1 to 25 of 48 SIEM Jobs in the South East

Lead investigations and remediation of complex security incidents, including malware infections, data breaches, and advanced persistent threats (APTs). Utilize advanced SIEM (Security Information and Event Management) tools, threat intelligence platforms, and other security technologies to analyze and correlate security alerts. Take ownership of Tier 2-level escalations from Tier … Lead investigations and remediation of complex security incidents, including malware infections, data breaches, and advanced persistent threats (APTs). Utilize advanced SIEM (Security Information and Event Management) tools, threat intelligence platforms, and other security technologies to analyze and correlate security alerts. Take ownership of Tier 2-level escalations from Tier ...

automating processes. Working knowledge of SecDevOps tools and methodologies. Excellent analytical and problem-solving skills. Strong communication and documentation abilities. Hands on experience with SIEM solutions i.e. Splunk, ArcSight, LogRhythm Communication and Soft Skills Experience speaking to and working with leadership as well as ability to write reports and present ...

/7 basis . Skills & Experience Required: Working knowledge of Various Operating systems including Windows and Linux. Experience of working with SIEM and IPS products within a SOC Environment. Good Analytical skills with the ability to manipulate, interrogate and analyse large data sets. Relevant cyber security analyst experience within ...

/EDR across endpoints, O365, and Azure servers (P2), with a focus on advanced threat detection and automated response. Skilled in Microsoft Sentinel SIEM/SOAR setup, tuning, and KQL query development for detection engineering and incident investigation. PowerShell/Python scripting for automating Microsoft security tooling, plus experience securing ...

junior engineers Key experience & skills: Proven experience in an IT solutions, service desk or engineer role Strong knowledge of network security, firewalls, EDR, and SIEM tools Experience securing Microsoft Azure and/or AWS environments Hands-on endpoint security experience (Defender, Sophos, Bitdefender or similar) Understanding of Cyber Essentials/ ...

scripting such as Python, Perl, Bash, PowerShell, C++. CREST Practitioner Intrusion Analyst/Blue Teams Level 1 or other SOC related certifications. Experience with SIEM technologies, namely Sentinel and Splunk, with some experience with QRadar. If you are interested in this role but not sure if your skills and experience ...

policies, and standards Own vulnerability management, security monitoring, and incident response Ensure compliance with NCSC, PSN, PCI-DSS, GDPR and other national frameworks Manage SIEM, Microsoft security tooling (Sentinel/Defender/E5), identity & access, firewalls, and endpoint protection Advise on secure design for projects and change governance Prepare annual ...

through complex challenges with clarity and confidence. What you'll need to succeed You're a seasoned security professional with hands-on experience across SIEM, SOC, Azure, Microsoft 365 and enterprise network environments. You've led incident response, managed third-party suppliers and implemented threat detection strategies in hybrid organisations. ...

junior engineers Key experience & skills: Proven experience in an IT solutions, service desk or engineer role Strong knowledge of network security, firewalls, EDR, and SIEM tools Experience securing Microsoft Azure and/or AWS environments Hands-on endpoint security experience (Defender, Sophos, Bitdefender or similar) Understanding of Cyber Essentials/ ...

with live incidents, real attackers, and industry-leading tools — not just alert watching. What you'll be doing Monitoring, triaging & investigating alerts across SIEM/EDR/XDR Analysing attacker behaviour & building incident timelines Escalating incidents with clear technical context Using tools such as Microsoft Sentinel, Google SecOps, Defender ...

with live incidents, real attackers, and industry-leading tools — not just alert watching. What you'll be doing Monitoring, triaging & investigating alerts across SIEM/EDR/XDR Analysing attacker behaviour & building incident timelines Escalating incidents with clear technical context Using tools such as Microsoft Sentinel, Google SecOps, Defender ...

with live incidents, real attackers, and industry-leading tools — not just alert watching. What you'll be doing Monitoring, triaging & investigating alerts across SIEM/EDR/XDR Analysing attacker behaviour & building incident timelines Escalating incidents with clear technical context Using tools such as Microsoft Sentinel, Google SecOps, Defender ...

with live incidents, real attackers, and industry-leading tools — not just alert watching. What you'll be doing Monitoring, triaging & investigating alerts across SIEM/EDR/XDR Analysing attacker behaviour & building incident timelines Escalating incidents with clear technical context Using tools such as Microsoft Sentinel, Google SecOps, Defender ...

with live incidents, real attackers, and industry-leading tools — not just alert watching. What you'll be doing Monitoring, triaging & investigating alerts across SIEM/EDR/XDR Analysing attacker behaviour & building incident timelines Escalating incidents with clear technical context Using tools such as Microsoft Sentinel, Google SecOps, Defender ...

with live incidents, real attackers, and industry-leading tools — not just alert watching. What you'll be doing Monitoring, triaging & investigating alerts across SIEM/EDR/XDR Analysing attacker behaviour & building incident timelines Escalating incidents with clear technical context Using tools such as Microsoft Sentinel, Google SecOps, Defender ...

with live incidents, real attackers, and industry-leading tools — not just alert watching. What you'll be doing Monitoring, triaging & investigating alerts across SIEM/EDR/XDR Analysing attacker behaviour & building incident timelines Escalating incidents with clear technical context Using tools such as Microsoft Sentinel, Google SecOps, Defender ...

more consultative, client-facing role. Ideal Background: Proven experience in cyber security design, architecture, or consultancy. Hands-on expertise across domains such as SIEM, SOAR, EDR, Vulnerability Management, WAF, IDAM , and Cloud Security . Strong understanding of vendor technologies (e.g., Fortinet, Palo Alto, Juniper ). Excellent communication and stakeholder engagement ...

solutions (MSP environment highly desirable). Deep product expertise in at least one area: Microsoft 365/Azure, cloud migration, cyber security (firewalls, EDR, SIEM), backup/DR, network infrastructure, or managed services. Proven ability to translate technical capabilities into business value for non-technical audiences. Understanding of the competitive ...

Check Point, Cisco, Fortinet, CrowdStrike, Netskope, F5, Akamai, and CyberArk Familiarity with security frameworks (ISO 27001, NIST, GDPR) and concepts like Zero Trust, SASE, SIEM/SOAR Familiarity with leading vendors and solutions across security, networking, and compliance frameworks Ability to engage confidently with C-level stakeholders and translate technical ...

with Microsoft security tooling, ideally Sentinel and Defender Proficiency in KQL and working knowledge of Python for automation and enrichment Experience integrating intelligence into SIEM, EDR/XDR, and cloud security platforms (Microsoft, AWS, CrowdStrike, etc.) Deep understanding of the UK cyber threat landscape, particularly critical national infrastructure and public ...

management role in Security Operations. Location: Hybrid, London office 2x a week, 3 days from home. Key Responsibilities Monitor and analyse alerts from SIEM, EDR, firewalls, and other security platforms Lead and coordinate incident response activities Manage security projects including DPIAs, supplier assurance, penetration testing, and remediation Support evaluation and … Essential Experience & Knowledge Experience in Security Operations, Incident Response, or similar role Strong understanding of networking, Windows/Linux, and cybersecurity fundamentals Experience with SIEM (e.g., Sentinel, Splunk), EDR tools, and vulnerability platforms Understanding of security frameworks (ISO 27001, NIST, CIS) Working knowledge of Microsoft InTune Familiarity with GDPR and ...

responsible for a variety of day to day activities including: vulnerability management, patch management, email security and mobile device management assessing cyber threats, using SIEM & SOAR tools penetration testing continuous improvement, ensuring documentation is maintained in line with best-practice/standards support on project work About you Applicants ...

Doing Architect and deploy Microsoft Purview (DLP, classification, compliance) Implement the Defender suite (Endpoint, Identity, Cloud Apps, Office 365) Build and tune Sentinel SIEM: analytics rules, playbooks, KQL, automation Design Zero Trust controls via Entra ID: Conditional Access, PIM, RBAC Lead client-facing workshops and contribute to presales and security ...

provisioning and compliance. Integration knowledge across Microsoft Exchange, M365, VMware and enterprise IT ecosystems. Understanding of Zero Trust architecture, identity threat detection, and SIEM integration. Strong stakeholder management, influencing, and communication skills. Ability to translate complex technical challenges into executive-level decisions and investment cases Our company: Peace ...

Title: SIEM Engineer Location: Wokingham/Hybrid (3 days per week on site) Duration: 3 months from the start Rate: £430 per day inside ir35 SC security clearance is required for this role We are looking for a highly skilled Security Engineer to support the deployment, configuration, and management … modern SIEM and EDR platforms. This role is ideal for someone with strong hands-on technical security expertise and a passion for threat detection, analysis, and automation. Key Responsibilities: Syslog experience and/or strong Linux skills SIEM Deployment & Management Configure, deploy, and maintain SIEM platforms such as Microsoft Sentinel ...