25 of 25 SIEM Jobs in Leeds

operation with four shift teams working in a standard rotation. They are responsible for utilising the SOC's Security Incident and Event Management (SIEM) toolsets to detect and investigate potential Security and Service Incidents occurring within the monitored networks. These roles require a minimum of SC clearance and be prepared More ❯

cause analysis, and provide incident response support Conduct regular vulnerability assessments and penetration testing; assist in remediation efforts Maintain and manage SIEM (Security Information and Event Management) tools and log analysis Develop and enforce security policies, standards, and procedures Work with IT and development teams to implement secure system designs … experience in an information security or cybersecurity role Strong understanding of security principles, frameworks, and practices (e.g., CIA triad, defense in depth) Experience with SIEM tools, intrusion detection/prevention systems (IDS/IPS), firewalls, and endpoint protection Familiarity with vulnerability scanning tools (e.g., Nessus, Qualys) and remediation processes Knowledge More ❯

environments (e.g., Azure) and end-user devices. Hands-on expertise with security tools and technologies, such as Defender for Cloud, Defender for Endpoint, and SIEM solutions. Solid background in implementing and managing security policies via Microsoft Intune and Group Policy (GPO) to secure endpoints and applications. Proven ability to monitor More ❯

experience working in cyber security, system engineering, or a similar role, with hands-on knowledge of security tools such as anti-malware, content filtering, SIEM and threat detection solutions . A strong understanding of Windows OS, Linux, and MacOS is essential, along with experience working with technology suppliers and outsourced More ❯

improvements. Prepare comprehensive reports for clients. Technical skills: Demonstrated experience in responding to and investigating incidents whilst utilizing various monitoring, detection and investigation tooling – SIEM, SOAR, EDR etc. Proficiency in log analysis of Networking, Windows, Mac and Linux and Cloud. Understanding of evidence collection process based on priority. Strong understanding More ❯

staff based on industry best practice. Experience in business growth and bid development is desirable. What We’re Looking for: Essential Experience in operating SIEM tools and vulnerability management software and being able to interpret and prioritise alerts, incidents and threat intelligence. Desirable Security Blue Team 1 or higher CompTIA More ❯

to transition into security and gain hands-on experience with cutting-edge technology. Gain hands on experience: - Threat Detection & Response – Monitor security alerts using SIEM platforms (Splunk, Sentinel, QRadar etc.) and act fast to counter potential threats. Incident Investigation – Analyse security incidents, conduct forensic investigations, and support remediation efforts. Vulnerability More ❯

Microsoft Purview, DLP, Azure security, compliance module etc Identity Access Management (IAM), Zero Trust strategy implementations, Microsoft Defender Anti-Virus or similar tools, XDR SIEM tools, IPS/IDS, Endpoint security, Firewalls, Email security Experience of project management, delivering quality projects on budget and on time Experience of the Financial More ❯

against basic and advanced threat actors. You will be responsible for the automation workflow design and use case development. You will work on the SIEM detection content development and false positive reduction. You will be in charge of robust and detailed incident response to threats, investigation, and triage of day More ❯

like Firewall Management, IDS/IPS, Email protection amongst others. In this role you will: Focus on the analysis of Security Incident Event Management (SIEM) data, which includes: Provide Deloitte firms with cybersecurity data. Assist Deloitte Global and Deloitte firms with data extraction for ISO and PCI audit requirements. Support … practices and metric reporting fundamentals. Experienced in manipulation of data sources and presentation in PowerBI. Desirable skills, qualifications, and experience: Qualified or experienced in SIEM solutions (ideally SPLUNK.) Microsoft related qualifications (Azure, Microsoft Windows, Microsoft SQL.) Qualified to ICS2 CC, CISM, CISSP or relevant Cybersecurity related qualification. Working knowledge of More ❯

The successful candidate will play a vital role in detecting, analysing, and responding to security threats using industry-leading Security Information and Event Management (SIEM) and orchestration tools. Due to the nature of the project applicants must hold an active SC Clearance and be eligible for enhanced clearance checks Key … Lead operational cyber defence activities across a 24/7 SOC environment. Deliver comprehensive shift handover briefings and ensure continuity across teams. Monitor and analyse SIEM alerts, logs, and network traffic to identify and respond to security threats. Triage and categorise incidents in accordance with established security policies. Detect and … platforms targeting common attack vectors. Drive continuous improvement by refining detection use cases and enhancing SOC processes. Technical Skills & Experience: Hands-on experience with SIEM tools such as Splunk (Enterprise Security) and Microsoft Sentinel. Proficiency in Python and scripting for automation and analysis tasks. Strong understanding of security architecture, especially More ❯

The successful candidate will play a vital role in detecting, analysing, and responding to security threats using industry-leading Security Information and Event Management (SIEM) and orchestration tools. Due to the nature of the project applicants must hold an active SC Clearance and be eligible for enhanced clearance checks Key … Lead operational cyber defence activities across a 24/7 SOC environment. Deliver comprehensive shift handover briefings and ensure continuity across teams. Monitor and analyse SIEM alerts, logs, and network traffic to identify and respond to security threats. Triage and categorise incidents in accordance with established security policies. Detect and … platforms targeting common attack vectors. Drive continuous improvement by refining detection use cases and enhancing SOC processes. Technical Skills & Experience: Hands-on experience with SIEM tools such as Splunk (Enterprise Security) and Microsoft Sentinel. Proficiency in Python and scripting for automation and analysis tasks. Strong understanding of security architecture, especially More ❯

scripting or programming languages. Practical knowledge and demonstrated experience in areas such as Data Loss Prevention (DLP), Data Privacy/Protection, DSPM/CSPM, SIEM, or vulnerability management is highly preferred. Proven success in a technical, customer-facing role within a software or SaaS company. Full spec available, please apply More ❯

/Open API specs for vulnerabilities Advise on secure API design patterns Familiar with fallback controls such as WAF's, API gateways Experience using SIEM/logging tools to track API threats Familiarity with NIST, OWASP SAMM, or internal security frameworks Experience producing risk dashboards/reports for API's More ❯

/Open API specs for vulnerabilities Advise on secure API design patterns Familiar with fallback controls such as WAF's, API gateways Experience using SIEM/logging tools to track API threats Familiarity with NIST, OWASP SAMM, or internal security frameworks Experience producing risk dashboards/reports for API's More ❯

This role offers an opportunity to work with market-leading vendors across networking (Cisco), data infrastructure (NetApp, IBM, cloud), and security solutions (NOC, SOC, SIEM) . While the focus is on new business development , there’s potential to inherit a small number of key accounts to support your success. What More ❯

Password Vault Web Access) PSM (Privileged Session Manager) AAM (Application Access Manager) Conjur (Secrets Management) Integrate CyberArk with other security tools and platforms (e.g., SIEM, IAM, ITSM). Configure and manage safes, platforms, and policies within CyberArk. 3. Operational Management: Monitor and maintain the CyberArk environment to ensure optimal performance … PVWA, PSM, AAM, Conjur). Strong understanding of privileged access management concepts and best practices. Experience with integrating CyberArk with other security tools (e.g., SIEM, IAM, ITSM). Proficiency in scripting languages (e.g., PowerShell, Python) for automation and customization. Excellent problem-solving and troubleshooting skills. Preferred: Experience with cloud platforms More ❯

strength, and actionable recommendations. Key Responsibilities Threat modelling and simulation Vulnerability assessments Ethical hacking of networks, operating systems, and web application Utilise tools for SIEM, Data Loss Prevention, and endpoint detection Collaborate with third-party vendors The role is open for applications from 19/05 and the application period More ❯

Job Title: SIEM Engineer Location: Remote Salary: £40,000 - £50,000 The Company An exciting opportunity has arisen at an award-winning Microsoft Partner for a SIEM Engineer. The business is a fast-growing, industry-leading managed service and managed security service provider, delivering to mid-sized and large enterprise … clients. This is a fantastic opportunity for a SIEM Engineer to continue developing their expertise in security platforms at an established Microsoft Partner. The company places strong emphasis on staff development, offering support for training and professional certifications. You’ll also gain exposure to cutting-edge technologies, working across security More ❯

SIEM Automation Engineer - Leading Microsoft MSSP An opportunity to work with one of the top 1% Microsoft MSSPs globally, where cutting-edge security solutions meet expert cyber defense. With a 16-person SOC team, this role offers the chance to automate, optimize, and strengthen security operations at scale. A key … with security analysts, engineers, and SOC teams to develop automated responses to cyber threats. Continuously improve security monitoring strategies and contribute to the overall SIEM architecture. Experience required: Proven experience working with Microsoft Sentinel and Defender for Endpoint. Strong proficiency in KQL for deep threat hunting and security analytics. Knowledge … of SIEM automation, playbooks, and integrations. Experience in cybersecurity operations, threat detection, and incident response. Passion for security automation and proactive cyber defense strategies. Paying up to 60k + on-call (65k total package) Remote based. Must be eligible for SC More ❯

You'll own and optimise enterprise-wide log onboarding into Microsoft Sentinel – deploying standard and custom connectors, Function Apps, and parsers to build tailored SIEM solutions that drive real-world threat detection and response. Log ingestion at scale across numerous hybrid and multi-cloud environments Enhance custom Function Apps and … Experience building and integrating complex Microsoft Sentinel at SMC and enterprise Understanding of security telemetry across identity, endpoint, cloud, and network layers Experience in SIEM content development, including KQL, analytics rules, and custom data connectors Scripting and engineering skills – Python, PowerShell, APIs, Function Apps A background in cyber threat detection More ❯

technologies. Create and maintain detection rules and logic to identify suspicious activity and potential security threats. Participate in the creation, implementation, and optimisation of SIEM event correlation rules, logic, and content to filter out security events associated with known network behaviour, false positives, and errors. Support the transition of project … technologies such as NDR/content filtering/FW/IPS/IDS/DDOS, EDR/MDR, DAST/SAST, Identity Access Management, SIEM & SOAR, log management. Preferable experience in Azure, AWS, Defender, Darktrace. Experience and technical knowledge in multiple areas of cyber defence operations. Experience as a Cyber More ❯

I am currently supporting a business engaged in the setup and deployment of a new Security Information and Event Management (SIEM) solution. The scope of work includes replacing the existing Trend Micro infrastructure and rolling out CrowdStrike across all server environments to enhance threat detection and response capabilities. Job Title … Job Type: 3 month Contract Contract: Outside I35 Location: Remote Responsibilities: Collaborate with delivery teams and the client to develop SOC playbooks supporting both SIEM and SOC operations. Design and implement SOAR workflows to automate incident response processes. Configure correlation searches and alerting mechanisms, optimising rules to minimise false positives. … Serve as the Subject Matter Expert (SME) for SIEM deployment, supporting data ingestion from sources such as AWS and Qualys. Assist in the integration of SIEM alerts with Jira, enabling streamlined alert tracking and incident management. Define and configure alert severity levels within SIEM, SOAR, and Jira to align with More ❯

DNS filtering, HTTP inspection, etc.) for secure browsing and egress control Integrate Cloudflare services with: Entra ID/Azure Active Directory for identity management SIEM platforms (likely Microsoft Sentinel) for log forwarding and visibility Coordinate with the client’s Azure infrastructure partners to ensure smooth integration Produce documentation and operational … especially ZTNA and Gateway Proven experience implementing Zero Trust access policies in cloud environments Experience integrating Cloudflare with Azure AD/Entra ID and SIEM tools Understanding of secure cloud networking principles and Zero Trust architecture Experience in multi-cloud environments (Azure required) If this role sounds like it could More ❯

Job Description SIEM Automation Engineer - Leading Microsoft MSSP An opportunity to work with one of the top 1% Microsoft MSSPs globally, where cutting-edge security solutions meet expert cyber defense. With a 16-person SOC team, this role offers the chance to automate, optimize, and strengthen security operations at scale. More ❯