12 SIEM Jobs in the Midlands

experience working in a Security Operations Centre (SOC) environment, preferably in a Level 2 role. understanding of cybersecurity principles, best practices, and technologies. with SIEM platforms, intrusion detection/prevention systems, and other security tools. in analysing and interpreting security event logs, network traffic, and other relevant data sources. analytical more »

Systems (OS) (MSWin, Linux, OSX, IOS) * Purple Teaming knowledge * Basic understanding of computer forensics * Use of Firewalls and IDS/IPS devices * Knowledge of SIEM technologies. * Networking, routing and switching * Cyber Security Review (CSR) Compliant * Cybersecurity Frameworks and Standards: Knowledge of frameworks such as NIST, ISO 27001,MITRE ATT&CK more »

Windows operating systems. • Knowledge of big data technologies and ecosystems (e.g., NiFi). • Knowledge of current market and emerging leaders in data analytical and SIEM platforms. • Working with frameworks and technologies that support data-intensive distributed applications. • Experience using packet capture solutions. • Skill in developing and deploying signatures. • Skill to more »

ICS/network architectures and technologies. * Working with frameworks and technologies that support data-intensive distributed applications. * Experience maintaining and administrating data analytical and SIEM platforms. * Experience using host and network-based IDS/IPS * Experience using packet capture solutions. * Skill in developing and deploying signatures. * Skill to apply cybersecurity more »

own the incidents from start to finish, which includes investigation, correlation, triage, response, mitigation, ticketing, documentation, postmortem analyses and forensic analysisMonitor our alert channels, SIEM/SOAR notifications and EDR/IDS/IPS solutions for incidents, threat hunt for malicious activity, triage as needed on a 24x7 basis and … well mature monitoring and response capabilities.WHAT YOU WILL NEEDExperience working in cybersecurity operations and incident response, to include utilizing Security Information and Event Management (SIEM) platforms, Intrusion Detection/Prevention Systems (IDS/IPS), and Vulnerability Management and Threat Intelligence applications3+ of the following certifications: CEH, CISM, GIAC, GCIH, GCIA … CompTIA Net+, CompTIA A+, CompTIA Security+, CASP CE, SEC+, Splunk Core, OSCP, etc.Proficient operator of security tools such as end point protection/EDR, SIEM, IPS/IDS, HIDS/NIDS, Networking, firewalls, WAFs, Edge/endpoint security, DNS security, layered security, defense in depth practices, vulnerability scanning, malware analysis more »

you needHigh degree of (hands-on) technical guidance & vision with broad subject matter expertise in cloud, data and security technologies, specifically AWS, Azure, and SIEM platforms (Splunk ES and Sentinel)Extensive experience and expertise across the Splunk platform, its architecture and distributed components including premium apps (ITSI, Enterprise Security, Phantom more »

maintenance manuals. Installation of (as dictated by customer requirements): Windows in bare-metal and (primarily VMware) virtual environments. Various (integrated control system) COTS products. SIEM solutions. Configuration of Windows and COTS products to meet user requirements and customer/industry standards. Perform vulnerability scanning and address any resultant issues. Troubleshoot more »

payments will be made). Your main duties will include: Technical ownership of the Security Operations Centre (SOC) tooling, most notably the AlienVault & Sentinel SIEM platforms but including other supporting tooling as required, such as components of the Microsoft Defender XDR suite. Responsible for the implementation of the SIEM platform … in customer environments. Ranging from the initial ingestion and tuning of data feeds (from both a SIEM, log collector and source device perspective), and heightened support of the implementation. Ensure the progression of the engineering maintenance plan by assuring that all in scope solutions are reviewed by the engineering team … with agreed quality SLAs and KPIs and industry best practice. Required to work closely with the SOC post-implementation, to support and maintain the SIEM platform on behalf of the SOC, contributing to the ongoing development and maintenance of use cases and rulesets as required. Provide chargeable technical Cyber thought more »

experienced individual will know what the role entails, but some key points to be considered: - Demonstrable experience of managing security solutions (secure Code Scanning, SIEM, IPS, IDS, Vulnerability Scanning, Penetration Testing,) directly, or through an MSSP, in a cloud-based environment. - Knowledge of security compliance standards relevant to the SaaS … such as PCI, GDPR, ISO 27001, SOC2, NIST - Skills in leveraging application monitoring tools- AWS monitoring/alert tools (CloudTrail, GuardDuty), Qualys tools and SIEM experience, to detect and respond to security events/incidents. - Industry certifications such as CISSP, CISM, CEH, ECSA, LPT, OSCP, AWS certified security, or equivalent more »

engineering team. Knowledge: * Knowledge of big data technologies and ecosystems (e.g., NiFi). * Knowledge of current market and emerging leaders in data analytical and SIEM platforms. * Knowledge of network security implementations (e.g., host-based IDS, IPS), including their function and placement in a network. * Knowledge of intrusion detection systems and … ICS/network architectures and technologies. * Working with frameworks and technologies that support data-intensive distributed applications. * Experience maintaining and administrating data analytical and SIEM platforms. * Experience using host and network-based IDS/IPS * Experience using packet capture solutions. * Skill in developing and deploying signatures. * Skill to apply cybersecurity … Cyber Foundation Pathway, SANS SEC 301 Intro to Information Security, SANS 401 Security Essentials Bootcamp. * Certified engineer in a market leading data analysis/SIEM platform. * SANS SEC501 Advanced Security Essentials Enterprise Defender. * SANS SEC 511 Continuous Monitoring & Security Operations. * SANS SEC555: SIEM with Tactical Analytics Available locations: -Hereford -Northallerton more »

from both a practical and management perspective. The role involves setting up, fine-tuning, and gathering intelligence from a Security Information and Event Management (SIEM) system. The Engineer will be responsible for reviewing infrastructure plans, adding recommendations, and procuring penetration tests from third-party services. They will ensure that all … adheres to the GDPR requirements. They will also develop and deliver annual IT security training and ensure compliancewith our Phishing Simulations Responsibilities: Develop and manage the SIEM, ensuring the effective capture and analysis of security data. Review infrastructure plans to identify potential security weaknesses and recommend enhancements. Coordinate with third … Assist other departments in developing policies and procedures to comply with GDPR, working with the DPO outsourcing company. Skills and Qualifications: Proven experience with SIEM tools and incident response Strong understanding of network infrastructure and security protocols Experience with GDPR, data security and other compliance regulations Experience with GDPR, data more »

About The RoleHippo Digital is recruiting a Principal SIEM Engineer to join our Hippo Herd. SIEM Engineers work in multi-disciplinary teams who build, support & maintain enterprise scale data platforms and solutions helping clients to drive transformation through improved data access and visibility.As a Principal SIEM Engineer, you will have … in a nutshell:Splunk Core Certified accredited SME acting as both consultant and engineer on large scale Splunk Enterprise Security projectsCreating/tuning of SIEM detection rules to satisfy client requirementsProviding technical consultancy for Hippo clients predominantly in the cyber security spaceWorking in hybrid teams across multiple clientsLeading and providing more »