101 to 116 of 116 SIEM Jobs in London

require a Security Operations Engineer to join the firm in London on a 9 month fixed term contract basis. Key Responsibilities: * Monitor alerts from SIEM, EDR and other security monitoring tools. * Investigate suspicious activity across endpoints, networks and cloud environments. * Support the investigation and resolution of security incidents. * Support … configuration, tuning and ongoing improvement of security monitoring tools such as SIEM and EDR platforms. * Use threat intelligence sources to identify emerging risks relevant to the organisation. Required Skills: * Strong understanding of network protocols and system behaviour including TCP/IP, DNS and HTTP/S. System internals (Windows, Linux ...

threats from both open-source (OSINT) and commercial threat intelligence. Proven experience operating cyber security solutions and tools e.g. Security Information and Event Management (SIEM), maintaining security records and documentation in accordance with security operating procedures. Demonstrated experience in managing relationships with external vendors, managed security service providers (MSSPs), and ...

threats from both open-source (OSINT) and commercial threat intelligence. Proven experience operating cyber security solutions and tools e.g. Security Information and Event Management ( SIEM ), maintaining security records and documentation in accordance with security operating procedures. Demonstrated experience in managing relationships with external vendors, managed security service providers ( MSSPs ), and ...

Responsibilities Security Tooling Operations Monitor, triage, and investigate alerts across core platforms including Wiz, Zscaler, and CrowdStrike Security Operations Perform daily alert reviews across SIEM and security tooling Contribute to runbooks, playbooks, and operational documentation Support threat intelligence analysis and apply findings to detection and response activities Work closely with … CrowdStrike Falcon Zscaler Wiz Experience working in a Security Operations or SOC environment Proven experience in alert triage, incident investigation, and response Familiarity with SIEM platforms and security telemetry analysis Understanding of cloud security concepts (Azure, AWS, or GCP) Desirable Skills Knowledge of MITRE ATT&CK or Cyber Kill Chain ...

enhancing detection efficacy, reducing false positives, and ensuring robust coverage against evolving threat landscapes. Key Responsibilities Design and implement detection use cases across SIEM and SOAR platforms using threat intelligence and incident data Develop, map, and maintain detection logic aligned to MITRE ATT&CK frameworks Continuously tune and optimise correlation … evolve a repository of use cases, KPIs, and SOC performance metrics Requirements 3+ years of commercial experience in SOC content engineering, detection engineering, or SIEM administration Strong commercial experience with Splunk Strong hands-on experience with SIEM platforms and query languages (e.g. SPL, KQL) Solid understanding of detection engineering principles ...

requirements and translate them into detailed interface specifications and solution designs Oversee integration of key platforms, including Customer ERP, ServiceNow, Amazon Connect, SOC/SIEM, and Enterprise Data Platform, ensuring secure, reliable, and scalable data flows Facilitate and lead solution integration workshops with internal and external stakeholders to confirm requirements … Agile and Waterfall delivery methodologies, with a focus on iterative delivery and continuous improvement as per GDS framework Preferred Qualifications Experience with SOC/SIEM integration and incident management processes. Familiarity with cloud platforms (AWS, Azure) and hybrid integration scenarios. TOGAF or similar architecture certification. Experience supporting GDS service assessments ...

operational resilience testing (including threat-led penetration testing) and disaster recovery from an ICT perspective. Monitor the governance and technical effectiveness of cybersecurity controls (SIEM, EDR, DLP, IAM, vulnerability management, and data security) and track remediation of audit and assessment findings. 6. Culture, Collaboration & Stakeholder Engagement Deliver security awareness programmes … comparable EU regulators. Strong technical foundation in cloud security, IT infrastructure, application security, and cyber threats. Strong knowledge of cloud security controls, SIEM, EDR, DLP, IAM, and security architecture. Awareness of AI security risks and controls. Experience in incident response and third-party security management. Ability to influence stakeholders, present ...

incidents, overseeing team members and ensuring technical excellence throughout delivery. Support detection engineering and SecOps enhancement initiatives, including identifying coverage gaps in EDR/SIEM tooling and contributing to orchestration and automation playbooks. Work directly with client technical teams, acting as a trusted advisor and primary point of contact during … least two of the following areas: Digital forensics and technical incident response Enterprise security operations tooling and processes Detection engineering within EDR/SIEM environments, including addressing ATT&CK TTP coverage gaps Enterprise IT networks and Active Directory Cloud platforms such as Microsoft 365, Azure, AWS or GCP You will ...

leading banking organisation based in the City of London is seeking an experienced Cyber Project Manager to lead strategic cybersecurity transformation initiatives focused on SIEM modernisation, Splunk SaaS migration, and UEBA implementation. This is a highly visible role within the Cyber Security Transformation team, requiring strong stakeholder engagement across security … stakeholders across the bank. Requirements Required Experience Proven experience delivering enterprise-scale cyber security projects within banking or financial services environments. Strong experience managing SIEM transformation or migration programmes. Previous experience delivering Splunk Cloud/SaaS migration projects. Understanding of SOC operations, detection engineering, and security monitoring concepts. Experience delivering ...

support issues Supporting and mentoring Tier 1 Engineers Troubleshooting Microsoft 365, Azure and infrastructure issues Investigating and responding to security alerts from SOC/SIEM platforms Supporting Cisco Meraki networking environments Managing issues through to resolution with clear customer communication throughout Identifying recurring technical or service trends and helping improve … teams where required Technical Environment Microsoft 365 Azure Windows Server/Active Directory Cisco Meraki Endpoint Manager/Intune MFA/Security tooling SIEM/EDR platforms Hyper-V Windows, Mac, iPhone and Android device support What They're Looking For Previous experience in a 2nd Line Support or Escalation ...

proven skills working with the following – • Monitoring security alerts and events across enterprise environments • Investigating potential cyber security incidents and responding appropriately • Working with SIEM platforms such as Splunk, Sentinel or QRadar • Conducting threat analysis and triaging security alerts • Supporting incident response and remediation activities • Working with security engineering teams … Experience within financial services, fintech or other regulated environments would be beneficial. Interested? Please apply below SOC Analyst, Security Operations Analyst, Cyber Security Analyst, SIEM Analyst, Splunk, Microsoft Sentinel, Incident Response, Outside IR35 Contract ...

proven skills working with the following – • Monitoring security alerts and events across enterprise environments • Investigating potential cyber security incidents and responding appropriately • Working with SIEM platforms such as Splunk, Sentinel or QRadar • Conducting threat analysis and triaging security alerts • Supporting incident response and remediation activities • Working with security engineering teams … Experience within financial services, fintech or other regulated environments would be beneficial. Interested? Please apply below SOC Analyst, Security Operations Analyst, Cyber Security Analyst, SIEM Analyst, Splunk, Microsoft Sentinel, Incident Response, Outside IR35 Contract ...

Description Security Analyst - CISSP, CISM, CEH, EDR, SIEM, SOAR, IDS/IPS, TCP/IP, Defender Our leading global law firm client are currently looking to take on a new Security Analyst (CISSP, CISM, CEH, EDR, SIEM, SOAR, IDS/IPS, TCP/IP, Defender) to join their team … days per week in London and offer a great deal of autonomy and technical exposure. This Security Analyst (CISSP, CISM, CEH, EDR, SIEM, SOAR, IDS/IPS, TCP/IP, Defender) role, will be responsible for the day to day operations of existing security solutions and uses tools to identify ...

Platform Teams, and Digital Transformation stakeholders. You will be responsible for identifying, developing, and winning new business opportunities across: Data & Analytics AI & GenAI Observability SIEM & Cyber Security Search & Enterprise AI Cloud Data Platforms Professional Services & Recruitment Solutions Key Responsibilities Generate and qualify new business opportunities across enterprise accounts Build relationships … Required Skills & Experience Essential Proven experience in New Business Development/Technology Sales Strong understanding of: Data Platforms Big Data AI/GenAI Observability SIEM/Cyber Security Cloud technologies Experience selling enterprise technology solutions or professional services Excellent communication and stakeholder management skills Ability to engage both technical and ...

requirements.- Integration with identity/directory services for visibility and correlation.- Tuning of detection capabilities, including custom detection logic within agreed capacity.- Integration with SIEM/SOC platforms for alerting, event correlation, and centralised monitoring.- Enablement of response capabilities (host containment, Real Time Response).- Validation, testing, and troubleshooting … experience deploying and engineering CrowdStrike Falcon Strong background in endpoint and server security across enterprise, cloud, and hybrid estates Experience integrating security tooling with SIEM/SOC environments ...

requirements.- Integration with identity/directory services for visibility and correlation.- Tuning of detection capabilities, including custom detection logic within agreed capacity.- Integration with SIEM/SOC platforms for alerting, event correlation, and centralised monitoring.- Enablement of response capabilities (host containment, Real Time Response).- Validation, testing, and troubleshooting … experience deploying and engineering CrowdStrike Falcon Strong background in endpoint and server security across enterprise, cloud, and hybrid estates Experience integrating security tooling with SIEM/SOC environments ...