1 to 25 of 70 SIEM Jobs in London

enable a "Defend as one" strategy across the health and care system. The Security Advisor SIEM Engineering provides new and enhanced SIEM (Security Information and Event Management) system and tooling capability for the CSOC, including deploying feeds from data sources, building cyber detection capability, improving the automation of security monitoring … and managing the SIEM environment. Main duties of the job The Security Advisor SIEM Engineering is responsible for: Deploying feeds from data sources into NHS England's SIEM system and ensuring compliance with the SIEM's data modelling, for both newly developed services and existing services being updated. Maintaining ...

standards for Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic investigations. Infrastructure Hardening: Enforce secure baselines across virtualized environments ...

standards for Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic investigations. Infrastructure Hardening: Enforce secure baselines across virtualized environments ...

Gather and analyse threat intelligence to inform detection strategies. Maintain detailed incident records and conduct post-incident reviews. Technical Skills Hands-on experience with SIEM, EDR, IDS/IPS, and SOAR platforms. Strong knowledge of operating systems (Windows, Linux), network protocols, and packet analysis tools. Familiarity with scripting languages (Python ...

initiatives. Skills & Experience Essential: Strong grounding in security engineering principles, practices and risk management. Experience working with a broad range of security controls (e.g., SIEM, IDS/IPS, firewalls, secure SDLC, cloud security configuration, CIS hardening, API security). Knowledge of security frameworks such as NIST, ISO 27001, CIS and ...

years in cybersecurity or technical security or solutions engineering roles. Hands-on experience deploying and managing security tooling - such as DLP, EDR, IAM, MDM, SIEM, ZTNA, or vulnerability scanners, and enjoy solving problems at the implementation level. Strong communication skills and comfortable communicating technical security concepts to non-security stakeholders. ...

role are summarised below: · Security monitoring and incident response · Detection engineering - Develop, maintain, and enhance security detection content primarily for the Splunk SIEM, to enable the detection of threats across diverse platforms (e.g. cloud, endpoints, and networks) · Use frameworks like MITRE ATT&CK to map detection rules and maximise threat ...

Assisting with Zero Trust Client configuration and rollout, including secure network and data access. Integrate Zero Trust solutions with identity providers (Entra AD, Okta), SIEM/SOAR systems, endpoint platforms, and data repositories. Assisting infrastructure teams in migrating legacy VPN, proxy, and firewall solutions to cloud native Zero Trust models ...

experience who wants real technical ownership and variety across the full defensive lifecycle. What You’ll Be Doing Lead investigations, triage and containment using SIEM/EDR (Microsoft Sentinel preferred) Harden IAM, PIM/PAM , Windows/Linux, endpoint baselines and identity services Strengthen M365 security : Defender for Endpoint/… security hardening (Windows + Linux) Network security concepts (firewalls, IDS/IPS) Incident Response & Detection Hands-on IR: triage investigation containment recovery Experience with SIEM (Sentinel strongly preferred) Experience with EDR/XDR tools: Defender/CrowdStrike/SentinelOne Log analysis, packet captures, forensic investigation fundamentals Microsoft Security Defender suite ...

years' experience in information security within a global enterprise environment . Strong knowledge of cloud and network security (Azure, O365). Experienced in DLP, SIEM, and incident response processes. Familiar with ISO 27001/27002 and governance frameworks. CISSP or CEH certification preferred. Excellent communication, stakeholder management, and documentation skills. ...

security controls. Experience with information security control testing methodologies, information security risk assessments, auditing tools and an interest in emerging technologies.. Security tooling (e.g. SIEM, Identity and Access Management platforms, DLP), cloud platforms (AWS, GCP, Azure), Infrastructure as Code (Terraform) and scripting languages (e.g. Python). Experience with workflow platform ...

with DLP incident handling, remediation and reporting - Experience with the following products would be highly advantageous; Microsoft Defender for Endpoint, Thales, Crowdstrike Falcon and SIEM, CyberArk, Rapid7 and Palo Alto Products. - CISSP or CEH certification desirable Lead Cyber Security Engineer In accordance with the Employment Agencies and Employment Businesses Regulations ...

Cloud, Network Security and DevSecOps. Technical Skills & Competencies: IAM: Azure AD, Okta, Ping Cloud Security: Prisma, Defender, Wiz, Lacework Vulnerability Management: Qualys, Tenable, Snyk SIEM/SOC integration knowledge (Splunk, Sentinel): Desirable: Strong communication and stakeholder management skills Ability to challenge designs and provide pragmatic solutions Comfortable working directly with ...

Cloud, Network Security and DevSecOps. Technical Skills & Competencies: IAM: Azure AD, Okta, Ping Cloud Security: Prisma, Defender, Wiz, Lacework Vulnerability Management: Qualys, Tenable, Snyk SIEM/SOC integration knowledge (Splunk, Sentinel): Desirable: Strong communication and stakeholder management skills Ability to challenge designs and provide pragmatic solutions Comfortable working directly with ...

hardware and software cost models while defining long-term security standards and service offerings. System Implementation: Overseeing the rollout of security technologies, including firewalls, SIEM, DLP, and PKI systems. Stakeholder Engagement: Collaborating with executives, development teams, and customers to align security measures with business goals Essential Skills 10 + years ...

hardware and software cost models while defining long-term security standards and service offerings. System Implementation: Overseeing the rollout of security technologies, including firewalls, SIEM, DLP, and PKI systems. Stakeholder Engagement: Collaborating with executives, development teams, and customers to align security measures with business goals Essential Skills 10 + years ...

and monitor Active Directory, Azure Entra, and Intune environments. Manage compliance policies, conditional access, and mobile device management. Work with third-party providers supporting SIEM and threat analytics systems. Lead on implementing IT security best practices, standards, and access controls. Support infrastructure and security projects, including system upgrades and migrations. ...

logging, and security operations. Develop, optimise, and tune KQL queries for detection engineering and threat hunting. Review and enhance security configurations across cloud and SIEM/SOAR platforms. Manage engagements through architecture, deployment, tuning, documentation, and customer enablement. Identify security gaps and recommend improvements across logging, identity, endpoint hardening, cloud … remediation of misconfigurations and optimisation of security deployments. Leverage scripting, APIs, and automation to streamline repeatable tasks. Integrate firewalls, EDR platforms, logging pipelines, and SIEM/SOAR tooling. Customer & Collaboration Act as a trusted technical advisor to security and engineering stakeholders. Communicate complex technical concepts clearly to both technical and ...

Exposure to regulated or highly secure enterprise environments Security or architecture certifications such as CISSP, CCSP, TOGAF, AWS/Azure Security Specialty Familiarity with SIEM, security monitoring, logging, and observability tools Experience embedding security controls into DevOps and SRE practices ...

and OWASP principles. Expert in executing cloud security solutions, particularly for identity management, networking, and encryption. Possesses solid knowledge of system logging, monitoring, SIEM technologies, threat detection, and public key infrastructures (PKI). Understands cyber risk management, threat intelligence, and emerging governance practices. Experienced in driving security transformation initiatives and ...

regulated or highly secure enterprise environments Security or architecture certifications (e.g. CISSP, CCSP, TOGAF, AWS/Azure Security Specialty) Familiarity with security monitoring, logging, SIEM, and observability tools Experience embedding security controls into DevOps and SRE practices Reasonable Adjustments: Respect and equality are core values to us. We are proud ...

engineering or related fields Strong cloud security expertise across AWS and ideally GCP Experience working with compliance and regulatory frameworks Hands on experience with SIEM, firewalls and vulnerability management tools Scripting or coding capability for automation Excellent stakeholder communication skills Comfortable operating autonomously within a scale up environment What ...

engineering or related fields Strong cloud security expertise across AWS and ideally GCP Experience working with compliance and regulatory frameworks Hands on experience with SIEM, firewalls and vulnerability management tools Scripting or coding capability for automation Excellent stakeholder communication skills Comfortable operating autonomously within a scale up environment Whats ...

expect you to maintain awareness of emerging cyber threats, vulnerabilities, and trends through threat intelligence sources. You'll be familiar in using and deploying SIEM technologies, experienced with Azure Security Solutions, Defender for endpoint, Defender for Identity and Office 365, and be experienced with the development of Microsoft Sentinel Kusto ...

evaluation, vendor selection and domain modernisation - Partner with Product/Platform leads on security-by-design priorities - Mentor architects and drive innovation (cloud security, SIEM, DLP) **YOU'LL BRING** - 10+ years enterprise security architecture (IAM, cloud security, GDPR) - Deep frameworks knowledge (TOGAF, SABSA, CISSP/CISM, ISO 27001, NIST) - Proven ...