20 of 20 SIEM Jobs in Scotland

detection and DevSecOps practices, ensuring security is embedded within operational workflows and cloud-native architectures. What you will do: Operate and optimise core cyber security tools and platforms, including SIEM, XDR, EDR, DLP, IAM, PAM, ZTNA and vulnerability management solutions Lead or support the detection and response lifecycle, including triage of alerts, investigation of incidents, root cause analysis, and coordination More ❯

protocols, and cyber security principles Skilled in using vulnerability assessment and penetration testing tools (e.g. Nessus, Burp Suite) Familiarity with security frameworks (ISM, PSPF, ISO 27001) and tools like SIEM, IDS/IPS, and threat intelligence platforms Excellent problem-solving, communication, and collaboration skills, with strong attention to detail and a proactive mindset We welcome applications from candidates with entry More ❯

cause analysis and liaise with the customer and the Service Delivery Manager as well and ensuring the actions of the SOC Analysts follow best practice. Security Monitoring: & Investigation: Monitoring SIEM tools to assure high a level of security operations delivery function Oversee and enhance security monitoring systems to detect and analyse potential security incidents. Conduct real-time analysis of security … vulnerabilities, integrating threat intelligence into security monitoring processes. Contribute to the development of threat intelligence feeds to enhance proactive threat detection. Proactively hunt for threats within enterprise environments using SIEM and EDR solutions. Fine-tune SIEM detection rules, correlation alerts, and log sources to reduce false positives. Analyse threat intelligence feeds, map findings to MITRE ATT&CK framework, and provide … mechanisms. Conduct adversary simulation exercises to test and improve detection capabilities. Generate detailed reports on emerging threats, attack trends, and security posture improvements. Monitored and analysed security logs from SIEM platforms to identify suspicious activity. Security Tool Management: Manage and optimise SIEM tools, ensuring they are properly configured and updated to maximize effectiveness. Own the development and implementation of SOC More ❯

DevOps practices, and CI/CD pipelines. Familiarity with infrastructure monitoring, logging, and alerting tools. Knowledge of regulatory compliance frameworks (e.g. ISO 27001, NIST). Knowledge of Information Security, SIEM, Cyber Defence centre tooling. About working for us Our ambition is to be the leading UK business for diversity, equity and inclusion supporting our customers, colleagues and communities, and we More ❯

DevOps practices, and CI/CD pipelines. Familiarity with infrastructure monitoring, logging, and alerting tools. Knowledge of regulatory compliance frameworks (e.g. ISO 27001, NIST). Knowledge of Information Security, SIEM, Cyber Defence centre tooling. About working for us Our ambition is to be the leading UK business for diversity, equity and inclusion supporting our customers, colleagues and communities, and we More ❯

and experience relevant to this role: Proven experience in a pre-sales or solution consulting role within the cyber security domain Strong knowledge of security technologies such as XDR, SIEM, EDR, identity management, email security, cloud security, etc. Familiarity with regulatory and compliance frameworks (e.g., ISO 27001, NIS, NIST, GDPR) Excellent communication and presentation skills, both technical and non-technical More ❯

attacker techniques and capabilities models; and the various Cyber Kill Chain frameworks. Experience in securing cloud platform. Encryption; Knowledge in threat modelling and ethical hacking. Extensive experience working with SIEM solutions. Basic experience in some scripting languages This role falls inside of IR35 and is hybrid working with the expectation to attend the Glasgow or Milton Keynes office 3 days More ❯

in deployment, support, and maintenance Provide guidance to peers, management, and stakeholders Qualifications and Experience Prior experience as a SOC Analyst, preferably within an MSSP Knowledge of managing a SIEM, ideally Microsoft Sentinel CrowdStrike knowledge is a plus but not required Salary up to £40k plus benefits; remote working is offered. Occasional office attendance may be required, not exceeding once More ❯

Leading and Managing IR Cases/Projects Strong knowledge of cyber security threats, attack vectors, IOC, remediation. Hands-on experience with a range of different forensic tools, ELK, EDR, SIEM, and log analysis, Open Source Toolkits Comfortable communicating with both technical and non-technical stakeholders during high-stress situations. You must have excellent communication skills. You must be adaptable, resilient More ❯

Leading and Managing IR Cases/Projects Strong knowledge of cyber security threats, attack vectors, IOC, remediation. Hands-on experience with a range of different forensic tools, ELK, EDR, SIEM, and log analysis, Open Source Toolkits Comfortable communicating with both technical and non-technical stakeholders during high-stress situations. You must have excellent communication skills. You must be adaptable, resilient More ❯

Leading and Managing IR Cases/Projects Strong knowledge of cyber security threats, attack vectors, IOC, remediation. Hands-on experience with a range of different forensic tools, ELK, EDR, SIEM, and log analysis, Open Source Toolkits Comfortable communicating with both technical and non-technical stakeholders during high-stress situations. You must have excellent communication skills. You must be adaptable, resilient More ❯

Leading and Managing IR Cases/Projects Strong knowledge of cyber security threats, attack vectors, IOC, remediation. Hands-on experience with a range of different forensic tools, ELK, EDR, SIEM, and log analysis, Open Source Toolkits Comfortable communicating with both technical and non-technical stakeholders during high-stress situations. You must have excellent communication skills. You must be adaptable, resilient More ❯

Leading and Managing IR Cases/Projects Strong knowledge of cyber security threats, attack vectors, IOC, remediation. Hands-on experience with a range of different forensic tools, ELK, EDR, SIEM, and log analysis, Open Source Toolkits Comfortable communicating with both technical and non-technical stakeholders during high-stress situations. You must have excellent communication skills. You must be adaptable, resilient More ❯

Strong knowledge of network protocols, firewalls, VPNs, and cloud networking (APIM, NSG, Logic Apps, Function Apps, Azure Portal, App Insight). - Familiarity with security tools such as ASPM (Bionic), SIEM, and certifications like Cyber Essentials to demonstrate competence in security practices and - Experience with user journey monitoring tools such as NewRelic. About SSE SSE has a bold ambition - to be More ❯

and maintain incident response plans. Improve outsourced monitoring value through better use cases and data. Lead regular incident response exercises across teams. Threat Hunting Use tools like EDR and SIEM to identify threats and indicators of compromise. Analyse attacker tactics and recommend security improvements. Security Reporting Define and report security metrics. Evaluate control effectiveness and identify improvements. Communicate emerging risks … for key technologies. Promote secure practices within IT operations. Skills & Experience Strong incident triage and investigation experience. Skilled in endpoint security tools and vulnerability management. Solid understanding of EDR, SIEM, IDS/IPS, Firewalls, and cloud security. Ability to write KQL queries and develop SIEM use cases. Good grasp of security best practices and patching standards. Experience managing third-party More ❯

Firewall, VPN, IDS/IPS, and segmentation principles in industrial or utility systems Familiarity with power-system applications and the unique security challenges of electric-utility infrastructure Experience with SIEM, network-monitoring platforms, and remote diagnostics solutions Duration: 6 months (View for Extension) Salary: Up to £500 per day (Inside IR35 More ❯

plans for information risk events and incidents based on incident type and severity Assists with containment of threats and remediation of environment during or after an incident Work with SIEM Engineering and other security partners developing and refining correlation rules Regularly develop new and interesting use cases for future SIEM logic Administer and configure security tools and sensors to alert More ❯

SIEM/SOAR Content Developer| 12 Months (Inside IR35)| Hybrid (Glasgow) Harvey Nash's Client is recruiting for a SIEM/SOAR Content Developer on a 12 month contract. Main Responsibilities You will join a team of technologists and cyber-security professionals that are dedicated to improving the coverage, quality and automation of cyber-security detection and response Develop playbooks … security incidents and improve security response coverage. Perform analysis of security posture including recommending improvements to controls and processes. Automate auxiliary team processes with SOAR playbooks. Monitor and support SIEM and SOAR platforms to ensure security and stability of SOC infrastructure. Key Skills Cyber Response Platforms is looking for an experienced (5+ years) cyber-security professional to join their team … as a SIEM/SOAR content developer. Our ideal candidate has hands-on experience in computer network defence working either in or for a Security Operations Center or Cyber Incident Response Team. Minimum of 3 years of experience in cyber detection engineering or incident response Minimum of 1 year of experience developing automations in SOAR Experience in the creation and More ❯

Cyber Security - SIEM - SOAR - Automation - Glasgow Hybrid (3 days onsite) - 12 month contract I am looking for an experienced Cyber Security specialist to join a busy Security Team for our client in central Glasgow. You will be enhancing their threat detection and incident response capabilities by designing and maintaining SIEM content, build SOAR automations, and integrate security tools to streamline … their SOC operations. Key responsibilities: Develop and optimise detection rules in SIEM tools (Splunk, ArcSight, Sentinel). Create automated workflows in SOAR platforms to improve efficiency. Collaborate with analysts to speed up incident containment and remediation. Integrate security systems with internal and external services. Maintain and monitor SIEM/SOAR platforms for performance and stability. Essential skills: Proven background in More ❯

Cyber Security - SIEM - SOAR - Automation - Glasgow Hybrid (3 days onsite) - 12 month contract I am looking for an experienced Cyber Security specialist to join a busy Security Team for our client in central Glasgow. You will be enhancing their threat detection and incident response capabilities by designing and maintaining SIEM content, build SOAR automations, and integrate security tools to strea More ❯