms) Experience with SIEM, EDR and network traffic analysis Background in incident response, threat detection and security monitoring within OT or converged environments Understanding of network segmentation, secure remote ...

resilient, efficient, and aligned to evolving threat landscapes. A key part of the role is leading complex deployments and providing technical direction across SIEM, EDR, SOAR, and supporting technologies. You’ll oversee platform health through proactive lifecycle management, including patching, upgrades, and service transitions, while driving improvements in detection, automation … security technologies and platform engineering. Strong hands-on experience with Microsoft Sentinel, Defender XDR, and Azure security services Proven ability to design and operate SIEM, EDR, SOAR, and log management solutions at scale Expertise in KQL for detection engineering, tuning, and performance optimisation Experience building and maintaining automation using Logic ...

events, alerts and incidents across cloud, platform, and application layers. Execute vulnerability scanning, patch assurance and configuration compliance checks. Maintain security tooling such as SIEM, EDR, vulnerability scanners, and cloud-native controls. Support ISO 27001 control operation and evidence collection. Ensure compliance with MoD security standards including JSP 440 and … Support improvement of SecOps processes, SOPs and monitoring automation. Essential Skills Experience operating within a Security Operations or SecOps function Hands-on experience with SIEM (e.g. ELK), EDR and vulnerability tooling Experience securing Linux and Windows environments Understanding of ISO 27001 and secure configuration principles Experience supporting cloud or virtualised ...

Senior Network and Security Analyst - L2/L3 Network Infrastructure - Cyber Security - SIEM tools My client who are leaders in their field are looking for a Senior Cyber Security and Network Analyst to provide effective and timely operational support, development and management of the IT network and security infrastructure … cyber security and network infrastructure, ensuring systems remain secure, resilient, and aligned to business needs Manage day-to-day security operations, including monitoring SIEM platforms, firewalls, endpoint protection, and threat detection tools Investigate security incidents and vulnerabilities, recommending and implementing corrective actions where required Maintain and support network technologies including ...

design, implementation, and optimisation of security monitoring platforms feeding into a central SOC. This is a hands-on leadership role focused on building scalable SIEM solutions and strengthening client security posture. Key Responsibilities Lead design and deployment of security monitoring tools (Elastic & Splunk) Build and optimise large-scale log ingestion … using KQL, EQL, and SPL Drive detection engineering lifecycle aligned to MITRE ATT&CK Implement automation, CI/CD, and Infrastructure as Code for SIEM platforms Ensure platform performance, scalability, and resilience (HA/DR, clustering) Collaborate with stakeholders to assess risk and deliver security improvements Essential Skills & Experience Proven ...

looking for Strong experience with: Juniper (LAN switching, SRX) Palo Alto firewalls Enterprise networking environments Managing engineers/leading teams Working with EDR & SIEM tools Engaging technical & non-technical stakeholders Exposure to cloud networking Tech environment Cisco (current) → migrating to Juniper Meraki wireless Windows + Ubuntu (Nutanix/AHV) SIEM ...

rapidly expanding team investing in new capabilities and empowering analysts to develop and progress Key Responsibilities Deliver high‐quality security analysis by reviewing SIEM outputs and taking appropriate investigative and response actions Drive improvements across monitoring capability, processes, and tooling Engage confidently with a wide range of stakeholders, from technical … security challenges Act as an escalation point for junior analysts and manage incidents through investigation to response Essential Skills & Experience Strong experience working with SIEM technologies such as Splunk, ArcSight, LogRhythm, or AlienVault Solid understanding of how to maximise the value of security tooling Exposure to building SOC capability and ...

growing, well‐funded team investing in new capability, and in you 🔍 What you’ll be doing Deliver high‐quality, in‐depth security analysis from SIEM alerts through to investigation and response Actively drive improvements in monitoring coverage, detection quality, and SOC effectiveness Engage confidently with stakeholders at all technical levels … leadership to complex security challenges Serve as a point of escalation, supporting and guiding junior analysts 🧠 What you’ll bring Hands‐on experience with SIEM platforms such as Splunk, ArcSight, LogRhythm, or AlienVault A strong understanding of how to get real value from security tooling Experience building capability and consulting ...

and prospective clients. Acting as the final escalation point for on-call incidents (rota-based, paid on-call). Supporting service improvement initiatives across SIEM, EDR, email security and associated detection and response tooling. Developing and maintaining customer relationships to promote a partnership between Littlefish and the end client. What … Operations. Previous experience leading or mentoring a technical security team. Strong exposure to customer facing security services and contractual delivery. Hands on experience with SIEM, IDP, ITDR, EDR and email security platforms. Proven ability to mentor analysts at varying levels of experience. Strong understanding of modern cyber threats, attack techniques ...

leading banking organisation based in the City of London is seeking an experienced Cyber Project Manager to lead strategic cybersecurity transformation initiatives focused on SIEM modernisation, Splunk SaaS migration, and UEBA implementation. This is a highly visible role within the Cyber Security Transformation team, requiring strong stakeholder engagement across security … stakeholders across the bank. Requirements Required Experience Proven experience delivering enterprise-scale cyber security projects within banking or financial services environments. Strong experience managing SIEM transformation or migration programmes. Previous experience delivering Splunk Cloud/SaaS migration projects. Understanding of SOC operations, detection engineering, and security monitoring concepts. Experience delivering ...

support issues Supporting and mentoring Tier 1 Engineers Troubleshooting Microsoft 365, Azure and infrastructure issues Investigating and responding to security alerts from SOC/SIEM platforms Supporting Cisco Meraki networking environments Managing issues through to resolution with clear customer communication throughout Identifying recurring technical or service trends and helping improve … teams where required Technical Environment Microsoft 365 Azure Windows Server/Active Directory Cisco Meraki Endpoint Manager/Intune MFA/Security tooling SIEM/EDR platforms Hyper-V Windows, Mac, iPhone and Android device support What They're Looking For Previous experience in a 2nd Line Support or Escalation ...