1 to 25 of 52 SIEM Jobs in the Midlands

and liaise with the custiomer and the Service Delivery Manager as well and ensuring the actions of the SOC Analysts follow best practice. Job Duties Security Monitoring: & Investigation: Monitoring SIEM tools to assure high a level of security operations delivery function Oversee and enhance security monitoring systems to detect and analyse potential security incidents. Conduct real-time analysis of security … vulnerabilities, integrating threat intelligence into security monitoring processes. Contribute to the development of threat intelligence feeds to enhance proactive threat detection. Proactively hunt for threats within enterprise environments using SIEM and EDR solutions. Fine-tune SIEM detection rules, correlation alerts, and log sources to reduce false positives. Analyse threat intelligence feeds, map findings to MITRE ATT&CK framework, and provide … mechanisms. Conduct adversary simulation exercises to test and improve detection capabilities. Generate detailed reports on emerging threats, attack trends, and security posture improvements. Monitored and analysed security logs from SIEM platforms to identify suspicious activity. Security Tool Management: Manage and optimise SIEM tools, ensuring they are properly configured and updated to maximize effectiveness. Own the development and implementation of SOC More ❯

and alerts associated with cyber threats, intrusions, and compromises alongside a team of global security analysts following documented SLOs and processes. Analyze events using security tooling and logging (e.g., SIEM, EDR) and assess potential risk/severity level of cyber threats; escalate higher-risk events to dedicated incident response and management teams in the CFC according to established processes. Collaborate … Cloud Infrastructure (AWS, Azure, GCP), and Security Technologies (Anti-Virus, Intrusion Prevention, Web Application Firewalls) Interest in developing knowledge across common Incident Response and Security Monitoring applications such as SIEM (e.g., Qradar, Splunk), EDR (e.g., FireEye HX, CrowdStrike Falcon, Microsoft Defender), and SOAR (Palo Alto XSOAR, Google Secops/Chronicle) Desire to build technical skills and hands-on knowledge in … and reverse engineering In-depth knowledge of network and host security technologies and products (such as firewalls, network IDS, scanners) and improve these skills Security monitoring technologies, such as SIEM, IPS/IDS, UEBA, DLP, among others Scripting and automation Additional Information Benefits package includes: Flexible work environment, working hybrid or in the office if you prefer. Great compensation package More ❯

hands-on' shift-based roles, working as part of a 24/7 operation working in a standard rotation shift pattern. They are responsible for utilising the SOC's SIEM and SOAR toolsets to detect and investigate potential Security and Service Incidents occurring within the monitored networks. Main Duties Monitor, triage, analyse and investigate alerts, log data and network traffic … skills. Strong analytical skills Must have expertise on TCP/IP network traffic and event log analysis. Must have knowledge and hands-on experience of Microsoft Sentinel (or any SIEM tool). Must have administrative skills in several operating systems, such as Windows, OS X, and Linux Must be proficient in basic shell scripting, creating Snort rules, or other log More ❯

L2) will determine whether a security event qualifies as an incident and coordinate with the customer's IT and Security teams for resolution. Main Duties Security Monitoring & Investigation: Monitor SIEM tools to ensure high-level security operations. Oversee and enhance security monitoring systems to detect and analyze potential security incidents. Conduct real-time analysis of security events and escalate as … Threat Intelligence: Stay updated on cybersecurity threats and vulnerabilities, integrating threat intelligence into monitoring processes. Contribute to threat intelligence feeds for proactive detection. Security Tool Management: Manage and optimize SIEM tools, ensuring proper configuration and updates. Develop and implement SOC Use Cases. Evaluate new security technologies and recommend improvements. Collaboration: Work with IT, legal, and management teams on security incidents … patterns of 4 days on, 4 days off. Ability to obtain or hold SC Clearance. Good understanding of Incident Response approaches. Hands-on knowledge of Microsoft Sentinel or similar SIEM tools. Strong verbal and written English communication skills. Interpersonal and presentation skills. Strong analytical skills. Understanding network traffic flows, normal vs. suspicious activities. Knowledge of Vulnerability Scanning, Management, and Ethical More ❯

a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response via SOC and MSSPs. Manage security tools like SIEM and endpoint protection. Lead incident response and post-incident analysis. Enforce policies for data privacy (GDPR & NIST). Conduct regular security audits. Manage vendor relationships and negotiate contracts. Report service More ❯

years in IT support, with 2+ years in a senior cybersecurity role. Hands-on experience with security tools such as firewalls, endpoint protection, VPNs, IDS/IPS, and SIEM platforms. Deep knowledge of network security, encryption, authentication, and secure configurations including CUI/CDI. Advanced understanding of IT infrastructure, including servers, storage, and virtualization. Familiarity with cloud security (Azure, AWS More ❯

communication skills. Excellent interpersonal and presentation skills. Strong analytical skills. Expertise in TCP/IP network traffic and event log analysis. Hands-on experience with Microsoft Sentinel or similar SIEM tools. Administrative skills across multiple operating systems (Windows, OS X, Linux). Proficiency in shell scripting, creating Snort rules, or other log-searching query languages. Confidence in handling common security More ❯

in security technologies and solutions, including firewalls, intrusion detection/prevention systems (IDS/IPS), endpoint protection, encryption, identity and access management (IAM), and security information and event management (SIEM) systems. Strong understanding of security frameworks, standards, and regulations, including ISO 27001, NIST Cybersecurity Framework, GDPR , NCSC Cyber Essentials Plus, with experience in implementing and maintaining compliance with these requirements. More ❯

role: This is a dynamic and impactful role that offers technical depth, cross-functional collaboration, and the chance to shape Cadent's cyber resilience. Technical Challenge - Work with advanced SIEM, SOAR, and threat detection tools across IT and OT environments. Strategic Contribution - Influence the development of new controls and support the delivery of Cadent's cyber security strategy. Cross-Team … Cyber Security, IT, or related field, with certifications such as CEH, CompTIA Sec+, or equivalent. Experience in cyber security engineering across IT and OT environments. Technical Expertise - Proficiency with SIEM and SOAR platforms, log analysis, threat modelling, and integration of security tools. Problem-Solving Skills - Ability to engineer solutions for complex security challenges, including unpatchable vulnerabilities. Communication & Collaboration - Strong interpersonal More ❯

privacy regulations (e.g., GDPR, CCPA) and breach notification laws. Experience with sector-specific frameworks (e.g., HIPAA, PCI). Technical Skills Proficiency with security tools (SailPoint, Rapid7, Wiz.io , MS Defender, SIEM, vulnerability management, penetration testing). Knowledge of cloud technologies (AWS, Azure). Experience using generative AI (e.g., ChatGPT) for test strategies, reports, and communications. Skills in automation and analytics tools More ❯

clients. This Junior SOC Analyst role will be an integral member of the Security Operation Centre. They will help identify and analyse potential threats utilising a number of different SIEM & EDR tools. To be a key member of Security Operations Centre (SOC) and provide real-time threat analysis and detection. Respond to system generated alerts, analyse logs and traffic patterns. … years UK residency) 1-3 years' experience as a Security/Network Administrator orequivalent Bachelor's degree in a related field or equivalent experience and knowledge Experience working with SIEM systems Industry standard certifications such as: CompTIA Security+, CompTIA Network+, CompTIA CySa+, Cisco CCNA, EC-Council CEH, and/or relevant specialized degree in Cyber Forensics or Computer Science. Kroll More ❯

the Role A degree level education and/or Microsoft or other relevant certifications Azure & Office 365 certifications Desirable for the Role ISO 27001 Knowledge/Awareness Experienced with SIEM API usage Scripting – PowerShell, Python etc. Microsoft Volume Licensing SFTP Systems SharePoint PHD can offer flexible working hours, WFH, Hybrid working option, to be discussed upon application. Supports The Bike More ❯

the applicant to work 12-hour shifts (7am/7pm) on a 4-on-4-off pattern. What will you bring? Experience in a SOC analyst role Experience using SIEM (ideally Microsoft Sentinel) Experience using EDR (ideally Microsoft Defender) Excellent written and verbal communication skills Experience configuring and deploying Microsoft technologies such as Microsoft Defender and Azure Experience using and More ❯

takes security seriously and offers room to grow your career as the function evolves. Key Responsibilities Support and maintain group-wide security tooling — including Tenable, EDR, access controls, and SIEM Assist in managing security incidents and work with stakeholders on resolution and reporting Contribute to third-party security assessments and vendor risk reviews Coordinate technical testing such as penetration tests More ❯

cloud) is essential. Proven experience with implementing secure core foundational services in a cloud infrastructure for AD, SecDevOps, Networking Services, at an enterprise level is essential. Proven experience in SIEM & SOAR (security information and event management (SIEM) and security orchestration, automation, and response (SOAR). Experience with Rapid7 SIEM tooling is desirable. Proven experience with the core foundational security services More ❯

SIEM Application Engineer Job Req ID: 47887 Posting Date: 13 Jun 2025 Function: Cyber Security Unit: Networks Location: Snowhill, Birmingham, United Kingdom Salary: Competitive with Great Benefits Why this job matters The new Network SIEM is essential to BT's network security, meeting TSA requirements and improving our CAF level. Your role as a SIEM Application Engineer in Security Engineering … following offices: Birmingham, Manchester, Ipswich (Ipswich only applicable to existing BT employees) What you'll be doing SIEM Solution Development: Collaborate with security analysts and architects to design and implement SIEM solutions using Elasticsearch. Optimize SIEM rules, alerts, and dashboards for efficient threat detection. Collaboration: Collaborate effectively with others to drive forward key security objectives Presentation and documentation writing (to … Experience in key cyber technologies such as SIEM technologies (Elastic preferred), vulnerability management, access management and other commonly used Enterprise security controls. Ideally from both a development and operational perspective Advantageous: SIEM implementation and usage Experience of Elastic Stack (ELK) Knowledge of Offensive testing frameworks Knowledge of Linux, Windows and Network Administration Knowledge and experience of cloud services (public or More ❯

Ideal Candidate Profile: Expert in Azure cloud security services (Defender for Cloud, Azure Sentinel, Key Vault, APIM) Strong advocate of Zero Trust models and secure development practices Experienced in SIEM & SOAR, ideally with tools like Rapid7 Excellent communicator with the ability to influence at all levels Passionate about cloud innovation and continuous security improvement Microsoft Azure Security Engineer Associate or More ❯

SIEM Software Engineering Lead Job Req ID: 47802 Posting Date: 12 Jun 2025 Function: Cyber Security Unit: Networks Location: Snowhill, Birmingham, United Kingdom Salary: Competitive with Great Benefits Why this job matters The new Network SIEM is essential to BT's network security, meeting TSA requirements and improving our CAF level. Being the SIEM DevOps with SysOps Software Engineer you … will play a critical role in designing, developing, implementing, and maintaining our strategic SIEM platform as part of the Security Engineering platform team, leading the implementation of the SIEM Automation strategy and providing guidance and oversight of the SIEM Platform Automation team. This role is hybrid (3 days in the week) and can be based in one of the following … CI/CD pipeline Technical leadership working in a high performing team of engineers delivering state of the art security tools for BT. Be an active member of the SIEM/CDP log onboarding team, delivering SIEM/CDP functionality in line with the requirements. Act as product owner, breaking down top level requirements into product backlogs as part of More ❯

integrity. Candidate Profile Strong experience in endpoint security, especially within critical infrastructure. Proficiency with platforms such as Microsoft Defender for Endpoint, SentinelOne, Trellix, or other EDR solutions. Familiarity with SIEM tools and frameworks like NIST and MITRE ATT&CK. Knowledge of standards such as NERC CIP, CIS Benchmarks, NIST SP 800-82. Scripting and automation skills (PowerShell, Python, Bash More ❯

systems for vulnerabilities with tools like Nessus Ability to analyse logs, detect anomalies, and respond to threats. Desirable: Certifications such as CompTIA Security+, CISSP, CEH, or GIAC. Experience with SIEM tools, network monitoring, or threat intelligence platforms. Knowledge of NIST(2), Cyber Assessment Framework, Cyber essentials(+), ISO 27001, or IEC 62443 standards. Scripting skills and data manipulation The Package More ❯

occasionally lend a hand across IT when needed - so a generalist IT background is helpful too. The environment is Microsoft-focused (Azure, M365, Defender), with Exabeam as the primary SIEM, and you'll play a key part in their journey toward Cyber Essentials Plus certification. The Role Investigate, respond to, and resolve security incidents Shape and improve SIEM monitoring and … in IT Security Engineering or a related technical field Proven hands-on experience with: Microsoft 365 & Azure Security (Defender, Entra ID, Conditional Access) Networking fundamentals (Cisco Meraki, VPNs, segmentation) SIEM (ideally Exabeam) Endpoint security and EDR/XDR Background in general IT or infrastructure support Excellent communication skills, patient and clear with non-IT users Proactive and self-starting mindset More ❯

occasionally lend a hand across IT when needed - so a generalist IT background is helpful too. The environment is Microsoft-focused (Azure, M365, Defender), with Exabeam as the primary SIEM, and you'll play a key part in their journey toward Cyber Essentials Plus certification. The Role Investigate, respond to, and resolve security incidents Shape and improve SIEM monitoring and … in IT Security Engineering or a related technical field Proven hands-on experience with: Microsoft 365 & Azure Security (Defender, Entra ID, Conditional Access) Networking fundamentals (Cisco Meraki, VPNs, segmentation) SIEM (ideally Exabeam) Endpoint security and EDR/XDR Background in general IT or infrastructure support Excellent communication skills, patient and clear with non-IT users Proactive and self-starting mindset More ❯

occasionally lend a hand across IT when needed - so a generalist IT background is helpful too. The environment is Microsoft-focused (Azure, M365, Defender), with Exabeam as the primary SIEM, and you'll play a key part in their journey toward Cyber Essentials Plus certification. The Role Investigate, respond to, and resolve security incidents Shape and improve SIEM monitoring and … in IT Security Engineering or a related technical field Proven hands-on experience with: Microsoft 365 & Azure Security (Defender, Entra ID, Conditional Access) Networking fundamentals (Cisco Meraki, VPNs, segmentation) SIEM (ideally Exabeam) Endpoint security and EDR/XDR Background in general IT or infrastructure support Excellent communication skills, patient and clear with non-IT users Proactive and self-starting mindset More ❯

occasionally lend a hand across IT when needed - so a generalist IT background is helpful too. The environment is Microsoft-focused (Azure, M365, Defender), with Exabeam as the primary SIEM, and you'll play a key part in their journey toward Cyber Essentials Plus certification. The Role Investigate, respond to, and resolve security incidents Shape and improve SIEM monitoring and … in IT Security Engineering or a related technical field Proven hands-on experience with: Microsoft 365 & Azure Security (Defender, Entra ID, Conditional Access) Networking fundamentals (Cisco Meraki, VPNs, segmentation) SIEM (ideally Exabeam) Endpoint security and EDR/XDR Background in general IT or infrastructure support Excellent communication skills, patient and clear with non-IT users Proactive and self-starting mindset More ❯

Microsoft Security Operations Analyst certification. Experience: Demonstrated experience in responding to cyber security threats. Proficiency in the use of antivirus technologies. Experience with Endpoint Detection & Response solutions. Familiarity with SIEM platforms. Skills: Awareness of vulnerabilities and security standards. Knowledge of HMG Security Standards and Processes. Ability to balance business needs with technical and security standards. Attributes: Commercial awareness. Familiarity with More ❯