25 of 25 SIEM Jobs in the Thames Valley

complex cyber incidents, including APTs, malware outbreaks, and data breaches. Take charge of escalated alerts from Tier 1 and 2 analysts and guide them through advanced response protocols. Utilize SIEM, EDR, and threat intelligence platforms to perform deep-dive analysis and response. 🧠 Threat Hunting & Analysis Proactively identify emerging threats through behavioral analytics and threat intelligence. Analyze log data, network activity … a related field. 6–8+ years in cybersecurity with a focus on incident response and threat hunting. Proven experience investigating APTs, ransomware, and data exfiltration attempts. Deep knowledge of SIEM platforms (e.g., Splunk, LogRhythm, ArcSight) and EDR solutions. Hands-on experience in network/system forensics and malware analysis. Familiarity with operating systems (Windows, Linux) and cloud environments (e.g., AWS More ❯

Qualifications: Proven experience in a cyber security or information security engineering role. Strong knowledge of network and system security, encryption, and authentication protocols. Experience with security tools such as SIEM, vulnerability scanners, firewalls, antivirus, and endpoint protection platforms. Familiarity with cloud security (AWS, Azure, or GCP) and hybrid environments. Good understanding of regulatory frameworks and standards (ISO 27001, NIST, PCI More ❯

and data breaches, ensuring swift, effective responses to minimize risk to the organization and its clients. Key Responsibilities: 1. Incident Detection and Response: o Utilize advanced SIEM (Security Information and Event Management) tools, threat intelligence platforms, and other security technologies to analyze and correlate security alerts. 2. Threat Hunting & Analysis: o Proactively search for threats across the environment using behavioural … PowerShell, etc.) to automate tasks or create custom detection methods. o Strong experience in handling complex cyber incidents (e.g., APTs, ransomware, data breaches). o Hands-on experience with SIEM platforms (e.g., Splunk, ArcSight, LogRhythm) and endpoint detection/response (EDR) tools. *Certifications (Preferred ): o Certified Information Systems Security Professional (CISSP) o Certified Incident Handler (GCIH, EC-Council) o Certified More ❯

and data breaches, ensuring swift, effective responses to minimize risk to the organization and its clients. Key Responsibilities: 1. Incident Detection and Response: o Utilize advanced SIEM (Security Information and Event Management) tools, threat intelligence platforms, and other security technologies to analyze and correlate security alerts. 2. Threat Hunting & Analysis: o Proactively search for threats across the environment using behavioural … PowerShell, etc.) to automate tasks or create custom detection methods. o Strong experience in handling complex cyber incidents (e.g., APTs, ransomware, data breaches). o Hands-on experience with SIEM platforms (e.g., Splunk, ArcSight, LogRhythm) and endpoint detection/response (EDR) tools. • Certifications (Preferred ): o Certified Information Systems Security Professional (CISSP) o Certified Incident Handler (GCIH, EC-Council) o Certified More ❯

and data breaches, ensuring swift, effective responses to minimize risk to the organization and its clients. Key Responsibilities: 1. Incident Detection and Response: o Utilize advanced SIEM (Security Information and Event Management) tools, threat intelligence platforms, and other security technologies to analyze and correlate security alerts. 2. Threat Hunting & Analysis: o Proactively search for threats across the environment using behavioural … PowerShell, etc.) to automate tasks or create custom detection methods. o Strong experience in handling complex cyber incidents (e.g., APTs, ransomware, data breaches). o Hands-on experience with SIEM platforms (e.g., Splunk, ArcSight, LogRhythm) and endpoint detection/response (EDR) tools. *Certifications (Preferred ): o Certified Information Systems Security Professional (CISSP) o Certified Incident Handler (GCIH, EC-Council) o Certified More ❯

technical teams. Qualifications Degree or equivalent industry certification. Professional certification in security/identity (e.g. CREST, GIAC). ITIL Foundation certification. Incident response certification preferred. Technical Knowledge Proficient in SIEM, EDR, threat detection, and vulnerability management. Solid understanding of network security (firewalls, segmentation, IDS/IPS). Experience with Windows, Mac, Linux environments and security tooling. Familiarity with public cloud More ❯

IT and Security problems for non-technical audiences. • Strong understanding of OT infrastructure, networking, and end-user computing. • Proficiency in writing Kusto Query Language (KQL) for creating and tuning SIEM queries and alerts. • Experience in configuring and troubleshooting MFA, Privileged Access Management (PAM), and Security Information & Event Management (SIEM) systems, particularly Microsoft Sentinel. Desirable Experience: • Familiarity with managing network security More ❯

expertise in security and identity systems Qualifications Degree or relevant professional IT/security qualification Recognised certification from a security or identity vendor Knowledge Solid understanding of tools like SIEM, EDR, and threat detection methods Knowledge of vulnerability management and threat intelligence Familiarity with network security (firewalls, segmentation, IDS/IPS, etc.) Understanding of operating systems (Windows, Mac, Linux) and More ❯

with complicated security-related concepts to technical and non-technical audiences. Proficient in the use of PowerBI or a similar dashboarding application. Knowledge of security systems (including working with SIEM data). SQL or database knowledge would be desirable. Relevant certifications such as CISSP, CISM, or CRISC (or equivalent) are preferred. Proven experience in managing and delivering technical projects and More ❯

configurations, and recommend improvements to stay compliant Collaborate with key stakeholders including Compliance and Infrastructure teams Required Experience: Microsoft security suite experience – Microsoft certifications are highly valued Familiarity with SIEM tools – Microsoft Sentinel or similar Experience managing network security and firewalls Exposure to PenTesting methodologies or practices (desirable) Experience with NAC solutions like Cisco ISE , ForeScout , or similar Strong grasp More ❯

SOC analysts Provide mentorship and guidance to other SOC analysts regarding technologies Engage in knowledge sharing with other analysts Providing major component infrastructure support Conduct Health Checks for non-SIEM technologies Dealing with infrastructure or enterprise failures or reconfigurations Opening and following up on tickets with 3rd party vendors Maintain current knowledge on industry issues/trends and competitive products … Minimum 3 years' experience in IT security field Extensive experience on Firewall platforms Have experience in security/operational network architecture design Must have proficient knowledge and experience with SIEM technologies Strong troubleshooting, reasoning and problem-solving skills Networking - VLAN, WAN, LAN, Routers, Switches, Access Points, Firewalls, IPS, VPN etc. Excellent communications skills Exceptional Time Management and organizational skills Ability More ❯

and a proactive, solutions-driven mindset. You'll also have: Strong experience in LAN, MAN, and WAN security within large-scale environments Proven knowledge of firewalls, IDS/IDP, SIEM, and other security technologies Excellent understanding of Layer 2/3 networking, including Ethernet, MPLS, and TCP/IP Experience with risk and vulnerability management frameworks Familiarity with security standards More ❯

Demonstrable expertise in security controls and architecture. -Proficiency in security frameworks such as ISO, NIST, and OWASP. -Knowledge of Cloud infrastructure (e.g., Azure). -Experience with security technologies (e.g., SIEM, EDR, IPS, web and email gateways). -Qualifications (desirable): CISSP or similar certification, TOGAF or similar architectural framework certification, Vendor technology training/certifications (e.g., SIEM, EDR, IPS), Experience in More ❯

Demonstrable expertise in security controls and architecture. -Proficiency in security frameworks such as ISO, NIST, and OWASP. -Knowledge of Cloud infrastructure (e.g., Azure). -Experience with security technologies (e.g., SIEM, EDR, IPS, web and email gateways). -Qualifications (desirable): CISSP or similar certification, TOGAF or similar architectural framework certification, Vendor technology training/certifications (e.g., SIEM, EDR, IPS), Experience in More ❯

designs comply with Baseline Security Requirements and security policy. Ensure that projects integrate with security baseline controls such as IPS/IDS, WAF, Firewall Change Management, Identity & Access Management, SIEM and Vulnerability Management. Ensure internal customers, external suppliers and delivery partners are aware of security standards and future strategy to influence development roadmaps. Identify security risks, manage them with key More ❯

that interoperate and adapt to defend through the Sophos Central platform. Secureworks provides the innovative, market-leading Taegis XDR/MDR, identity threat detection and response (ITDR), next-gen SIEM capabilities, managed risk, and a comprehensive set of advisory services. Sophos sells all these solutions through reseller partners, Managed Service Providers (MSPs) and Managed Security Service Providers (MSSPs) worldwide, defending More ❯

SOC Analyst on a contract basis. The successful candidate will be working with a Telecoms end client across various projects. Key Responsibilities: Detect and respond to security incidents using SIEM tools. Analyse threats like malware, phishing, and network intrusions. Investigate and escalate security events. Strengthen security measures and report incidents. Stay updated on cybersecurity trends. Key Requirements: Experience in SOC … cybersecurity, or related roles. Proficiency in SIEM, IDS/IPS, firewalls, and endpoint security. Understanding of network protocols and threat intelligence. Telecoms background (Essential). Strong analytical and communication skills. Further job details available upon application. More ❯

incidents, and ensure robust protection against cyberattacks. Key Responsibilities: Design and implement secure network architectures (firewalls, VPNs, IDS/IPS, etc.) Monitor network activity for threats and vulnerabilities using SIEM tools Perform regular security audits, risk assessments, and penetration tests Respond to and investigate security breaches and incidents Stay current with the latest security threats, technologies, and trends Experience required More ❯

incidents, and ensure robust protection against cyberattacks. Key Responsibilities: Design and implement secure network architectures (firewalls, VPNs, IDS/IPS, etc.) Monitor network activity for threats and vulnerabilities using SIEM tools Perform regular security audits, risk assessments, and penetration tests Respond to and investigate security breaches and incidents Stay current with the latest security threats, technologies, and trends Experience required More ❯

risks, and compliance status About You 3-5 years of experience in cyber security roles, with hands-on involvement in implementing frameworks like NIST, eCAF, or ISO27001 Experience in SIEM, Vulnerability Management, Threat Intelligence, and IAM tools Background in supporting enterprise-level security initiatives aligned with regulatory or certification standards If you're interested in hearing more about the role More ❯

heart of our security operations, developing and maintaining the infrastructure that powers our cutting-edge cybersecurity services. Your focus will be on enhancing and managing our: SIEM (Security Information and Event Management) systems SOAR (Security Orchestration, Automation, and Response) platforms Threat Intelligence tools and integrations You'll work closely with our threat intelligence teams to design and implement smart, automated … of institutions and millions of users across the UK. Your work will directly contribute to the safety and resilience of this network. What We're Looking For: Experience with SIEM and SOAR platforms (e.g., Splunk, Sentinel, Cortex XSOAR). A solid understanding of threat intelligence frameworks and feeds. A collaborative mindset and a passion for automation and innovation. Operational experience More ❯

response activities and containment strategies. Perform deep forensic analysis across endpoints, logs, and network traffic to uncover advanced threats. Develop and fine-tune detection rules and correlation logic in SIEM platforms (e.g., Splunk). Collaborate with engineering and threat intelligence teams to improve detection coverage and SOC workflows. Mentor and guide L1/L2 analysts, providing training, quality reviews, and More ❯

and access control • Identity and Access Management (including RBAC and A/PBAC, permissions management), ZTA • Cryptographic techniques and implementations • IT asset management and tracking • Vulnerability Management and Patching • SIEM principles, products and supporting logging infrastructure • Containerisation and virtual machine security • Delivering secure solutions against project expectations • Strong awareness of and commitment to industry best practice • Driving change in a More ❯

that interoperate and adapt to defend through the Sophos Central platform. Secureworks provides the innovative, market-leading Taegis XDR/MDR, identity threat detection and response (ITDR), next-gen SIEM capabilities, managed risk, and a comprehensive set of advisory services. Sophos sells all these solutions through reseller partners, Managed Service Providers (MSPs) and Managed Security Service Providers (MSSPs) worldwide, defending More ❯

delivering top-tier service in a technically complex space—this could be your next move. ✅ Minimum 3 years SDM experience ✅ Knowledge of ITIL processes and cyber/networking concepts (SIEM, EDR, XDR) ✅ Strong communication & stakeholder management skills ✅ Full UK driving licence – some client site travel required 💡 Why join? Be part of a dynamic, collaborative team Genuine career growth in a More ❯