1 to 25 of 152 SIEM Jobs in the South East

complex cyber incidents, including APTs, malware outbreaks, and data breaches. Take charge of escalated alerts from Tier 1 and 2 analysts and guide them through advanced response protocols. Utilize SIEM, EDR, and threat intelligence platforms to perform deep-dive analysis and response. 🧠 Threat Hunting & Analysis Proactively identify emerging threats through behavioral analytics and threat intelligence. Analyze log data, network activity … a related field. 6–8+ years in cybersecurity with a focus on incident response and threat hunting. Proven experience investigating APTs, ransomware, and data exfiltration attempts. Deep knowledge of SIEM platforms (e.g., Splunk, LogRhythm, ArcSight) and EDR solutions. Hands-on experience in network/system forensics and malware analysis. Familiarity with operating systems (Windows, Linux) and cloud environments (e.g., AWS More ❯

Services Are you an experienced Cyber Security Engineer looking for a new challenge? Do you have a background in Cyber Security with a strong understanding of security technologies, including SIEM, EDR, firewalls, VPNs, and cloud security (AWS, Azure, GCP) in an MSP or similar environment, along with hands-on experience with Splunk/MS Sentinel/QRadar and KQL? Here … infrastructure services will allow you to achieve great things by working with brilliant colleagues, and clients, on exciting projects. Responsibilities: Design, implement, and manage advanced security solutions, including firewalls, SIEM, IDS/IPS, endpoint protection, and cloud security. Lead technical presentations, demonstrations, workshops and architecture design sessions, explain, demonstrate, and architect the solution to help solve client security challenges and … Cybersecurity, Information Technology, or related field (or equivalent experience). 4yrs+ of experience in a cybersecurity role within an MSP or similar environment. Strong understanding of security technologies, including SIEM, EDR, firewalls, VPNs, and cloud security (AWS, Azure, GCP). Strong hands-on experience with Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and Detection Rule languages such as KQL. More ❯

threats. You’ll play a crucial role in delivering technical excellence, leading customer engagements, and mentoring team members. Key Responsibilities: Design, implement, and manage enterprise-grade security solutions (firewalls, SIEM, IDS/IPS, endpoint protection, cloud security). Shape strategic security recommendations and collaborate on technical win plans. Maintain and update security policies, procedures, and incident response plans. Deliver security … Looking For: A degree in Cybersecurity, IT, or equivalent experience. 4+ years in a cybersecurity role, preferably within an MSP or fast-paced environment. Strong hands-on experience with SIEM, EDR, VPNs, firewalls, and cloud platforms (AWS, Azure, GCP). Expertise in Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and KQL. Proven skills in threat detection, incident response, and More ❯

Qualifications: Proven experience in a cyber security or information security engineering role. Strong knowledge of network and system security, encryption, and authentication protocols. Experience with security tools such as SIEM, vulnerability scanners, firewalls, antivirus, and endpoint protection platforms. Familiarity with cloud security (AWS, Azure, or GCP) and hybrid environments. Good understanding of regulatory frameworks and standards (ISO 27001, NIST, PCI More ❯

Policies and Standards and a proficient understanding of the Microsoft 365/Azure platforms/AWS Responsibilities: Monitor security event logs and alerts generated by various security technologies, including SIEM, IDS/IPS, firewalls, and endpoint protection systems. Conduct host forensics, network forensics, log analysis, and malware triage in support of incident response investigations. Identify, analyze, and assess potential insider More ❯

and data breaches, ensuring swift, effective responses to minimize risk to the organization and its clients. Key Responsibilities: 1. Incident Detection and Response: o Utilize advanced SIEM (Security Information and Event Management) tools, threat intelligence platforms, and other security technologies to analyze and correlate security alerts. 2. Threat Hunting & Analysis: o Proactively search for threats across the environment using behavioural … PowerShell, etc.) to automate tasks or create custom detection methods. o Strong experience in handling complex cyber incidents (e.g., APTs, ransomware, data breaches). o Hands-on experience with SIEM platforms (e.g., Splunk, ArcSight, LogRhythm) and endpoint detection/response (EDR) tools. *Certifications (Preferred ): o Certified Information Systems Security Professional (CISSP) o Certified Incident Handler (GCIH, EC-Council) o Certified More ❯

and data breaches, ensuring swift, effective responses to minimize risk to the organization and its clients. Key Responsibilities: 1. Incident Detection and Response: o Utilize advanced SIEM (Security Information and Event Management) tools, threat intelligence platforms, and other security technologies to analyze and correlate security alerts. 2. Threat Hunting & Analysis: o Proactively search for threats across the environment using behavioural … PowerShell, etc.) to automate tasks or create custom detection methods. o Strong experience in handling complex cyber incidents (e.g., APTs, ransomware, data breaches). o Hands-on experience with SIEM platforms (e.g., Splunk, ArcSight, LogRhythm) and endpoint detection/response (EDR) tools. *Certifications (Preferred ): o Certified Information Systems Security Professional (CISSP) o Certified Incident Handler (GCIH, EC-Council) o Certified More ❯

pipelines. Hands-on experience with GCP security services including IAM, VPC Service Controls, Cloud Armor, KMS, Security Command Center. Fluency in designing security policies using IAM, KMS, DLP, and SIEM/SOAR tools. Strong understanding of network security principles (firewalls, VPNs, load balancing, DNS) and their implementation on GCP. Proficiency in at least one scripting language (e.g., Python, Go, Bash More ❯

security as a primary requirement). Drive adoption and integration of the latest security technologies. Installing, configuring, updating, and monitoring security tools and software, such as antivirus, encryption, authentication, SIEM etc. Evaluate, research and manage emerging cyber security threats. Support the incident management process, through Root Cause Analysis. Responding to and resolving security incidents and events, such as malware infections More ❯

maximum benefit and capability. Support the Cyber Security Teams at a technical level to install cyber security product technologies and systems, such as firewalls, end point protection, encryption, VPN, SIEM, PAM, VM etc. Support the Cyber Security Teams to lead root cause analysis of cyber security related incidents to ensure prompt action is taken to prevent incident reoccurrence and strengthen … as well as respond to them quickly. Certifications : Relevant certifications in cyber security, such as CISSP, CISM, CEH, SSCP, or CCSP. Further technical certifications in Microsoft Azure, Networking, Firewall, SIEM, PAM or VM Products are beneficial. Technical Capabilities : Technical competence in one or more of the following areas IPSec VPN's, Networking, Network Security, MFA, AIX/Microsoft/Linux More ❯

Security: Implement and monitor DNS security solutions to prevent cyber threats. Incident Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. Monitor, audit, and improve infrastructure security posture using automated tooling. Policy & Procedures: Define and enforce security policies, incident response strategies, and structured … with Terraform for IaC security automation. Knowledge of DevOps pipelines (CI/CD) and security hardening. Deep understanding of PCI DSS compliance, security frameworks, and audit processes. Familiarity with SIEM solutions, security orchestration platforms, and log management. Strong experience with incident response planning, threat detection, and mitigation. Ability to define security policies, procedures, and structured action plans for compliance and More ❯

dependent on experience) Responsibilities As a MAF Security Operations Specialist you will play a critical role in protecting our digital infrastructure. You'll lead the implementation and management of SIEM systems, Fortinet security tools, and endpoint detection & response (EDR) while conducting vulnerability assessments and penetration testing to stay ahead of cyber threats. You'll enhance identity and access management (IAM … IT security roles with focus on infrastructure security Strong experience with Fortinet security products and solutions Advanced knowledge of Microsoft Active Directory and Entra ID administration Demonstrated experience with SIEM implementation and management Strong background in network security and infrastructure protection Experience with IDS/IPS systems and security monitoring tools Proven incident response and threat hunting experience Programming/ More ❯

condition of employment. Responsibilities As a MAF Security Operations Specialist you will play a critical role in protecting our digital infrastructure. You'll lead the implementation and management of SIEM systems, Fortinet security tools, and endpoint detection & response (EDR) while conducting vulnerability assessments and penetration testing to stay ahead of cyber threats. You'll enhance identity and access management (IAM … IT security roles with focus on infrastructure security Strong experience with Fortinet security products and solutions Advanced knowledge of Microsoft Active Directory and Entra ID administration Demonstrated experience with SIEM implementation and management Strong background in network security and infrastructure protection Experience with IDS/IPS systems and security monitoring tools Proven incident response and threat hunting experience Programming/ More ❯

national infrastructure through proactive monitoring, analysis, and improvement of cybersecurity postures. Essential Skills and Experience: Proven experience in a Security Operations Centre (SOC) environment. Strong hands-on expertise with SIEM tools such as Microsoft Sentinel and Splunk . Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ). Skilled in incident response and threat intelligence analysis … a Senior SOC Analyst , you will be at the forefront -leading incident response, improving detection mechanisms, and mentoring junior analysts. Your responsibilities will include: Analysing security incidents using advanced SIEM platforms ( Microsoft Sentinel , Splunk ). Leading incident response and driving improvements in detection and containment strategies. Tuning and maintaining detection rules, using threat frameworks like Mitre Att&ck . Collaborating More ❯

national infrastructure through proactive monitoring, analysis, and improvement of cybersecurity postures. Essential Skills and Experience: Proven experience in a Security Operations Centre (SOC) environment Strong hands-on expertise with SIEM tools such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ) Skilled in incident response and threat intelligence analysis Familiarity with … SOC Analyst , you will be at the forefront of digital defenceleading incident response, improving detection mechanisms, and mentoring junior analysts. Your responsibilities will include: Analysing security incidents using advanced SIEM platforms ( Microsoft Sentinel , Splunk ) Leading incident response and driving improvements in detection and containment strategies Tuning and maintaining detection rules, using threat frameworks like Mitre Att&ck Collaborating with colleagues More ❯

closing meetings. External Audit Coordination: Collaborate with external audit teams to streamline processes and provide requested documentation and evidence. Security Monitoring: Use tools such as Rapid7 InsightIDR or other SIEM solutions to assist with security monitoring and incident detection. Incident Response Support: Participate in incident response efforts, documenting security incidents and assisting in containment and recovery actions. Threat Identification: Contribute … audit and compliance frameworks, including ISO 27001, ISO 27701, ISO 42001, GDPR, DORA, Cyber Essentials, and Cyber Essentials Plus. Familiarity with CSOC tools such as Rapid7 InsightIDR or other SIEM solutions. Hands-on experience in internal and external audits, compliance assessments, and process improvement. Basic understanding of incident response frameworks and cybersecurity best practices. Exceptional analytical, organizational, and communication skills. More ❯

high-profile clients from cyber threats ✅ Engage in technical design, implementation & incident response ✅ Benefit from a collaborative & innovative security team Your Impact: 🔹 Design, implement & manage next-gen security solutions (SIEM, IDS/IPS, endpoint protection, cloud security) 🔹 Lead technical workshops & architecture design sessions 🔹 Drive security strategy & compliance initiatives (ISO 27001, NIST, GDPR) 🔹 Perform threat detection, incident response & forensic analysis 🔹 Utilize … Microsoft Sentinel, Cisco Splunk, Palo Alto QRadar, KQL & more What We’re Looking For: 🔸 4+ years in Cyber Security within an MSP or similar environment 🔸 Hands-on expertise in SIEM, EDR, firewalls, VPNs, cloud security (AWS, Azure, GCP) 🔸 Experience with Palo Alto XSOAR or similar platforms 🔸 Familiarity with security compliance & best practices 🔸 Certifications (CISSP, CEH, OSCP, CISM, Security+) are a More ❯

technical teams. Qualifications Degree or equivalent industry certification. Professional certification in security/identity (e.g. CREST, GIAC). ITIL Foundation certification. Incident response certification preferred. Technical Knowledge Proficient in SIEM, EDR, threat detection, and vulnerability management. Solid understanding of network security (firewalls, segmentation, IDS/IPS). Experience with Windows, Mac, Linux environments and security tooling. Familiarity with public cloud More ❯

collaborating internally with infrastructure, network, and support teams to deliver joined-up solutions. Key responsibilities: Manage and respond to security incidents across client environments Configure and maintain security tools (SIEM, EDR, firewalls, email filtering, etc.) Perform vulnerability scans and recommend remediation Deliver client security assessments and reports Support compliance initiatives (ISO 27001, Cyber Essentials, etc.) Tech Environment: Microsoft 365 Defender … Intune, Azure Security Center Firewalls: Palo Alto, Fortinet, SonicWall SIEM: Sentinel, Splunk, or equivalent EDR/XDR solutions (Sophos, CrowdStrike, Defender) Scripting knowledge (PowerShell preferred) What We’re Looking For: 5 years’ experience in a cyber security role (ideally within an MSP or multi-client setting) Security certifications like Security+, CySA+, or equivalent (working toward CISSP or equivalent a bonus More ❯

Europe, Asia and the U.S. This position will be based in our Frankfurt office. What you will do Be responsible for our security engineering platforms with particular focus on SIEM and EDR, Anti-Virus and Anti Malware solutions Leverage our security platform's automation capabilities to implement and optimise SOAR capabilities throughout our environment Research, design and deploy new security …/Workplace, IT Compliance, Information Security, Business Resilience, Procurement, Finance and other cross-functions What you bring Required Hands-on experience implementing, managing, and improving security platforms, such as SIEM, DLP, IPS/IDS, WAF, EDR, etc., experience with the Microsoft Security Suite is ideal Deep technical expertise and relevant experience in security operations (threat intelligence, security monitoring, incident/ More ❯

IT and Security problems for non-technical audiences. • Strong understanding of OT infrastructure, networking, and end-user computing. • Proficiency in writing Kusto Query Language (KQL) for creating and tuning SIEM queries and alerts. • Experience in configuring and troubleshooting MFA, Privileged Access Management (PAM), and Security Information & Event Management (SIEM) systems, particularly Microsoft Sentinel. Desirable Experience: • Familiarity with managing network security More ❯

expertise in security and identity systems Qualifications Degree or relevant professional IT/security qualification Recognised certification from a security or identity vendor Knowledge Solid understanding of tools like SIEM, EDR, and threat detection methods Knowledge of vulnerability management and threat intelligence Familiarity with network security (firewalls, segmentation, IDS/IPS, etc.) Understanding of operating systems (Windows, Mac, Linux) and More ❯

with complicated security-related concepts to technical and non-technical audiences. Proficient in the use of PowerBI or a similar dashboarding application. Knowledge of security systems (including working with SIEM data). SQL or database knowledge would be desirable. Relevant certifications such as CISSP, CISM, or CRISC (or equivalent) are preferred. Proven experience in managing and delivering technical projects and More ❯

with complicated security-related concepts to technical and non-technical audiences. Proficient in the use of PowerBI or a similar dashboarding application. Knowledge of security systems (including working with SIEM data). SQL or database knowledge would be desirable. Relevant certifications such as CISSP, CISM, or CRISC (or equivalent) are preferred. Proven experience in managing and delivering technical projects and More ❯

noncompliance situations using defined escalation processes Developing and maintains documentation for security systems and procedures Responding to and, where appropriate, resolving or escalating reported security incidents Monitoring system logs, SIEM tools and network traffic for unusual or suspicious activity. Investigating and resolving security violations by providing postmortem analysis to illuminate the issues and possible solutions Monitoring internal control systems to More ❯