1 to 25 of 64 SIEM Jobs in London

security teams to remediate vulnerabilities. Gather and analyse threat intelligence to inform detection strategies. Maintain detailed incident records and conduct post-incident reviews. Technical Skills Hands-on experience with SIEM, EDR, IDS/IPS, and SOAR platforms. Strong knowledge of operating systems (Windows, Linux), network protocols, and packet analysis tools. Familiarity with scripting languages (Python, Bash, PowerShell). Experience with More ❯

experience. Proven experience within a SOC (Security Operations Centre) or NOC (Network Operations Centre). Strong understanding of incident response methodologies and the MITRE ATT&CK framework. Experience using SIEM, IDS/IPS, vulnerability scanners, and Azure security tools. Technical expertise in Microsoft Defender, EDR (Endpoint Detection and Response), and network architecture. Practical experience managing cyber incidents and implementing secure More ❯

experience. Proven experience within a SOC (Security Operations Centre) or NOC (Network Operations Centre). Strong understanding of incident response methodologies and the MITRE ATT&CK framework. Experience using SIEM, IDS/IPS, vulnerability scanners, and Azure security tools. Technical expertise in Microsoft Defender, EDR (Endpoint Detection and Response), and network architecture. Practical experience managing cyber incidents and implementing secure More ❯

the following: Minimum 2 years' experience of 1st-3rd level technical support of IT infrastructure or security, both in person and remote. Demonstrate detailed knowledge of: oIT system monitoring (SIEM). oSecurity Incident Management. Demonstrate detailed knowledge of Information Security in several of the following areas: oIntrusion detection and prevention systems. oVulnerability Management. oNetwork technology and operations. oWindows 10 and More ❯

are met. Ensure the IAM service follows and complies with IT and Information Security policies and regulatory standards. Help configure and keep current the integration of IAM technologies with SIEM, SOAR, Service Desk and other tools. Work closely with relevant vendors to ensure optimised use of the supplied technologies and professional services. Serve as an escalation point for issues of More ❯

will play a key part in implementing security controls, mitigating risk and contributing to the continuous improvement of the company's overall security posture. Responsibilities: * Monitor security tools including SIEM (QRadar) and respond to threat detection alerts * Triage, analyse and prioritise security (via ServiceNow) * Investigate root causes of security issues and design effective remediation solutions * Oversee Patch Management * Conduct vulnerability More ❯

will play a key part in implementing security controls, mitigating risk and contributing to the continuous improvement of the company's overall security posture. Responsibilities: * Monitor security tools including SIEM (QRadar) and respond to threat detection alerts * Triage, analyse and prioritise security (via ServiceNow) * Investigate root causes of security issues and design effective remediation solutions * Oversee Patch Management * Conduct vulnerability More ❯

background in cybersecurity or a related subject. Desirable Skills: Programming/scripting (Python, Bash, PowerShell, etc.). Additional SOC certifications (e.g., CREST Practitioner Intrusion Analyst). Experience with other SIEM platforms like QRadar. Additional Info: Permanent role with a salary up to £58K (depending on experience), plus shift allowance. Benefits include 25 days annual leave (plus buy/sell options More ❯

Microsoft Purview. • Proven expertise in Microsoft Sentinel and Office 365 E5 security products. • Strong understanding of Azure services, including Azure AD, Defender for Cloud, and Logic Apps. • Experience with SIEM/SOAR platforms, KQL, and automation workflows. • Familiarity with compliance frameworks: ISO 27001, NIST, PCI-DSS, GDPR. • Excellent communication and stakeholder engagement skills. • Certifications such as SC-100, AZ More ❯

readiness and response. Key responsibilities of the role are summarised below: · Security monitoring and incident response · Detection engineering - Develop, maintain, and enhance security detection content primarily for the Splunk SIEM, to enable the detection of threats across diverse platforms (e.g. cloud, endpoints, and networks) · Use frameworks like MITRE ATT&CK to map detection rules and maximise threat coverage · Use analytical More ❯

initiatives. About You Minimum 5 years’ experience in information security within a global enterprise environment . Strong knowledge of cloud and network security (Azure, O365). Experienced in DLP, SIEM, and incident response processes. Familiar with ISO 27001/27002 and governance frameworks. CISSP or CEH certification preferred. Excellent communication, stakeholder management, and documentation skills. Why Join? You’ll be More ❯

services strongly preferred). Expertise in IAM technologies (SailPoint, Okta, Azure AD, CyberArk, Ping Identity), DLP platforms (Symantec, Microsoft Purview, Forcepoint, Digital Guardian), and security engineering tools (EDR, CSPM, SIEM, SOAR, vulnerability management). Strong knowledge of Zero Trust, data protection regulations (GDPR, FCA, PRA), cloud-native security, and DevSecOps practices. Exceptional leadership, communication, and stakeholder engagement skills, with the More ❯

DDoS protection, and encryption. Mentor junior engineers, elevate best practices, and help us on our journey to ISO 27001 certification. What You Bring Deep hands-on expertise across EDR, SIEM, NAC, MFA, PAM, and cloud security environments. Proven experience with security frameworks such as ISO 27001, NIST, CIS, and PCI-DSS. Certifications like CISSP, CPSA, or Palo Alto Certified Security More ❯

certifications such as CISSP, TOGAF, CCSP, GCIH or equivalent Strong experience securing Microsoft cloud environments (Azure) design, deployment, configuration and management Broad knowledge of infrastructure and security solutions, including SIEM/SOAR Proven track record designing end-to-end solutions with security embedded across network, infrastructure, access, cloud services, controls and SecOps Experience addressing cloud-specific security challenges, patterns and More ❯

certifications such as CISSP, TOGAF, CCSP, GCIH or equivalent Strong experience securing Microsoft cloud environments (Azure) - design, deployment, configuration and management Broad knowledge of infrastructure and security solutions, including SIEM/SOAR Proven track record designing end-to-end solutions with security Embedded across network, infrastructure, access, cloud services, controls and SecOps Experience addressing cloud-specific security challenges, patterns and More ❯

Incident Response: Oversee the day-to-day operation of security systems and tools, including firewalls, intrusion detection/prevention systems (IDS/IPS), antivirus, anti-malware, SIEM (Security Information and Event Management), vulnerability scanners, and data encryption solutions. Manage vulnerability management programs, including regular scanning, penetration testing, and remediation of identified weaknesses. Lead and manage security incident response, including detection … creating Cyber Security roadmaps. Strong understanding of information security principles, frameworks (e.g., ISO 27001, NIST, Cyber Essentials), and best practices. Hands-on experience with security technologies such as firewalls, SIEM, IDS/IPS, vulnerability scanners, endpoint detection and response (EDR), and identity management solutions. Experience with cloud security (e.g., Azure Security). Proven experience in managing security incidents and conducting More ❯

knowledge of network protocols (TCP/IP) and security practices (IPSec, SSL-VPN, NAT, GRE) Hands-on experience with cloud infrastructure operations and troubleshooting customer tech stacks. Familiarity with SIEM tools, vulnerability management, malware analysis, and firewall configurations Ability to communicate complex technical solutions to a wide range of audiences, both technical and non-technical Skilled in Python, JSON, YAML More ❯

malware analysis and reverse engineering. Scripting/programming skills (Python, Bash, PowerShell, etc.). Relevant certifications (e.g., CREST Practitioner Intrusion Analyst, Blue Team Level 1). Exposure to other SIEM platforms like QRadar. Additional Info: Permanent role with a generous benefits package including 25 days annual leave (plus buy/sell options), pension, life assurance, health cash plan, and a More ❯

Lead Implementer. * Endpoint Security: EDR solutions and endpoint management platforms. * Microsoft 365/Entra ID: Identity protection, Conditional Access, MFA, and Privileged Identity Management (PIM). * Security Monitoring & Operations: SIEM platforms and SOC processes. * Network Security: Firewalls, web application firewalls, and VPN technologies. * Encryption: PKI and data encryption for both data at rest and in transit. * Email Security: Mimecast and More ❯

handling, remediation, and reporting * Proficiency in Microsoft Office products * Experience in securing AI-driven systems and leveraging AI tools. * Familiar with Microsoft Defender for Endpoint, Thales, CrowdStrike Falcon and SIEM, CyberArk, Rapid7, and Palo Alto products is a plus Lead Information Security Engineer In accordance with the Employment Agencies and Employment Businesses Regulations 2003, this position is advertised based upon More ❯

the risks Your engineering experiences include Golang and Terraform Technologies AWS, GCP, Azure and private Data Centers Kubernetes, Helm, Flux Distributed systems, mostly Golang based with CockroachDB and NATS SIEM/SOAR, EDR, CNAPP, and a suite of open source tools with custom integrations This is a fully remote role, please email your CV to apply More ❯

upgrades, VDI rollouts, Office 365/M365 migrations. Network & security upgrades - WAN/LAN refresh, SD-WAN, firewall/security infrastructure enhancements. Cybersecurity initiatives - IAM (Identity and Access Management), SIEM integration, encryption, vulnerability management. Infrastructure for regulatory change programmes (e.g. Basel III, MiFID II support). DevOps enablement projects - CI/CD pipelines, tooling standardisation. Skills & Experience Required Strong track More ❯

upgrades, VDI rollouts, Office 365/M365 migrations. Network & security upgrades - WAN/LAN refresh, SD-WAN, firewall/security infrastructure enhancements. Cybersecurity initiatives - IAM (Identity and Access Management), SIEM integration, encryption, vulnerability management. Infrastructure for regulatory change programmes (e.g. Basel III, MiFID II support). DevOps enablement projects - CI/CD pipelines, tooling standardisation. Skills & Experience Required Strong track More ❯

and disaster recovery processes. Administer and monitor Active Directory, Azure Entra, and Intune environments. Manage compliance policies, conditional access, and mobile device management. Work with third-party providers supporting SIEM and threat analytics systems. Lead on implementing IT security best practices, standards, and access controls. Support infrastructure and security projects, including system upgrades and migrations. Create and maintain technical documentation More ❯

and disaster recovery processes. Administer and monitor Active Directory, Azure Entra, and Intune environments. Manage compliance policies, conditional access, and mobile device management. Work with third-party providers supporting SIEM and threat analytics systems. Lead on implementing IT security best practices, standards, and access controls. Support infrastructure and security projects, including system upgrades and migrations. Create and maintain technical documentation More ❯