1 to 25 of 55 SIEM Jobs in Scotland

ensure compliance with industry regulations (ISO 27001, NIST, GDPR, etc.). Lead incident response efforts, including investigating security breaches, coordinating remediation, and reporting findings. Implement and maintain endpoint protection, SIEM solutions, and threat intelligence platforms . Collaborate with IT and DevOps teams to ensure secure architecture and cloud security measures . Provide security awareness training for employees and promote a … network security principles, protocols, and technologies (firewalls, VPNs, IDS/IPS, NAC, etc.). Hands-on experience with security frameworks such as ISO 27001, NIST, CIS Controls. Proficiency in SIEM tools, vulnerability management, and penetration testing techniques . Familiarity with cloud security models (AWS, Azure, GCP) and securing hybrid environments. Experience in security operations, threat intelligence, and forensic analysis . More ❯

Security: Skilled in implementing information protection tools, key and secrets management, data loss prevention, and protective marking and classification capabilities. Cyber Security Operations: Proficient in incident response, vulnerability management, SIEM, SOAR, threat modeling, threat hunting, intelligence, data analytics, and anti-phishing methodologies. Infrastructure and Endpoint Security: Experience with endpoint security control technologies (EDR, EPP, UEBA, baseline configurations) including the Microsoft More ❯

cause analysis and liaise with the customer and the Service Delivery Manager as well and ensuring the actions of the SOC Analysts follow best practice. Security Monitoring: & Investigation: Monitoring SIEM tools to assure high a level of security operations delivery function Oversee and enhance security monitoring systems to detect and analyse potential security incidents. Conduct real-time analysis of security … vulnerabilities, integrating threat intelligence into security monitoring processes. Contribute to the development of threat intelligence feeds to enhance proactive threat detection. Proactively hunt for threats within enterprise environments using SIEM and EDR solutions. Fine-tune SIEM detection rules, correlation alerts, and log sources to reduce false positives. Analyse threat intelligence feeds, map findings to MITRE ATT&CK framework, and provide … mechanisms. Conduct adversary simulation exercises to test and improve detection capabilities. Generate detailed reports on emerging threats, attack trends, and security posture improvements. Monitored and analysed security logs from SIEM platforms to identify suspicious activity. Security Tool Management: Manage and optimise SIEM tools, ensuring they are properly configured and updated to maximize effectiveness. Own the development and implementation of SOC More ❯

Organisational Environment. This role is critical in identifying and responding to security incidents to protect our customers information assets. What will you be doing? •Monitor Security Information & Event Management (SIEM) Tools: Continuously monitor SIEM tools to pro-actively engage with and investigate potential security incidents. •Incident Identification and Triage: Identify, analyse, and prioritize security incidents, escalating them as necessary within … Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field. •Experience: experience in IT Security or Security Operations Team. Network Security Experience may be considered if SIEM specific qualifications and exposure are evident in the applicant’s experience. •Desirable Certifications (any of): •Microsoft AZ-200 •ISC2 Certified in Cybersecurity •CompTIA Security+ Internal •CompTIA CySA+ •Demonstrable experience using … Microsoft Sentinel or Similar SIEM tooling. •Familiarity with security tools and technologies such as SIEM, IDS/IPS, firewalls, and antivirus software. •Proficiency in using log analysis tools and basic scripting languages (e.g., Python, PowerShell) is a plus Why come and work with us at Systal? Competitive salary and benefits package. Unrivalled training and development, ensuring you stay at the More ❯

accelerating growth, and disrupting entire industries. This is what it means to #BeAProactivist. What you’ll do As a SOC Analyst you will be trained in all aspects of SIEM, using your studies, and possibly any work experience you may have, as a good foundation of knowledge to build upon. This is an entry level position and does not require … in: Network protocols including TCP/IP fundamental Operating systems (Windows and Linux) Hosting platforms, enterprise systems and infrastructure Virtual environments Security products such as anti-virus, IDS, IPS, SIEM, APT detection, VA systems Vulnerability management (network scanning, ethical hacking, penetration testing) Malware, virus, botnet, MITRE ATT&CK framework techniques, etc. Security standards, including ISO-27001, PCI/DSS, NHS More ❯

detection and response functions. Responsibilities include: Conduct escalated triage and analysis on security events identified by Tier 1 Analysts, assessing threat severity and advising on initial response actions. Utilize SIEM solutions with Kusto Query Language (KQL) for log analysis, event correlation, and documentation of security incidents. Identify and escalate critical threats to Tier 3 Analysts with detailed analysis for further … updates to streamline processes and enhance threat response times. Coordinate with Tier 3 Analysts and management to refine detection and response workflows, contributing to SOC maturity. Collaborate on tuning SIEM and detection tools to reduce false positives, submitting tuning requests and testing configurations as needed. Identify gaps in detection content and work with Senior Analysts to develop and validate new … advanced networking concepts, including IP addressing, network protocols, and traffic flow within networks. Proficiency in Windows and Linux operating environments, including commands, file systems, and authentication mechanisms. Experience with SIEM solutions (e.g., ArcSight, Azure Sentinel) and analysis tools such as XDR platforms. Proficient in Kusto Query Language (KQL) for log searching and filtering. Knowledge of OSINT techniques for threat identification More ❯

Attention to detail Desirable but Not Essential: Experience working in a Law firm and/or with legal software Experience working with Microsoft Defender for Endpoint, Sentinel, or other SIEM tools. Exposure to compliance standards such as ISO 27001, Cyber Essentials+, or NIST. Understanding of identity and access management, conditional access, and zero-trust concepts. Certifications such as CompTIA Security+ More ❯

cloud platforms (AWS, Azure, GCP) and deploying AI services in cloud-native environments. · Familiarity with containerization (Docker, Kubernetes) and DevOps pipelines. · Exposure to security operations center (SOC) tools and SIEM platforms. · Experience working with big data platforms such as Spark, Hadoop, or Elastic Stack. #J-18808-Ljbffr More ❯

Location/s: Glasgow, Birmingham, Bristol, Cambridge, Liverpool, Manchester, Southampton, United Kingdom Recruiter contact: Laura Kennedy We’re a global engineering, management, and development consultancy. Our purpose is to improve society by considering social outcomes in everything we do, relentlessly More ❯

objectives. Responsible for the technical architecture for the implementation of end-to-end Infrastructure, Cloud & Security Services (Wintel, Linux, DB, Storage, VMware, Citrix, Microsoft, Workplace, Office 365, Cloud, Security, SIEM, etc.). Interact with the Customer Enterprise Architect to ensure that the services delivered are aligned with reference architecture, guidelines, principles, policies, and standards. Handle applications and infrastructure architecture discussions More ❯

for the technical architecture applied for the implementation of the end to end Infrastructure, Cloud & Security Services (Wintel, Linux, DB, Storage, VWware, Citrix, Microsoft, Workplace, Office 365, Cloud, Security, SIEM etc.). Interact with the Customer Enterprise Architect to ensure that the Services the Provider delivers are aligned with the reference architecture, architecture guidelines, principles, policies, and technology and service More ❯

Coaching, training, and exercising of SOC staff based on industry best practice. Experience in business growth and bid development is desirable. What We’re Looking for: Experience in operating SIEM tools and vulnerability management software and being able to interpret and prioritise alerts, incidents and threat intelligence. Security Blue Team 1 or higher CompTIA Cyber Security Analyst SC-200 Microsoft More ❯

Coaching, training, and exercising of SOC staff based on industry best practice. Experience in business growth and bid development is desirable. What We’re Looking for: Experience in operating SIEM tools and vulnerability management software and being able to interpret and prioritise alerts, incidents and threat intelligence. Security Blue Team 1 or higher CompTIA Cyber Security Analyst SC-200 Microsoft More ❯

Coaching, training, and exercising of SOC staff based on industry best practice. Experience in business growth and bid development is desirable. What We’re Looking for: Experience in operating SIEM tools and vulnerability management software and being able to interpret and prioritise alerts, incidents and threat intelligence. Security Blue Team 1 or higher CompTIA Cyber Security Analyst SC-200 Microsoft More ❯

security-specific experience, support by relevant industry certifications (e.g. CySA+, Security+) and risk management knowledge (essential) Knowledge and experience working across a diverse range of cyber security tools, including SIEM technologies, EDR, NIDS etc. (essential) Self-motivated with a willingness to go the extra mile to achieve important goals (essential) Excellent verbal and written communication skills, including the ability to More ❯

security-specific experience, support by relevant industry certifications (e.g. CySA+, Security+) and risk management knowledge (essential) Knowledge and experience working across a diverse range of cyber security tools, including SIEM technologies, EDR, NIDS etc. (essential) Self-motivated with a willingness to go the extra mile to achieve important goals (essential) Excellent verbal and written communication skills, including the ability to More ❯

technical challenges with risk management and compliance responsibilities. Role Highlights Monitor, detect, and respond to security incidents and vulnerabilities Own and manage key elements of the security stack, including SIEM and DLP tools Lead audits, penetration testing, and remediation actions to uphold ISO27001 & SOC2 compliance Collaborate with product teams to embed security into the development lifecycle Produce detailed KPI-driven … security reports and dashboards for internal stakeholders Experience needed: 1+ year in a SOC or similar cybersecurity role Hands-on experience with SIEM, IDS/IPS, and vulnerability scanning tools Knowledge of AWS, Linux, Windows, IAM (e.g. Okta), and firewalls Understanding of ISO27001, SOC2, GDPR, and third-party risk management Strong communication skills and the ability to influence across teams More ❯

Experience communicating with senior staff and conveying complex information to non-technical audiences. Self-motivated with a positive attitude, viewing security as an enabler for business growth. Knowledge of SIEM tools and advanced hunting query development. Experience Needed: Managing serious cyber incidents as a digital forensic incident responder. Working successfully within large, complex enterprise environments. Understanding security monitoring, intrusion detection More ❯

do attitude. A strong believer of security as an enabler to support business growth Position requires on call and overtime if there are very serious cyber attacks Knowledge of SIEM tooling, including experience in writing and developing advanced hunting queries. Experience Needed to Fulfil the Role Comprehensive experience of managing serious Cyber Incidents, as an Digital forensic incident responder. Experience More ❯

do attitude. A strong believer of security as an enabler to support business growth Position requires on call and overtime if there are very serious cyber attacks Knowledge of SIEM tooling, including experience in writing and developing advanced hunting queries. Experience Needed to Fulfil the Role Comprehensive experience of managing serious Cyber Incidents, as an Digital forensic incident responder. Experience More ❯

Experience: 7+ years of experience in cybersecurity, with at least 3 years in an architect role. Hands-on experience with Cisco Cyber Vision including deployment, configuration, and integration with SIEM/SOC tools. Deep understanding of OT protocols (Modbus, DNP3, PROFINET, etc.) and ICS/SCADA systems. Strong knowledge of network security , firewalls, VPNs, IDS/IPS, and security zoning. More ❯

Experience: 7+ years of experience in cybersecurity, with at least 3 years in an architect role. Hands-on experience with Cisco Cyber Vision including deployment, configuration, and integration with SIEM/SOC tools. Deep understanding of OT protocols (Modbus, DNP3, PROFINET, etc.) and ICS/SCADA systems. Strong knowledge of network security , firewalls, VPNs, IDS/IPS, and security zoning. More ❯

requirements Excellent spoken and written English. Knowledge of networking protocols and investigation (capture, Wireshark). Knowledge of Operating Systems, Databases and Applications (Windows, Linux, SQL, F5). Knowledge of SIEM tools (Splunk, Sentinel). Knowledge of EDR tools (Defender, Crowdstrike). Knowledge of security concepts (MITRE, Kill-Chain). Commitment to Equal Opportunities At FNZ, we recognise that diversity, equity More ❯

Strong cyber security-specific experience supported by relevant industry certifications (e.g., CySA+, Security+), and risk management knowledge. Knowledge and experience with a diverse range of cyber security tools, including SIEM, EDR, NIDS, etc. Self-motivated with a willingness to go the extra mile to achieve goals. Excellent verbal and written communication skills, capable of explaining technical concepts to both technical More ❯

. Excellent analytical, problem-solving, and execution skills (essential). Relevant industry certifications (e.g., CySA+, Security+) and risk management knowledge (essential). Experience with cyber security tools such as SIEM, EDR, NIDS (essential). Self-motivated with a proactive attitude (essential). Strong verbal and written communication skills, capable of explaining technical concepts to diverse audiences (essential). Experience monitoring More ❯