18 of 18 SIEM Jobs in Hampshire

creation, and threat modelling. The Senior SOC Engineer will play a key role in building and optimising detection and response strategies, ensuring robust protection against evolving threats. Key Responsibilities SIEM Engineering & Management Deploy, configure, and maintain the QRadar SIEM platform. Onboard and normalise log sources across on-premises and cloud environments. Develop and optimise analytical rules for threat detection, anomaly … Modelling & Use Case Development Lead threat modelling exercises using frameworks such as MITRE ATT&CK, STRIDE, and Cyber Kill Chain. Translate threat models into actionable detection use cases and SIEM rules. Prioritise detection engineering based on business risk and impact. Reporting & Collaboration Produce reports and dashboards to communicate security posture and incident trends. Partner with IT, DevOps, and compliance teams … to clients. Participate in continual service improvement initiatives, recommending changes to address recurring incidents. Skills & Qualifications Eligible for, or already holding, SC Clearance. Proven expertise in IBM QRadar and SIEM engineering. Strong knowledge of log formats, parsing, and normalisation. Proficiency in SIEM query languages such as KQL, SPL, AQL. Scripting experience with Python or PowerShell for automation. Deep understanding of More ❯

creation, and threat modelling. The Senior SOC Engineer will play a key role in building and optimising detection and response strategies, ensuring robust protection against evolving threats. Key Responsibilities SIEM Engineering & Management Deploy, configure, and maintain the QRadar SIEM platform. Onboard and normalise log sources across on-premises and cloud environments. Develop and optimise analytical rules for threat detection, anomaly … Modelling & Use Case Development Lead threat modelling exercises using frameworks such as MITRE ATT&CK, STRIDE, and Cyber Kill Chain. Translate threat models into actionable detection use cases and SIEM rules. Prioritise detection engineering based on business risk and impact. Reporting & Collaboration Produce reports and dashboards to communicate security posture and incident trends. Partner with IT, DevOps, and compliance teams … to clients. Participate in continual service improvement initiatives, recommending changes to address recurring incidents. Skills & Qualifications Eligible for, or already holding, SC Clearance. Proven expertise in IBM QRadar and SIEM engineering. Strong knowledge of log formats, parsing, and normalisation. Proficiency in SIEM query languages such as KQL, SPL, AQL. Scripting experience with Python or PowerShell for automation. Deep understanding of More ❯

organisational procedures and business continuity plans. Operate tools and processes to identify vulnerabilities and support timely patching across systems and infrastructure. Configure and maintain security tools and systems (eg SIEM, Firewalls) in accordance with defined policies and procedures. Support the production of security metrics and documentation; share knowledge and best practice with colleagues to promote security awareness. Skills and experience More ❯

organisational procedures and business continuity plans. Operate tools and processes to identify vulnerabilities and support timely patching across systems and infrastructure. Configure and maintain security tools and systems (e.g. SIEM, firewalls) in accordance with defined policies and procedures. Support the production of security metrics and documentation; share knowledge and best practice with colleagues to promote security awareness. Skills and experience More ❯

sized organisation Hands-on experience in the management of IDS/IPS, Firewalls, VPN, EDR/XDR, mail filtering and other security products Experience of Security Information Event Management (SIEM) tools Any experience or knowledge of ISO27001 as well as with penetration testing/vulnerability scanning would be highly advantageous The list above is important, but not as important as More ❯

and vulnerability management experience Leadership of technical teams within high-security environments Strong knowledge of threat actor tactics, techniques, and procedures (TTPs) Familiarity with tools such as Cobalt Strike, SIEM, and vulnerability scanning platforms Active DV clearance (or willingness to achieve it) The package Competitive salary + benefits Industry-leading training and certifications Opportunity to work on high-impact national More ❯

and vulnerability management experience Leadership of technical teams within high-security environments Strong knowledge of threat actor tactics, techniques, and procedures (TTPs) Familiarity with tools such as Cobalt Strike, SIEM, and vulnerability scanning platforms Active DV clearance (or willingness to achieve it) The package Competitive salary + benefits Industry-leading training and certifications Opportunity to work on high-impact national More ❯

Senior Sentinel SIEM Engineer Havant or Reading - (Hybrid - 1 day a week in the office) Duration: 6 months Contract - Inside IR35 Are you a seasoned SIEM (Security Information and Event Monitoring) Engineer looking to take your career to new heights? This company is seeking a talented and driven individual to join their dynamic team as a Senior Sentinel SIEM Engineer. … As the Senior Sentinel SIEM Engineer, you will be responsible for maintaining and enhancing the company's SIEM platform. This includes on boarding log sources, developing analytical rules, creating automation for triage and remediation, and integrating with other IT and Operational Technology platforms. You will be a key player in ensuring the security monitoring platform operates at optimal performance, scalability … plan and implement solutions for security monitoring. Design, implement, and maintain detection rules set to identify potential security threats. Scope, plan, and track log integration's to expand the SIEM platform's capabilities. Guide, develop, and grow the SIEM Engineering team, fostering a collaborative and innovative environment. Collaborate with the Threat Detection & Response team to ensure the SIEM platform supports More ❯

Senior SOC SIEM Content Engineer Hybrid: Farnborough (1–2 days a week on site) Clearance: Willing and able to get DV clearanceSenior SOC SIEM Content Engineer to join and large expanding SOC team supporting some of the most high-profile defence clients out there. The Senior SIEM Engineer will play a key role in the business building and tuning SIEM … covering rules, dashboards and reports.If you’re strong technically, know your way around SIEMs and want to use your skills to the full across multiple customers and projects, this SIEM Engineer role could be the move you’ve been looking for. What you’ll be doing Building, tuning and looking after SIEM content such as rules, dashboards, and reports, making … missed. Keeping an eye on the data, spotting issues early and helping us respond quickly. Working side by side with Analysts, Architects, PMs and Engineers to make sure the SIEM content hits the mark. Bringing the latest threat intel, vulnerabilities and attack methods into our set-up. Helping to shape and maintain security standards and procedures. What you’ll bring More ❯

Leading daily SOC operations, task prioritisation and shift management Acting as the escalation point for complex incidents and investigations Reviewing, tuning and enhancing detection rules, alerts and playbooks in SIEM/SOAR tools Providing mentorship and technical guidance to SOC analysts Driving post-incident reviews, root cause analysis and continuous improvement Conducting proactive threat hunting and supporting compliance/audit … response capability What you'll bring 3+ years' experience in a SOC or security operations role Strong knowledge of incident detection, response and threat analysis Hands-on experience with SIEM, SOAR and endpoint detection tools Excellent problem-solving, analytical and communication skills A degree in a relevant subject or equivalent experience Relevant certifications such as GCIA, GCIH, CEH or CompTIA More ❯

offers a great shift pattern, ensuring you regularly have 5 days off and at least 2 weekends off per month. Key Responsibilities: Deliver excellent and thorough security analysis, taking SIEM output and actioning it accordingly. Push for improvements across the overall monitoring capability. Engage with a wide range of stakeholders, with varying levels of technical understanding. Be flexible on location … wellbeing. Suggest ideas for improving CND’s own internal security posture. Be proactive with client requirements, offering guidance and input to highly technical challenges. Essential Skills: Experience working with SIEM tools such as ArcSight, Splunk, LogRhythm, or AlienVault. Understanding of how to get the best from available tooling. Exposure to building capability and consulting with customers to change their environment. More ❯

offers a great shift pattern, ensuring you regularly have 5 days off and at least 2 weekends off per month. Key Responsibilities: Deliver excellent and thorough security analysis, taking SIEM output and actioning it accordingly. Push for improvements across the overall monitoring capability. Engage with a wide range of stakeholders, with varying levels of technical understanding. Be flexible on location … wellbeing. Suggest ideas for improving CND’s own internal security posture. Be proactive with client requirements, offering guidance and input to highly technical challenges. Essential Skills: Experience working with SIEM tools such as ArcSight, Splunk, LogRhythm, or AlienVault. Understanding of how to get the best from available tooling. Exposure to building capability and consulting with customers to change their environment. More ❯

A SOC Analyst will be responsible for providing Protective Monitoring Services across a range of Secure Customers. They will be responsible for the day to day monitoring using various SIEM Tools (Qradar, Sentinel & LogRhythm). Some of the responsibilities that come along with this role include the following: Security Analytics Incident investigation, triage and escalation Threat monitoring and response Trend … other team members including SOC engineers and Service Managers. Skills required: Microsoft Certified: Security Operations Analyst Associate Certification (SC200) is a mandatory requirement for role fulfilment Experience working with SIEM technologies and security tooling An understanding of IT Infrastructure and Networking An understanding of vulnerability and threat management An understanding of the incident response lifecycle T he ability to work More ❯

We are passionate about training, technology and career development. Skills required: Microsoft Certified: Security Operations Analyst Associate Certification (SC200) is a mandatory requirement for role fulfilment Experience working with SIEM technologies and security tooling An understanding of IT Infrastructure and Networking An understanding of vulnerability and threat management An understanding of the incident response lifecycle T he ability to work … A SOC Analyst will be responsible for providing Protective Monitoring Services across a range of Secure Customers. They will be responsible for the day to day monitoring using various SIEM Tools (Qradar, Sentinel & LogRhythm). Some of the responsibilities that come along with this role include the following: Security Analytics Incident investigation, triage and escalation Threat monitoring and response Trend More ❯

continuous improvement of our security policies, procedures and controls. As part of the team, youll: Oversee the implementation and enforcement of security policies, standards and tools including endpoint protection, SIEM, SOC and vulnerability management systems. Conduct risk assessments and threat modelling, maintaining the IT risk register and supporting the deployment of security controls, aligned with regulatory and business requirements. Lead … thrives in a fast-paced, collaborative, results-driven environment. To excel in this role, youll bring: Strong understanding of network and system security Experience with security technologies such as SIEM, IDS/IPS, endpoint protection and encryption is desirable. Experience with auditing A natural ability to build rapport with clients and colleagues. Strong communication and relationship management skills. Your Rewards More ❯

hoc travel to other sites/data centres. The Role The Cyber Security Engineer will be joining the internal security team, monitoring and analysing real-time security events using SIEM tools to detect and respond to potential threats. The Cyber Security Engineer will conduct regular vulnerability assessments and penetration tests to identify and mitigate security risks and breaches, and will … virtualisation, etc. Hands-on experience in the management of IDS/IPS, Firewalls, VPN, EDR/XDR, mail filtering and other security products Experience of Security Information Event Management (SIEM) tools Any experience or knowledge of ISO27001 as well as with penetration testing/vulnerability scanning would be highly advantageous The list above is important, but not as important as More ❯

in infrastructure projects to develop, plan, and implement solutions for security monitoring. * Design, implement, and maintain detection rulesets. Scope, plan, and track log integrations. * Guide, develop, and grow the SIEM Engineering team. * Collaborate with the wider Threat Detection & Response team to ensure the SIEM platform meets their day-to-day needs and support incidents as necessary. What do you need … Proven hands-on SIEM Engineering background. * Extensive experience working with security logs across multiple domains - identity and access, network, system, data, application, cloud - and multiple product types. * Proficiency in data analysis and scripting languages (e.g., PowerShell, Python). * Strong Security Orchestration, Automation and Response (SOAR) knowledge. * Team leadership experience with great collaboration and stakeholder management skills What happens now? After … submitting your application for the Senior Sentinel SIEM Engineer role, we understand you're eager to hear back. We value your time and interest, and if your application is successful, you will be contacted directly by the team within 2 working days. We appreciate your patience and look forward to the possibility of welcoming you aboard. More ❯

hoc travel to other sites/data centres. The Role The Cyber Security Engineer will be joining the internal security team, monitoring and analysing real-time security events using SIEM tools to detect and respond to potential threats. The Cyber Security Engineer will conduct regular vulnerability assessments and penetration tests to identify and mitigate security risks and breaches, and will … sized organisation Hands-on experience in the management of IDS/IPS, Firewalls, VPN, EDR/XDR, mail filtering and other security products Experience of Security Information Event Management (SIEM) tools Any experience or knowledge of ISO27001 as well as with penetration testing/vulnerability scanning would be highly advantageous The list above is important, but not as important as More ❯