1 to 25 of 34 SIEM Jobs in Slough

will play a critical role in detecting, responding to, and mitigating security threats across enterprise environment. Responsibilities will include: Monitor, analyze, and respond to security events and incidents using SIEM and other security tools. Develop and maintain detection rules, playbooks, and automation scripts to improve incident response efficiency. Perform threat hunting and forensic investigations across IT environment. Collaborate with infrastructure More ❯

Smartsheet, Monday.com, etc. Microsoft O365 products (Excel, PowerPoint, etc.) Collaboration and communication skills across multiple teams and businesses. Good-to-Have Skills Palo Alto Firewall, F5 LTM, F5 GTM SIEM and SOAR tools (Splunk, Cribl, PAN Cortex) Powershell Python Scripting Power BI and Power Automate. More ❯

certification or willingness to achieve it Within commuting distance (~1 hour) of Canary Wharf, London Technical Skills Strong KQL skills for threat hunting and incident forensics Experience with SIEM, IDS/IPS and threat intelligence platforms Familiarity with incident response frameworks and security best practice Experience with scripting and automation (e.g. Azure Logic Apps) Soft Skills Problem-Solving: Identify, troubleshoot More ❯

and solution-level security architectures in hybrid and cloud (AWS/Azure) environments. Strong hands-on expertise with enterprise security platforms – including Endpoint Protection, Cloud Security, Network Security, DevSecOps, SIEM/SOAR, and vulnerability management. Deep understanding of secure design principles, IAM, encryption, API security, and application security. Experience performing threat modelling, security risk assessments, and control design validation. In More ❯

incident response Strong background in forensic analysis across Windows, MacOS, and Unix systems Experience in large-scale corporate environments, ideally with Microsoft Azure Proficiency in tools like EDR, SOAR, SIEM, and scripting languages (Python, PowerShell) Calm, analytical mindset with the ability to lead technical investigations under pressure Bonus: Experience with static and dynamic file/malware triage Why Tesco? At More ❯

DDoS protection, and encryption. Mentor junior engineers, elevate best practices, and help us on our journey to ISO 27001 certification. What You Bring Deep hands-on expertise across EDR, SIEM, NAC, MFA, PAM, and cloud security environments. Proven experience with security frameworks such as ISO 27001, NIST, CIS, and PCI-DSS. Certifications like CISSP, CPSA, or Palo Alto Certified Security More ❯

incident response , and vulnerability management . Expertise in ServiceNow workflows , scripting , CMDB , Discovery , and system integrations (REST/SOAP, MID Server). Experience integrating ServiceNow with cybersecurity tools (e.g., SIEM, EDR, SOAR). Strong stakeholder management and communication skills. Background supporting critical infrastructure , preferably within the energy or utilities sector . Knowledge of security frameworks and compliance mandates (e.g., NIST More ❯

including carrying out reviews and supporting improvements across technical and procedural controls. Strong skills in documentation, analysis, and reporting. Technical knowledge of cybersecurity concepts and practices. (Desirable) Familiarity with SIEM, vulnerability assessment, incident detection, and system hardening. (Desirable) Exposure to tools such as Microsoft Sentinel, Darktrace, Carbon Black, or Qualys. General IT knowledge, with an understanding of IT operations and More ❯

oversight, you will also act as technical lead on several high-impact initiatives, including but not limited to: Global EDR consolidation (Microsoft Defender) MFA rollout Implementation of a new SIEM platform Key Responsibilities Lead the delivery of cyber security projects such as endpoint protection, vulnerability management, identity & access management, and network security. Develop and manage project plans, milestones, risks, and More ❯

including: Security Incident Response (SIR) Vulnerability Response (VR) Threat Intelligence Configuration Compliance Define secure processes and automation across vulnerability management and incident response. Integrate ServiceNow SecOps with cybersecurity platforms (SIEM, SOAR, EDR, CMDB, threat intel, OT/ICS security tools). Establish SecOps roadmap, standards, and best practices across business units. Ensure scalable, secure, reusable architecture aligned with enterprise and More ❯

and execute the enterprise PAM strategy and governance framework. Lead the deployment, configuration, and optimisation of PAM tools (e.g. CyberArk, BeyondTrust, Thycotic/Delinea ). Integrate PAM with IAM, SIEM, and IT infrastructure platforms. Implement automation around credential rotation, just-in-time (JIT) access, and session monitoring. Conduct regular audits and risk reviews to maintain compliance and reduce privileged access More ❯

Microsoft certifications (relating to Azure-AZ, Security-SC, Power Platform-PL, Modern Work-MS and Copilot/AI). Excellent consulting, design and delivery of Microsoft Defender suite and SIEM/XDR. Effective technical hands-on experience configuring/implementing products such as Microsoft Azure, Entra & Purview. Accomplished in designing and implementing M365 security technologies, based on above, with little More ❯

cyber security engineering or related roles, with a strong understanding of network security principles, protocols and technologies. Experience with security tools such as firewalls, intrusion detection/prevention systems, SIEM solutions (i.e. Splunk, Exabeam, Sentinel, Chronicle) and endpoint security platforms to the level of administration and deployment. Exposure to SOAR tools, observability tools and data stream processing tools Hands-on More ❯

of 5 years of experience in a presales, solution architect, or similar role within the cybersecurity industry. Extensive knowledge of cybersecurity technologies and solutions (e.g., network security, endpoint protection, SIEM, cloud security). Strong business acumen with the ability to align technical solutions with business objectives. Excellent presentation, communication, and negotiation skills. Proven experience in designing and articulating complex technical More ❯

expertise: Windows Server, AD/Entra ID, Group Policy, O365, Intune Solid networking foundations: TCP/IP, VLANs, DNS, VPNs, Wi-Fi Security engineering knowledge: System hardening, endpoint security, SIEM, incident handling ISO27001, GDPR or PCI compliance exposure Certificates (SSL/TLS), WAF/DDoS, email security Azure engineering background: Governance, networking, identity and security configuration Ownership mindset and strong More ❯

and packet (PCAP) analysis Familiarity with Windows and/or Linux investigations Clear and structured documentation of technical findings Desired Skills Basic scripting (e.g., Python, Bash, PowerShell) Experience creating SIEM rules or detection logic Exposure to cloud environments and related attack vectors Knowledge of threat hunting methods and MITRE ATT&CK Interest or experience in cross-functional collaboration (e.g., Threat More ❯

to cybersecurity threats in a proactive and efficient manner. Key Responsibilities: Security Architecture & Implementation Design, deploy, and manage security solutions including firewalls, intrusion detection/prevention systems, endpoint protection, SIEM, and identity management platforms. Implement secure network architecture and enforce segmentation and least-privilege access controls. Support secure cloud environments across Azure, AWS, or GCP (e.g., IAM, security groups, encryption … Certifications (Preferred): CompTIA Security+, CEH, OSCP, CISSP, CCSP, Azure/AWS security certifications. Skills & Competencies Strong knowledge of network security (TCP/IP, VPNs, DNS, firewalls). Experience with SIEM tools (e.g., Splunk, Sentinel, QRadar) and EDR platforms. Familiarity with scripting or automation (PowerShell, Python, Bash). Understanding of secure cloud architecture and Zero Trust principles. Ability to analyze complex More ❯

for clients, as they work to address the challenges associated with today’s cyber threat landscape. Your Impact SOC Advisory: 4+ years of consulting experience in SOC, security engineering, SIEM administration, and incident management and demonstrated success with serving large, multinational organisations in designing and implementing an organisation’s security operations program, organisational structures, and capabilities Possess a deep technical … knowledge in Security Incident and Event Management (SIEM) platforms, Security Orchestration and Response (SOAR) technologies, Endpoint Protection and Response/Next Gen Protection and Response (EDR/XDR) tools, Next GenFirewalls, Threat Intelligence and Hunting platforms Defensive Security Skills (desired) : Experience in security operations design, engineering and/or analysis and investigations, ideally in complex environments, with security event correlations More ❯

SABSA & TOGAF Experience following the green book five case model would be a plus and certifications such as: CCP, CISMP, CISSP, CREST. Identity management and federation, public key infrastructure, SIEM, cryptography, firewalls, vulnerability scanning. A varied background, diverse programme exposure and a security-based master’s degree or alternatively STEM degree are needed with an ability to demonstrate your capability More ❯

in security incident investigation, detection, response, and recovery (NIST/NIS2 frameworks) Strong foundation in security operations, but with strategic vision beyond SOC alert handling Experience with security telemetry, SIEM platforms, and threat detection technologies Understanding of enterprise security architecture in complex, matrixed organisations Experience & Background Proven track record maturing incident response and tabletop exercise programs Experience working alongside third More ❯

Confluence), Google Workspace security, Proofpoint (email security). Azure guardrails (Entra/Conditional Access, Azure Policy/PaC), Kubernetes context for platform integrations. Experience integrating CNAPP/CSPM or SIEM/SOAR signals into advisory workflows. Why join Shape a green-field Security Platform capability with real impact across dozens of teams. Modern stack, supportive culture, funded training/certifications More ❯

health audits across all systems Maintain awareness of emerging threats and advise on appropriate mitigations Incident Detection, Response, and Monitoring Lead detection, triage, and investigation of security incidents using SIEM tools such as Azure Sentinel, Splunk, or ELK Stack Correlate and analyse logs from network, endpoint, and cloud sources to identify potential compromises Work with DevOps and IT teams to … and managing security controls across cloud and on-premise environments Strong knowledge of network security, endpoint protection, and cloud security principles Hands-on experience with security tools such as SIEM, EDR/XDR, and vulnerability scanners Understanding of regulatory frameworks including GDPR, ISO 27001, and FCA requirements Experience with scripting and automation (Python, PowerShell, or similar) Ability to analyze security More ❯

ensuring security best practices Effective technical hands-on experience configuring/implementing products such as Microsoft Azure, Entra & Purview. Excellent consulting, design and delivery of Microsoft Defender suite and SIEM/XDR. Provide ongoing support, troubleshooting, and training to client end-users. Building relationships with key stakeholders, 3rd party vendors and Microsoft. Nice to have: Good understanding of Microsoft Fabric More ❯

ability to explain sophisticated topics to a varied audience of people who work in both IT and non-IT roles. Proficient with commonly used incident response tools, logging, and SIEM technologies. In-depth knowledge of and experience in security concepts such as cyber-attacks and techniques, risk management, incident management, threat management, etc. What We Offer You Looking to make More ❯

experience focusing on key customer accounts and delivering value to strategic accounts in the cybersecurity industry Extensive platform selling experience in complex sales with multiple buying centers Experience selling SIEM, EDR, or CNAPP (DevSecOps, CloudOps) solutions is highly preferred Established trusted relationships with CIOs and CISOs with the ability to influence and drive strategic conversations Expertise in applying complex solution More ❯