1 to 25 of 28 SIEM Jobs in the Midlands

emerging tech. The following would also be of interest: Certifications in automation/cloud (Azure Solutions Architect, Terraform, GIAC), vulnerability management (Qualys, ISO 27001, NIST). Experience with SOAR, SIEM, XDR, and cloud-native security (especially Azure). Pre-sales or solution architecture exposure. What can we offer you? Through our one of a kind training programme, the Littlefish Academy More ❯

investigations into security incidents and breaches. Perform root cause analysis and provide actionable recommendations. Conduct static and dynamic malware analysis; reverse engineer to identify IOCs. Monitor, tune, and optimise SIEM tools - particularly IBM QRadar , Splunk, and Microsoft Sentinel. Develop and refine SOC use cases, runbooks, and playbooks. Integrate emerging threat intelligence into monitoring and detection workflows. Liaise with clients, Service More ❯

Qualys or similar platforms). Understanding of Email Security platforms (e.g., Darktrace) and Security Awareness & Training platforms. Knowledge of security frameworks (ISO 27001, NIST, GDPR, etc.). Familiarity with SIEM, security system administration, and incident response. Understanding of SOC operations and monitoring. No formal qualifications required, although a security or IT-related certification (e.g., CompTIA Security+, CISSP, CISM) are desirable. More ❯

Automated security monitoring Lead third-party risk management & vendor security programmes Experience of DevSecOps practises and SDLC Design/Implement security frameworks - ISO 27001, NIST Hands-on experience of SIEM, DLP, IAM, Endpoint Technology The permanent opportunity for a Information Security Manager, will pay a salary up to £85,000 with bonus, based out of the central Birmingham offices - one More ❯

Years Must Have/Mandatory Skills Palo Alto Networks – Firewalls (MUST) Network Security Architecture IAM, MFA, AAA, RBAC, Privilege Access Cloud Security (OCI/Azure/AWS) SIEM/Vulnerability Management/PKI/Cryptography LAN/WAN/DMZ/Routing/Switching/Subnetting Key Responsibilities Design/Architect network security infra solutions like Firewalls, IDPS, Proxy, Load More ❯

prem infrastructure on virtualized platform , networking, and storage. * Ability to produce HLDs and LLDs with clarity and precision. * Excellent communication and stakeholder engagement skills. * Involved with integrating SentinelOne with SIEM/SOAR platforms (e.g., Splunk) and deployment to Windows and RHEL endpoints. Preferred Qualifications: * SentinelOne certifications (e.g., SentinelOne Certified Architect or equivalent). * Scripting knowledge (e.g., PowerShell, Python) for automation More ❯

required skills) your application to our client in conjunction with this vacancy only. KEY SKILLS Cyber Security, Vulnerability Management, Penetration Testing, Risk Assessment, Compliance, PCI DSS, Security Tooling, Governance, SIEM, Endpoint Security, Security Investigations More ❯

and availability. Support change and release management. Oversee the transition of new security projects into SOC operations. Required Skills & Experience Active DV Strong experience with SOC tools (IDPS, Firewalls, SIEM/Splunk, Email & Web protection). Hands-on experience with Cisco ASR, Palo Alto, and Fortinet firewalls. Windows & RedHat server experience, including CIS hardening. If you're ready to take More ❯

and alerts associated with cyber threats, intrusions, and compromises alongside a team of global security analysts following documented SLOs and processes. Analyze events using security tooling and logging (e.g., SIEM, EDR) and assess potential risk/severity level of cyber threats; escalate higher-risk events to dedicated incident response and management teams in the CFC according to established processes. Collaborate … Cloud Infrastructure (AWS, Azure, GCP), and Security Technologies (Anti-Virus, Intrusion Prevention, Web Application Firewalls) Interest in developing knowledge across common Incident Response and Security Monitoring applications such as SIEM (e.g., Qradar, Splunk), EDR (e.g., FireEye HX, CrowdStrike Falcon, Microsoft Defender), and SOAR (Palo Alto XSOAR, Google Secops/Chronicle) Desire to build technical skills and hands-on knowledge in … and reverse engineering In-depth knowledge of network and host security technologies and products (such as firewalls, network IDS, scanners) and improve these skills Security monitoring technologies, such as SIEM, IPS/IDS, UEBA, DLP, among others Scripting and automation Additional Information Benefits package includes: Flexible work environment, working hybrid or in the office if you prefer. Great compensation package More ❯

components to ensure visibility and completeness of data collection. Linux Proficiency: Administer and troubleshoot Linux-based systems, with command-line fluency and scripting ability (e.g. Bash, Python) to support SIEM operations, log parsing, and agent deployment. Detection Engineering & Threat Rules: Develop and tune custom detection rules using ESQL, EQL, and Lucene syntax to identify malicious activity. Use MITRE ATT&CK … assist SOC analysts in conducting triage and escalation. SOC Maturity & Policy Development: Contribute to the development of SOC processes and policies, including detection logic lifecycle, alert tuning procedures, and SIEM configuration governance. Play a key role in maturing the operational use of SIEM tooling and automation within the SOC environment. Defence Writing & JSP Familiarity: Prepare formal documentation in line with … Infrastructure environments. Familiarity with security frameworks such as MITRE ATT&CK, NIST CSF, or ISO 27001 including how to map TTP's to Rule coverage. Experience with SOAR or SIEM enrichment tools (e.g., TheHive, MISP, Cortex). Knowledge of additional log forwarding/processing tools (e.g. Elastic Agent, Fluentd). Exposure to vulnerability management and threat intelligence platforms such as More ❯

cybersecurity matters, advising senior leadership and collaborating across departments. What We're Looking For Security leadership experience in a complex organisation, ideally with team management responsibilities. Technical security background: SIEM, EDR and vulnerability management tools Strong background in vulnerability and risk management, including scanning, assessing, and mitigating risks. Hands-on experience securing Microsoft environments, covering cloud infrastructure, Active Directory/ More ❯

to drive through change Excellent team working skills including the ability to work effectively within a geographically disparate team Advantageous: Experience with containerization technology and orchestration platforms e.g. Kubernetes SIEM Experience with Elastic Stack (ELK) Knowledge of ArgoCD, Terraform Knowledge CI/CD tools Ansible, Circle CI, Jenkins, Parker, Terraform Knowledge of Offensive testing frameworks Message processing using Kafka, Rabbit More ❯

to the team's success. Key Requirements: Vendor certification of the following would be beneficial: VMware, MS Windows System Support, Cisco knowledge - LAN/WAN, Juniper, IP Trade. McAfee SIEM Security - Security Information Events Management knowledge IT/ICT further education What we offer: A career at Telent can span many sectors, roles, technologies and clients giving you the opportunity More ❯

to the team's success. Key Requirements: Vendor certification of the following would be beneficial: VMware, MS Windows System Support, Cisco knowledge LAN/WAN, Juniper, IP Trade. McAfee SIEM Security - Security Information Events Management knowledge IT/ICT further education What we offer: A career at Telent can span many sectors, roles, technologies and clients giving you the opportunity More ❯

to the team's success. Key Requirements: Vendor certification of the following would be beneficial: VMware, MS Windows System Support, Cisco knowledge LAN/WAN, Juniper, IP Trade. McAfee SIEM Security - Security Information Events Management knowledge IT/ICT further education What we offer: A career at Telent can span many sectors, roles, technologies and clients giving you the opportunity More ❯

solutions Contributing to and maintaining CI/CD pipelines Driving ISO 27000 implementation and supporting ongoing compliance initiatives Introducing and managing cybersecurity tools such as vulnerability scanners, endpoint protection, SIEM, and cloud security monitoring solutions Requirements: Extensive experience in a DevOps team lead role using AWS, (IAM, S3, EKS). Experience with IaC such as Terraform.. Cloud formation/CDK More ❯

Collaborate with the Product Manager to establish governance frameworks. Essential Skills & Experience: Proven experience in product ownership or agile delivery roles. Strong stakeholder management and communication skills. Experience with SIEM tools, ideally Microsoft Sentinel. Understanding of InfoSec principles and digital product delivery. Carbon60, Lorien & SRG - The Impellam Group STEM Portfolio are acting as an Employment Business in relation to this More ❯

such as CISSP, CISM, or CompTIA Security+ are essential. What Sets You Apart: Experience with cloud security (AWS, Azure). Hands-on experience with Security Information and Event Management (SIEM) systems. Ability to guide and advise in incident response situations. Inspires and guides people with clarity and confidence, making smart decisions that bring everyone together toward shared goals. Why Breedon More ❯

include: Assisting in monitoring network traffic and security alerts to identify potential threats. Supporting investigations into security incidents, gathering evidence and documenting findings. Using Security Information and Event Management (SIEM) tools to detect and analyse suspicious activities. Collaborating with the cyber security team to respond to incidents and implement mitigation strategies. Helping maintain and update incident response documentation and procedures. More ❯

Please note this role does require the postholder to be based from our office in Derbyshire circa 3 days per week. Reporting to the IT Security Manager the postholder will monitor, analyse, and respond to security threats, ensuring the integrity More ❯

Role Assisting in monitoring network traffic and security alerts to identify potential threats. Supporting investigations into security incidents, gathering evidence and documenting findings. Using Security Information and Event Management (SIEM) tools to detect and analyse suspicious activities. Collaborating with the cyber security team to respond to incidents and implement mitigation strategies. Helping maintain and update incident response documentation and procedures. More ❯

Security (SIEM) Architect Location: Warwick, Hybrid IR Status: TBC Rate: £600 - £800 Length : 6-12 months, TBC Clearance: Must have active SC clearance. An exciting opportunity has emerged with an organisaiton supplying complex architectural, technical and delivery solutions across the UK Secure Government and Public Sectors. They are looking to bring in a specialist security archietct, with demonstrable experience of … having architected a SIEM capability ustiling the Elasticsearch toolset. There has been an initial scoping, you will come in and provide a full-scale holistic solution and will have the support of the architetural team that provided the initial scope. Architecture & Design Define and implement SIEM architecture using Elastic Stack (Elasticsearch, Logstash, Kibana, Beats). Design log ingestion pipelines, data … models, and correlation rules for security monitoring. Develop observability frameworks integrating logs, metrics, and traces. Implementation & Engineering Deploy and configure ElasticSearch clusters, Kibana dashboards, and Logstash pipelines. Integrate SIEM with cloud-native observability tools (AWS CloudWatch, Azure Monitor, GCP Operations Suite). Automate log collection and enrichment using Beats, OpenTelemetry, and scripting. Security Use Cases & Threat Detection Build and maintain More ❯

Management: Plan and execute major database upgrades and periodic patching to maintain system stability. Database Logging & Monitoring: Configure and manage database logs for integration into a SIEM (Security information and event management) solution for monitoring and security compliance. High Availability & Failover Management: Monitor, maintain and orchestrate manual failover and failback procedures to maintain uptime. Automation & Scripting: Develop scripts using SQL More ❯

is operational and hands-on, maintaining and enhancing existing tools and controls, monitoring vulnerabilities and ensuring systems are patched and secure. Responsibilities: * Managing and optimising security tools and platforms (SIEM, XDR, IDAM policies etc.) * Monitoring vulnerabilities, investigating incidents and implementing corrective actions * Supporting patching compliance and vulnerability remediation * Ensuring security best practices are applied across networks, applications and systems * Participating … network engineering * Some exposure to, or a growing focus on, cybersecurity and vulnerability management * Understanding of network devices, configurations and security principles * Familiarity with common tools and concepts (e.g. SIEM, DLP, endpoint protection, firewalls, Cisco Secure Connect, etc.) * Confidence to identify issues, suggest improvements and work collaboratively across teams * A genuine passion for cyber security * Certifications such as CISSP, SC More ❯

Consultant, Configure & ensure availability of required logs into Sentinel (such as EDR, Qualys, Firewalls etc), crowd strike and dark trace. Sentinel platform admin Execution of the use cases on SIEM, SOAR & Threat Intelligence. Well versed in Design & Architecture, Cribl (Newly added by client) Deploy down selected(Nozomi) OT Security/IDS platform in the lab infra. Handle OEM communication Test … Consultant, Configure & ensure availability of required logs into Sentinel (such as EDR, Qualys, Firewalls etc), crowd strike and dark trace. Sentinel platform admin Execution of the use cases on SIEM, SOAR & Threat Intelligence. Well versed in Design & Architecture, Cribl (Newly added by client) Deploy down selected(Nozomi) OT Security/IDS platform in the lab infra. Handle OEM communication Test More ❯