1 to 25 of 106 SIEM Jobs in London

and vulnerability management, anti-virus management, security monitoring etc. Helping design and deliver improved security tooling across all areas of cyber security (DR design and testing, End user tooling, SIEM tooling and event ingestion etc.) Supporting the Technology team to keep information security infrastructure up to date with emerging threats and vulnerabilities, including advising on architecture and design of internal More ❯

or solutions architecture role. Background working with or for a VAR, Systems Integrator, or Security Vendor highly desirable . Technical Expertise Strong understanding of enterprise security technologies, including firewalls, SIEM/SOAR, IAM, DLP, SASE, Zero Trust, and cloud security. Working knowledge of AWS, Azure, and GCP security services. Broad understanding of networking, virtualisation, and enterprise infrastructure. CISSP, CCSP, or More ❯

a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response via SOC and MSSPs. Manage security tools like SIEM and endpoint protection. Lead incident response and post-incident analysis. Enforce policies for data privacy (GDPR & NIST). Conduct regular security audits. Manage vendor relationships and negotiate contracts. Report service More ❯

a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response via SOC and MSSPs. Manage security tools like SIEM and endpoint protection. Lead incident response and post-incident analysis. Enforce policies for data privacy (GDPR & NIST). Conduct regular security audits. Manage vendor relationships and negotiate contracts. Report service More ❯

a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response via SOC and MSSPs. Manage security tools like SIEM and endpoint protection. Lead incident response and post-incident analysis. Enforce policies for data privacy (GDPR & NIST). Conduct regular security audits. Manage vendor relationships and negotiate contracts. Report service More ❯

a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response via SOC and MSSPs. Manage security tools like SIEM and endpoint protection. Lead incident response and post-incident analysis. Enforce policies for data privacy (GDPR & NIST). Conduct regular security audits. Manage vendor relationships and negotiate contracts. Report service More ❯

threat intelligence, and incident readiness and response. Qualifications Key responsibilities of the role are summarised below: Detection engineering - Develop, maintain, and enhance security detection content primarily for the Splunk SIEM, to enable the detection of threats across diverse platforms (e.g. cloud, endpoints, and networks) Collaborate with the extended security team to identify gaps in detection coverage, log ingestion and alerting More ❯

AD) Microsoft Purview Microsoft Intune Azure Security Center Information Security (On-Premise): Firewalls (e.g. Palo Alto, Fortinet) Intrusion Detection/Prevention Systems (IDS/IPS) Endpoint Protection Platforms (EPP) SIEM tools (on-prem or hybrid) Identity & Access Management (IAM) Patch management and vulnerability scanning Data Loss Prevention (DLP) Candidate Profile Proven experience delivering large-scale cyber and information security programmes More ❯

knowledge of network protocols (TCP/IP) and security practices (IPSec, SSL-VPN, NAT, GRE) Hands-on experience with cloud infrastructure operations and troubleshooting customer tech stacks. Familiarity with SIEM tools, vulnerability management, malware analysis, and firewall configurations Ability to communicate complex technical solutions to a wide range of audiences, both technical and non-technical Skilled in Python, JSON, YAML More ❯

for apprentice security analysts, providing coaching, mentoring, and line management. What We’re Looking For 2-3 years’ experience investigating and responding to cyber incidents. Hands-on use of SIEM tools (Splunk preferred, Microsoft Sentinel or equivalent acceptable). Experience with EDR solutions to support incident investigation. Understanding of threat actor tools, techniques, and procedures (TTPs). Strong analytical and More ❯

of scripts in Python JavaScript or PowerShell is a plus Experience with security design and architecture, content development, workload automation and use-cases Experienced with technologies such as EDR, SIEM, SOAR, NGFW and their ecosystems Familiarity with cloud technologies, providers (such as GCP, AWS, Azure) Familiarity with attack surface management is a plus Experience in customer-facing roles (internal or More ❯

continual development outside of a university degree 1+ years of experience in cybersecurity (SOC or MSSP experience preferred) is advantageous but not required. Familiarity with monitoring tools such as SIEM, IDS/IPS, EDR, and threat intelligence platforms. Basic understanding of networking, operating systems, and core security technologies. Foundational knowledge of digital forensics and incident response practices. Exposure to scripting More ❯

threats (APT). Technical expertise in forensic acquisition/analysis across Windows, Linux, macOS, and cloud environments. Strong knowledge of attack tactics, techniques, and procedures (TTPs). Proficiency with SIEM, EDR, and forensic toolsets. Scripting experience (Python, PowerShell, Bash) to accelerate investigations and automate tasks. Excellent communicator, with the ability to translate technical findings into clear business risk. Awareness of More ❯

AD) Microsoft Purview Microsoft Intune Azure Security Center Information Security (On-Premise): Firewalls (e.g. Palo Alto, Fortinet) Intrusion Detection/Prevention Systems (IDS/IPS) Endpoint Protection Platforms (EPP) SIEM tools (on-prem or hybrid) Identity & Access Management (IAM) Patch management and vulnerability scanning tools Data Loss Prevention (DLP) solutions Candidate Profile: Strong hands-on experience in cyber and information More ❯

Qualifications Required: 5+ years in cyber security leadership with a strong technical security background. Expertise in Microsoft & Azure security environments (cloud, hybrid, on-prem). Hands-on experience with SIEM, EDR, and XDR solutions for security monitoring. Certifications preferred: CISSP, CISM, AZ-500, SC-200, SC-100. Strong knowledge of ISO 27001, NIST, CIS benchmarks, and security governance. Experience leading More ❯

Qualifications Required: 5+ years in cyber security leadership with a strong technical security background. Expertise in Microsoft & Azure security environments (cloud, hybrid, on-prem). Hands-on experience with SIEM, EDR, and XDR solutions for security monitoring. Certifications preferred: CISSP, CISM, AZ-500, SC-200, SC-100. Strong knowledge of ISO 27001, NIST, CIS benchmarks, and security governance. Experience leading More ❯

Qualifications Required: 5+ years in cyber security leadership with a strong technical security background. Expertise in Microsoft & Azure security environments (cloud, hybrid, on-prem). Hands-on experience with SIEM, EDR, and XDR solutions for security monitoring. Certifications preferred: CISSP, CISM, AZ-500, SC-200, SC-100. Strong knowledge of ISO 27001, NIST, CIS benchmarks, and security governance. Experience leading More ❯

Qualifications Required: 5+ years in cyber security leadership with a strong technical security background. Expertise in Microsoft & Azure security environments (cloud, hybrid, on-prem). Hands-on experience with SIEM, EDR, and XDR solutions for security monitoring. Certifications preferred: CISSP, CISM, AZ-500, SC-200, SC-100. Strong knowledge of ISO 27001, NIST, CIS benchmarks, and security governance. Experience leading More ❯

onboarding 67 critical services and 72+ services proactively monitored by our in-house SOC (Security Operations Centre). Essential Criteria for the Role 2+ years in security platforms management (SIEM, SOAR). Expertise in enterprise-level monitoring and supporting large user bases (10,000+ users). Experience in creating/managing security playbooks and knowledge of public sector standards. Experience More ❯

onboarding 67 critical services and 72+ services proactively monitored by our in-house SOC (Security Operations Centre). Essential Criteria for the Role 2+ years in security platforms management (SIEM, SOAR). Expertise in enterprise-level monitoring and supporting large user bases (10,000+ users). Experience in creating/managing security playbooks and knowledge of public sector standards. Experience More ❯

onboarding 67 critical services and 72+ services proactively monitored by our in-house SOC (Security Operations Centre). Essential Criteria for the Role 2+ years in security platforms management (SIEM, SOAR). Expertise in enterprise-level monitoring and supporting large user bases (10,000+ users). Experience in creating/managing security playbooks and knowledge of public sector standards. Experience More ❯

onboarding 67 critical services and 72+ services proactively monitored by our in-house SOC (Security Operations Centre). Essential Criteria for the Role 2+ years in security platforms management (SIEM, SOAR). Expertise in enterprise-level monitoring and supporting large user bases (10,000+ users). Experience in creating/managing security playbooks and knowledge of public sector standards. Experience More ❯

onboarding 67 critical services and 72+ services proactively monitored by our in-house SOC (Security Operations Centre). Essential Criteria for the Role 2+ years in security platforms management (SIEM, SOAR). Expertise in enterprise-level monitoring and supporting large user bases (10,000+ users). Experience in creating/managing security playbooks and knowledge of public sector standards. Experience More ❯

our in-house SOC (Security Operations Centre). Please note that this role requires a current SC Clearance Essential Criteria for the Role 2+ years in security platforms management (SIEM, SOAR). Expertise in enterprise-level monitoring and supporting large user bases (10,000+ users). Experience in creating/managing security playbooks and knowledge of public sector standards. Experience More ❯

understanding of Azure identity, network security, encryption, and data protection . Experience with security frameworks (SABSA, TOGAF) and enterprise architecture governance. Hands-on familiarity with security tooling such as SIEM, Defender for Cloud, Key Vault, Sentinel, etc. Strong stakeholder engagement and communication skills across business, risk, and technical domains. Experience working within consulting or global programmes is highly advantageous. Full More ❯