1 to 25 of 69 SIEM Jobs in the North of England

Security: Skilled in implementing information protection tools, key and secrets management, data loss prevention, and protective marking and classification capabilities. Cyber Security Operations: Proficient in incident response, vulnerability management, SIEM, SOAR, threat modeling, threat hunting, intelligence, data analytics, and anti-phishing methodologies. Infrastructure and Endpoint Security: Experience with endpoint security control technologies (EDR, EPP, UEBA, baseline configurations) including the Microsoft More ❯

working within a SOC (Security Operations Centre) or in a cyber security focused role - Ideally 1- 2 years working as an engineer. Knowledge of security tools and technologies (e.g., SIEM, IDS/IPS, EDR/XDR, Email protection, DLP, SOAR, Cloud Security etc.) Knowledge of Cyber Security domains (e.g., Identity and access Management, Network Security, Incident Response etc) Desirable skills More ❯

network perimeter security, including firewalls, WAF, anti-virus, and O365 compliance & security centre. Familiarity with NIST (CSF Framework 2.0), ISO 27001, PCI-DSS, and GDPR. Experience operating and managing SIEM solutions, vulnerability management tools, and secure configuration tooling. Ability to use PowerShell and Python scripting for security automation. Experience working in or with agile and/or SecOps oriented teams. More ❯

security, including firewalls, WAF, anti-virus, and O365 compliance & security centre . Familiarity with NIST (CSF Framework 2.0), ISO 27001, PCI-DSS, and GDPR . Experience operating and managing SIEM solutions , vulnerability management tools, and secure configuration tooling. Ability to use PowerShell and Python scripting for security automation. Experience working in or with agile and/or SecOps oriented teams More ❯

and network security. Threat Monitoring & Incident Response Monitor cloud environments for security threats, vulnerabilities, and misconfigurations . Lead incident response efforts related to cloud security breaches and misconfigurations. Implement SIEM and security monitoring tools for real-time threat detection. Cloud Security Assessments & Compliance Conduct cloud security assessments, penetration testing, and risk analysis . Ensure compliance with ISO 27001, NIST, CIS More ❯

Operations Centre (SOC) staffed by dedicated professionals. We're seeking a skilled Cyber Security Engineer to join our clients eam. The ideal candidate will have expertise in Azure Sentinel SIEM, Microsoft Defender, and KQL scripting. This role demands a proactive individual who can monitor and protect our organization's digital assets while staying updated on the latest security threats and … trends. If you are interested in this opportunity, apply today! Responsibilities: Implement and manage Azure Sentinel SIEM for threat detection, incident response, and security monitoring. Configure and maintain Microsoft Defender for endpoint protection and threat detection. Develop and maintain KQL scripts for querying and analysing data within Azure Sentinel. Collaborate with cross-functional teams to identify security vulnerabilities and develop … Requirements: Bachelor's degree in Computer Science, Information Technology, or related field. Proven experience working as a Cyber Security Engineer or similar role. In-depth knowledge of Azure Sentinel SIEM, Microsoft Defender, and KQL scripting. One of the following certifications: AZ-500 (Microsoft Azure Security Technologies) or SC-200 (Microsoft Security Operations Analyst). Strong analytical and problem-solving skills. More ❯

posture by managing security configurations across Microsoft Azure environments. 3. Security Automation & Incident Response Automate security workflows with Power Automate, Power Apps, and Microsoft Defender XDR. Deploy Microsoft Sentinel (SIEM) for threat detection, log analysis, and incident response. Establish incident response playbooks and conduct forensic investigations when needed. 4. Compliance & Risk Management Ensure adherence to ISO 27001, NIST, GDPR, and … Cloud Security, or IT Infrastructure Security. Skills Deep expertise in Microsoft 365 Security, Entra ID (Azure AD), Microsoft Intune, and Microsoft Defender Suite. Strong knowledge of IAM, MFA, PAM, SIEM (Microsoft Sentinel), and security automation. Experience securing Microsoft Azure environments (Azure Security Center, Azure Policy, Conditional Access). Familiarity with hybrid and multi-cloud security best practices. Languages Strong written More ❯

for this role: 3+ years' experience in a senior cyber security role Strong knowledge of security frameworks (NIST, NCSC, CIS, MITRE ATT&CK) Hands-on experience with security tools: SIEM, IDS/IPS, firewalls, endpoint protection Expertise in Azure security and securing cloud platforms A solid understanding of vulnerabilities, penetration testing, and compliance Experience with network security, encryption, TLS, SSL More ❯

Collaborate with third-party suppliers and internal teams. Provide expert advice on security technologies and processes. Requirements : Proven team leadership experience.Strong knowledge of security technologies (firewalls, IDS/IPS, SIEM).Relevant qualifications (CISSP, CISM, etc.). Apply now to make a significant impact on NHS BSA's cyber security strategy! What do we offer ?o 27 days leave (increasing with … monitoring activities, ensuring compliance with Information Security Standards ISO27001, NHS DSPT, NCSC CAF 4.Experience of managing security technologies including; firewalls, anti-malware, IDS/IPS, web filtering, email filtering, SIEM, patch management, MDM, DLP 5.Designing and recommending appropriate controls to enable the achievement of Cyber security and wider business goals. Desirable 1.Evaluation of threat intelligence data from multiple sources to More ❯

or security operations role, with hands-on experience in security monitoring, incident response, and threat detection. Strong understanding of network security principles, protocols, and technologies (firewalls, IDS/IPS, SIEM, etc.). Experience with security tools such as SIEM/SOAR platforms, endpoint detection and response (EDR) solutions, vulnerability management, detection and response/remediation (VMDR) solutions and threat intelligence More ❯

firewalls, IDS/IPS, authentication systems, log management, content filtering, Mobile Device Management and technologies based on IT/Cyber Security best practices; Experience in configuring, operating and maintaining SIEM solutions and log management; Experience in networking, troubleshooting, and analysis tools; Experience in vulnerability assessments, penetration testing and patch management; Identifying, assessing, reporting and mitigating technical security related risks within … or commensurate experience; Secure configuration and support of outsourced services and Cloud service provision including eg: PaaS, SaaS, IaaS; Strong experience of the systems and associated operations relating to SIEM, IDS/IPS, Vulnerability Scanning/Penetration Testing, Mobile Device Management; Working knowledge of network security, authentication mechanisms, wireless, encryption technologies, and networking protocols including HTTP(S), DNS, SMTP, TCP More ❯

availability of systems and data Experience deploying security tools in local and cloud environments Respond to security requests and events Vulnerability management Utilising security tools to enhance organisational security (SIEM, EDR, Vulnerability management tools) Following agreed protocols of incident response Incident response, investigation and recovery Utilising Crowdstrike, Qualys, Zscaler, Appcheck and ActiveDirectory Leveraging support from wider tech areas such as More ❯

society by helping businesses stay resilient through proactive security solutions and trusted partnerships. Responsibilities: As a Security Operations & Threat Intelligence Analyst, you will monitor and investigate security alerts using SIEM tools, conduct threat hunting, and analyze suspicious activity. You ll gather and report threat intelligence, update detection rules and response playbooks, and collaborate across teams to improve security. You ll … required: • 3+ years of experience in Security Operations, Threat Intelligence, or Incident Response roles • Proficient in analyzing logs, network traffic, malware behavior, and attack vectors • Hands-on experience with SIEM tools (e.g., Splunk, QRadar, Sentinel) and EDR solutions • Familiar with threat intelligence platforms (e.g., MISP, Recorded Future, ThreatConnect) • Scripting experience in Python, Bash, or similar for automation and analysis • Must More ❯

keep this simple. A FTSE that doesn’t cut corners - is hiring a Cyber Security Operations Engineer . If you're the kind of person who spots anomalies before SIEM alerts even pop, talks in MITRE ATT&CK when stressed, and dreams in hex - we want to hear from you. You’ll report to the Cyber Security Operations Manager and … It's for professionals who understand that cyber threats don't respect business hours. What You'll Actually Be Doing (Because Job Titles Mean Nothing Without Context): Monitoring our SIEM platform like a hawk with insomnia Responding to EDR alerts and sifting through digital noise to find the signal Triage, incident response, risk analysis - the full SOC works Digging into More ❯

encryption technologies. Adhere to enterprise governance & review processes to deliver project goals & deliverables. Follow enterprise ITSM & CMDB processes Monitor and analyze security alerts using Security Information and Event Management (SIEM) tools, and respond to security incidents in a timely and effective manner. Collaborate with cross-functional teams to develop and enforce identity and access management (IAM) policies and network access … principles. Zscaler Private Access & Internet Access Proficiency in configuring, managing, and troubleshooting firewalls. Cisco, Palo Alto etc,. Experience with intrusion detection/prevention systems, as well as with SIEM tools and security incident response. Excellent problem-solving skills, analytical thinking, and the ability to communicate effectively with diverse stakeholders. CERTIFICATIONS: (any of below) Cisco Certified Network Professional/Expert More ❯

technical challenges with risk management and compliance responsibilities. Role Highlights Monitor, detect, and respond to security incidents and vulnerabilities Own and manage key elements of the security stack, including SIEM and DLP tools Lead audits, penetration testing, and remediation actions to uphold ISO27001 & SOC2 compliance Collaborate with product teams to embed security into the development lifecycle Produce detailed KPI-driven … security reports and dashboards for internal stakeholders Experience needed: 1+ year in a SOC or similar cybersecurity role Hands-on experience with SIEM, IDS/IPS, and vulnerability scanning tools Knowledge of AWS, Linux, Windows, IAM (e.g. Okta), and firewalls Understanding of ISO27001, SOC2, GDPR, and third-party risk management Strong communication skills and the ability to influence across teams More ❯

configuration. The candidate: Practical experience working within a SOC (Security Operations Centre) or in a cyber security focused role – Ideally 2 Years Knowledge of security tools and technologies (e.g., SIEM, IDS/IPS, EDR/XDR, Email protection, DLP, SOAR, Cloud Security etc.) Knowledge of Cyber Security domains (e.g., Identity and access Management, Network Security, Incident Response etc) Understanding of More ❯

improve operational performance. Maintain a continuous understanding of the threat landscape with in-depth knowledge around threat actors, TTPs, and vulnerabilities. Skills/Must have: Demonstrable experience working with SIEM technology, preferably within a CSOC/SOC environment. Demonstrable technical knowledge, skills, and/or experience in intrusion analysis, and network and security investigation using a variety of security tools More ❯

on new technologies at the same time gaining vendor direct training and certification then please read the below role. The role is to act as a Security Analyst using SIEM products/tools and is an ideal position for someone wanting to step into a consultancy position and gain valuable security qualifications. The Security Analyst acts as a security event … analyst, analysing, investigating and responding to security events, alarms and escalations through monitoring the SIEM system, and carrying out remedial activities. Monitor SIEM tool for security alerts, carrying out investigations and proposing remedial actions Tuning of SIEM security rulesets Perform vulnerability scans and use compliance tools to identify vulnerabilities in system configuration Actively monitor security tools including anti-malware, mail … issues Maintain qualifications in relevant vendor accreditations Skills/Experience Required: Minimum of 2 years in a similar role ideally someone working in a SOC who wants to progress SIEM administration and configuration experience Strong security management and analytics background Experience of security tool configuration e.g. IDS/IPS, firewalls Excellent communication skills both written and verbal Desirable Knowledge/ More ❯

to cross-train on new technologies while gaining vendor direct training and certification, then please read the below role. The role is to act as a Security Analyst using SIEM products/tools and is ideal for someone wanting to step into a consultancy position and gain valuable security qualifications. The Security Analyst acts as a security event analyst, analyzing … investigating, and responding to security events, alarms, and escalations through monitoring the SIEM system, and carrying out remedial activities. Responsibilities: Monitor SIEM tool for security alerts, carrying out investigations and proposing remedial actions. Tuning of SIEM security rulesets. Perform vulnerability scans and use compliance tools to identify vulnerabilities in system configuration. Actively monitor security tools including anti-malware, mail filter … issues. Maintain qualifications in relevant vendor accreditations. Skills/Experience Required: Minimum of 2 years in a similar role, ideally someone working in a SOC who wants to progress. SIEM administration and configuration experience. Strong security management and analytics background. Experience of security tool configuration e.g., IDS/IPS, firewalls. Excellent communication skills both written and verbal. Desirable Knowledge/ More ❯

strategy Aligning the organisation to standards such as ISO27001 and Cyber Essentials + Using cyber tools to complete strategic threat analysis Using the findings from threat analysis to guide SIEM and EDR tunings Incident management Mentorship of small team Fostering cyber security awareness across the organisation Using your knowledge of IT networking to enhance network security What we're looking … for: Security leadership experience A hybrid of technical cyber security and GRC-led information security understanding IT operations and networking knowledge Practical experience utilising and tuning common cyber tooling (SIEM, EDR, IPS/IDS) Excellent communication skills What's in it for you A salary of up to £75,000, candidates with higher or lower expectations will be considered in More ❯

vulnerabilities, responding to incidents, and collaborating with other teams to ensure a secure environment. To be successful as a Security Engineer, you should have the following skills/experience: SIEM experience - Azure Sentinel or Splunk (proficiency in writing KQL and SPL; log sources, ingestion patterns, and correlation rules). DevOps knowledge (Git/BitBucket/GitLab). Security Fundamentals (threat More ❯

technical issues. Good documentation skills and an ability to work with non-technical stakeholders to explain security concepts. Knowledge of endpoint management tools (e.g., Intune, SimpleMDM). Experience with SIEM tools and log analysis. Ability to work independently and manage multiple priorities in a dynamic environment. Standout candidates will also Have adaptability and flexibility Have a probing and analytical approach More ❯

technical issues. Good documentation skills and an ability to work with non-technical stakeholders to explain security concepts. Knowledge of endpoint management tools (e.g., Intune, SimpleMDM). Experience with SIEM tools and log analysis. Ability to work independently and manage multiple priorities in a dynamic environment. Standout candidates will also... Have adaptability and flexibility. Have a probing and analytical approach More ❯

to protect against them. Experience responding to incidents across corporate and customer-facing web applications, identifying potential threats and mitigating/escalating as required would be beneficial. Experience with SIEM Platforms (ideally Splunk), including working with logs and creating correlation searches and dashboards is a plus. Experience of working within PCI DSS, or other compliance frameworks. Software and Technology SIEM More ❯