1 to 25 of 34 SIEM Jobs in the North of England

Analyst * Detection & Response Lead * Cyber Security Team Lead You'll ideally bring experience across some of the following: * Security Operations and Incident Response * SIEM, EDR/XDR and security monitoring tools * Vulnerability Management * Threat Detection and Threat Hunting * Cloud Security (Azure, AWS or GCP) * Security Frameworks such ...

incidents alongside the Head of Cyber Work with the existing MSSP across incident response and proactive monitoring and detection Maintain and optimise Microsoft Sentinel SIEM, XDR/MDR/EDR solutions, and supporting tools. Track deployment and health of all security products across the business. Stay ahead of emerging threats ...

scenarios and leading in-depth CTI investigations. Act as the escalation tier for cyber threat intelligence tasks within Cyber Security tooling including EDR and SIEM tooling. Interrogate threat intelligence and internal security tooling to identify items of interest and potential cyber threats. Proactive research and assessment of Tactics. Techniques and ...

audits, risk assessments and maturity reviews. Engineer and embed technical controls supporting NIST CSF and ISO/IEC 27001 objectives. Support security tooling integration (SIEM log sources, EDR/XDR dependencies, vulnerability tooling). Enable and validate security telemetry coverage audit policy configuration, log forwarding/collection, event quality (normalisation ...

from colleagues and service delivery teams Support and coordinate patch management activities, validating effectiveness through vulnerability scanning Oversee and operate key security technologies, including SIEM, email and web gateways, and endpoint protection tools Monitor external threat intelligence sources and assess relevance to the organisation Produce and report on security metrics … operational performance Technical expertise Good understanding of information security principles, risk management and the threat landscape Experience of operating and monitoring security tooling, including SIEM, endpoint protection, and email/web security solutions Ability to proactively conduct threat hunting activities and develop or enhance detection analytics to improve identification ...

Databricks ITSM : ServiceNow EUC : Intune, SCCM Applications : CRM, ERP, HCM, Finance Infrastructure : servers (cloud/on prem), networking, storage, backup Cloud : Azure Cyber Security : SIEM, XDR, IPS/IDS, NIST, ISO27001 ...

time effectively Excellent interpersonal skills and professional demeanour Excellent verbal and written communication skills Proficient in Microsoft Office Applications Proficient in the use of SIEM (Security Incident and Event Management) technology, in terms of handling alerts, analysis of the data within the alert and rationale on whether escalation or closure ...

tracking remediation, validating fixes, and assisting with reporting. * Develop and maintain playbooks, runbooks, and procedural documentation. Required Skills: * Microsoft Defender XDR * Microsoft Sentinel (SIEM/SOAR) * Privacy Management Solutions (e.g. Purview, OneTrust) * Understanding of key cybersecurity and privacy concepts, such as Threat detection and analysis, Incident response lifecycle, Vulnerability and ...

security-related role Experience following change management and similar ITIL best practice Strong knowledge of security technologies (NGFW, WAF, EDR, SIEM etc.) Security certification, e.g. CompTIA Security+, GIAC GISF/GSEC Progression: Professional qualification financial support with up to 6 days paid study leave for professional qualifications Training and personal ...

crisis management structures and frameworks. Technical Understanding (Desirable): Solid grounding in cyber security concepts and threats. Experience with Endpoint Detection & Response (e.g., CrowdStrike), SIEM platforms (e.g., Microsoft Sentinel), and ServiceNow (Security Operations). Ability to engage with technical teams and interpret technical data. To apply for this Senior Cyber Incident ...

bridges/war rooms and strong decision-making skills in high-pressure situations. Technical Understanding (Desirable) : Knowledge of cyber security concepts, Endpoint Detection & Response, SIEM platforms, and ServiceNow. To apply for the Cyber Governance Risk and Compliance Manager position, please submit your CV and a member of the Reed Professional ...

enterprise clients Create high-level and low-level architecture designs and technical specifications Work with cloud platforms, directories, HR systems, and security tools (SIEM, MFA) Define operating models, roadmaps, and maturity assessments (Senior and above) Develop client proposals, commercial offers, and executive presentations (Senior Manager and above) Build and maintain ...

closely with infrastructure, cloud, and SOC teams to detect, prevent, and respond to security threats. Key Responsibilities Monitor and respond to security alerts across SIEM and EDR platforms Manage and tune security tools including firewalls, WAFs, and endpoint protection Investigate and support response to security incidents Perform vulnerability assessments and … policies, standards, and procedures Assist with threat detection engineering and rule tuning Required Skills & Experience Strong understanding of core security technologies (NGFW, WAF, EDR, SIEM) Experience in a SOC, security engineering, or infrastructure security role Good knowledge of networking and common attack types (e.g. SQL injection, phishing, malware) Experience with ...

likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible for un-caveated UK SC Clearance. … Responsibilities Develop, maintain, and optimise detection content (primarily within Splunk SIEM) to identify threats across cloud, endpoint, and network environments. Collaborate across security functions to identify gaps in logging, alerting, and detection coverage aligned to business risk. Improve SecOps processes by recommending enhanced logging, identifying trends, and driving operational optimisation. ...

likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible for un-caveated UK SC Clearance. … Responsibilities Develop, maintain, and optimise detection content (primarily within Splunk SIEM) to identify threats across cloud, endpoint, and network environments. Collaborate across security functions to identify gaps in logging, alerting, and detection coverage aligned to business risk. Improve SecOps processes by recommending enhanced logging, identifying trends, and driving operational optimisation. ...

understanding of Information Security solutions e.g. email/web gateways, Privileged Account Management (PAM), Identity Governance and Administration (IGA), Security Information and Event Management (SIEM), Endpoint protection etc. Knowledge/experience working with firewalls is highly advantageous Experience of Cloud security solutions and standards is highly advantageous Competence, knowledge and ...

profession standards with HR/L&D.Timely access to SL stakeholders, systems, repositories, and tooling (e.g., policy library, LMS, phishing platform, service management/SIEM, PMO data). Availability of policy owners and project managers for reviews and attestations. SL will provide required clearances, facilities, and collaboration tools. Core experience ...

within 18 months following your successful probationary period. Key Responsibilities Incident Triage & Investigation – You review and prioritise new alerts from security monitoring tools (e.g., SIEM, endpoint solutions), performing basic checks to distinguish genuine threats from false positives. You rely on established playbooks and make initial validation decisions while escalating more ...

closely with infrastructure, cloud, and SOC teams to detect, prevent, and respond to security threats. Key Responsibilities Monitor and respond to security alerts across SIEM and EDR platforms Manage and tune security tools including firewalls, WAFs, and endpoint protection Investigate and support response to security incidents Perform vulnerability assessments and … policies, standards, and procedures Assist with threat detection engineering and rule tuning Required Skills & Experience Strong understanding of core security technologies (NGFW, WAF, EDR, SIEM) Experience in a SOC, security engineering, or infrastructure security role Good knowledge of networking and common attack types (e.g. SQL injection, phishing, malware) Experience with ...

Engineer, Infrastructure Security Engineer, Network Security Engineer, Platform Security Engineer, Cyber Security Engineer or DevSecOps Engineer with strong enterprise firewalling, secure infrastructure, Elastic/SIEM, public cloud security and hands-on security engineering experience. This is a senior, hands-on role working across firewalling, on-premise and cloud security, secure … Working with VMware NSX/vDefend security controls, including distributed firewall policies and micro-segmentation Working with Elastic Stack/Elastic Security for logging, SIEM, monitoring, threat detection and dashboards Supporting AWS/public cloud security across secure and regulated environments Hardening Windows Server environments, Active Directory, Group Policy and ...

will apply hands-on engineering expertise to design, build, and optimise automation workflows that improve the scalability and efficiency of SOC services. Working across SIEM, endpoint, and orchestration platforms (primarily Palo Alto XSOAR), you will reduce analyst workload, accelerate incident response, and enhance decision-making across customer environments. Key Responsibilities … Sales Support – Assist with demos, scoping, and proof-of-value activities where required. Core Duties Automation Design & Development Build and maintain workflows across SIEM, EDR, and SOAR platforms Develop reusable scripts, templates, and components Ensure solutions support secure, multi-tenant environments Integration & Response Automation Orchestrate containment, enrichment, and remediation actions ...

resilience, DLP measures and regulatory compliance. Role Principal Duties: Proactively monitor network and system activity to detect potential security threats, using tools such as SIEM and endpoint protection platforms Assist in the investigation and resolution of low-level security incidents, escalating more complex issues to senior staff Maintain detailed logs … handled in accordance with incident response procedures Security Tools & Infrastructure: Support the deployment, configuration, and maintenance of core security tools, including antivirus software, firewalls, SIEM systems, Microsoft security services and endpoint protection Ensure DLP policies are effectively integrated into security infrastructure, including email filtering and endpoint protection systems, to prevent ...

with BAE Systems in Preston on helping them source a Systems Administrator that has a couple of years' experience working with Linux (RHEL) and SIEM technologies. About the Role This role focuses on the day-to-day administration, monitoring, and support of Red Hat Linux servers within an enterprise environment ...

full incident response lifecycle (detection through to recovery and post-incident review) Overseeing threat detection, vulnerability management, and cyber defence capabilities Driving improvements across SIEM, SOAR, EDR/XDR, and security tooling Ensuring robust monitoring, alerting, and response across cloud, network, and endpoint environments Partnering with Infrastructure, Cloud, and Risk … performance, risks, and KPIs to senior stakeholders What We're Looking For Proven experience leading a Security Operations or SOC function Strong understanding of SIEM, SOAR, EDR/XDR, IDS/IPS, and security tooling Experience managing incident response and threat management in complex environments Strong knowledge of frameworks such ...

latest security and cloud technology developments, including researching and evaluating emerging cyber threats affecting cloud services and platforms. Use advanced analytic tools, including SIEM and cloud security platforms, to identify emerging threat patterns, suspicious activity and vulnerabilities across cloud environments. Apply experience and knowledge to support the investigation and triage … posts early. Don't miss out! Person Specification Knowledge Essential Working knowledge of concept, procedures and processes of Security Information and Event Management (SIEM); ability to utilise related applications to protect organisational networks from cyber risks. Proven knowledge of tools, techniques and processes of intrusion detection and prevention; ability ...