1 to 25 of 457 SIEM Jobs in the UK

SIEM Detection Engineer | Cyber Security Farnborough (Hybrid – 2 days onsite) Up to £65,000 + Excellent Benefits SC Clearance (or eligibility required) Ready to engineer the frontline of cyber defence? We’re working with a highly respected cyber security operation supporting critical defence environments, seeking a SIEM Detection Engineer … threat detection capability across secure enterprise environments. This is a hands-on technical role where you’ll design, build and optimise detection logic across SIEM platforms, working directly against real-world attacker techniques in a mature, high-performing SOC. You’ll have the autonomy to shape detection strategy, influence capability ...

remote access/VPN configurations where required and ensure changes follow change control. Enable and review network security logging/alerting (e.g., syslog/SIEM integrations where applicable). Monitoring, Detection & Incident Response (Sophos MDR) Act as the internal technical point of contact for Sophos MDR and ensure smooth collaboration ...

analysis, threat detection, and handling security incidents end to end. Experience with security tooling such as Security Hub, GuardDuty, Detective, CloudTrail, CloudWatch, Inspector, SIEM (Elastic, Sentinel) and related cloud native controls. Practical experience with scripting (Python preferred) and Infrastructure as Code tooling such as Terraform. Solid understanding ...

Security Operations Center (MSSP) to ensure high‐fidelity alerting and low Mean Time to Resolve (MTTR). Tooling Optimization : Own the security stack (SIEM, EDR, XDR, SOAR). Ensure tools are integrated, automated, and providing maximum ROI rather than just generating “noise.” Automation : Drive a “Detection as Code” philosophy ...

vulnerability management and incident response Familiarity with security monitoring tools such as firewalls, IDS/IPS, and extended detection solutions Experience working with SIEM, cloud security platforms, or log management tools (e.g. CrowdStrike, Lacework or similar) Exposure to identity and access management (IAM) implementations Ability to contribute effectively within ...

cyber threats and AI-enabled attack techniques.Core Skills Strong foundation in modern cyber security engineering and detection engineering principles. Experience with security monitoring platforms, SIEM systems, and alerting/detection pipelines. Strong understanding of identity and access management, endpoint security, logging, network security, and vulnerability management. Knowledge of security architecture ...

work closely together to improve NHS cyber resilience and enable a "Defend as one" strategy across the health and care system. The Senior Security Analyst SIEM Engineering is responsible for deploying feeds from data sources into NHS England's SIEM system, for both newly developed services and existing services being … also manage the SIEM environment, build cyber detection capability and improve the automation of security monitoring. Main duties of the job The Senior Security Analyst SIEM Engineering is responsible for: Deploying feeds from data sources into the NHS England's SIEM tool and ensuring compliance with the SIEM's data ...

WebAuthn, SAML, OAuth 2.0, OpenID Connect). Practical experience securing macOS, Windows and Linux endpoints using MDM and EDR/XDR tooling. Experience operating SIEM and/or SOAR platforms and tuning detection logic. Experience with vulnerability management and patch governance. Ability to write production-quality automation scripts. Demonstrated experience ...

Proven experience leading incident response and remediation activity Expertise in Microsoft 365/Azure security and hybrid cloud environments Experience operating security tooling (EDR, SIEM, firewalls, identity platforms) at scale Solid understanding of frameworks such as ISO 27001, NCSC guidance, NIST CSF, MITRE ATT&CK Experience managing suppliers, SOC providers ...

Proven experience leading incident response and remediation activity Expertise in Microsoft 365/Azure security and hybrid cloud environments Experience operating security tooling (EDR, SIEM, firewalls, identity platforms) at scale Solid understanding of frameworks such as ISO 27001, NCSC guidance, NIST CSF, MITRE ATT&CK Experience managing suppliers, SOC providers ...

certification (e.g., CISSP, CISM, SANS) with ongoing professional development. Experience with cloud security controls and monitoring (e.g., Microsoft 365/Azure). Experience with SIEM/SOAR, detection engineering or incident automation. Experience implementing IAM tooling and access governance (e.g., PAM, IGA). Experience commissioning security testing and remediation programmes ...

standards, reference architectures, and policy controls based on industry frameworks (e.g., NIST, ISO/IEC 27001, CIS) Evaluate and integrate security technologies, including IAM, SIEM, EDR, DLP, WAF, and encryption solutions Collaborate with engineering, DevOps, and IT teams to embed security by design and ensure secure software development lifecycles (SSDLC ...

depth technical knowledge of deploying, maintaining, and configuring a wide range of security technologies within a large and complex environment (anti-malware/EDR, SIEM solutions, vulnerability scanners, patch management, CASB, DLP, penetration testing tools, etc.) Knowledge of TCP/IP and related network protocols: knowledge of standard network protocols ...

scenarios and leading in-depth CTI investigations. Act as the escalation tier for cyber threat intelligence tasks within Cyber Security tooling including EDR and SIEM tooling. Interrogate threat intelligence and internal security tooling to identify items of interest and potential cyber threats. Proactive research and assessment of Tactics. Techniques and ...

Assisting with Zero Trust Client configuration and rollout, including secure network and data access. Integrate Zero Trust solutions with identity providers (Entra AD, Okta), SIEM/SOAR systems, endpoint platforms, and data repositories. Assisting infrastructure teams in migrating legacy VPN, proxy, and firewall solutions to cloud native Zero Trust models ...

remediation actions Security project experience Excellent problem-solving and communication skills Ability to work independently and proactively improve security operations Desirable Skills Experience with SIEM technologies Familiarity with vulnerability management and patching processes Knowledge of Microsoft 365 security technologies Security certifications such as Security+ ...

security pipelines Advanced security testing techniques and real‐world threat scenarios Security tooling such as Burp Suite, Nmap, Nessus, Metasploit Enterprise security platforms (WAF, SIEM, IDS/IPS) Agile delivery environments and collaborative engineering teams Additional Requirements Must be a UK citizen Must be eligible for UK Security Clearance ...

similar) Nice to have BGP, FlowSpec, and traffic engineering knowledge NetFlow/sFlow analysis IDS/IPS, firewalls, and packet analysis (Wireshark, tcpdump) SIEM experience (Splunk) Linux proficiency Virtualisation (KVM, ESXi) Certifications such as CCNP, JNCIS/JNCIP, CySA+, GIAC GCIA or GCIH Bright Purple is an equal opportunities employer ...

Risk in financial services. Experience with frameworks such as NIST, ISO27001, COBIT, SOX, and FFIEC. Good understanding of cloud security, GDPR, IAM/PAM, SIEM, vulnerability management, and network security. CISSP, CISM, CRISC, or similar certifications preferred. Skills & Experience: Strong strategic and analytical thinking Excellent communication and stakeholder management Strong ...

audits, risk assessments and maturity reviews. Engineer and embed technical controls supporting NIST CSF and ISO/IEC 27001 objectives. Support security tooling integration (SIEM log sources, EDR/XDR dependencies, vulnerability tooling). Enable and validate security telemetry coverage audit policy configuration, log forwarding/collection, event quality (normalisation ...

technologies, with experience managing and operating FortiGate firewalls Proven experience with Active Directory/Azure AD, including patch and group policy management Cloud native SIEM, SOCs and SOAR Windows Server, Windows 11, and Microsoft Application Suite Experience with adoption of Infrastructure-as-Code (IaC) utilising technologies such as Terraform and ...

client environments Perform threat detection, triage, analysis, and remediation activities Lead incident response activities and provide technical guidance to junior analysts Analyse alerts from SIEM, EDR, IDS/IPS, and other security tooling Conduct threat hunting and proactive security monitoring Support continuous improvement of SOC processes, playbooks, and operational procedures … development of junior team members Required Experience Proven experience working within an MSSP environment Strong background in Security Operations/SOC environments Experience with SIEM platforms such as Microsoft Sentinel, Splunk, QRadar, or similar Knowledge of EDR technologies and incident response methodologies Strong understanding of network security, firewalls, endpoint security ...

CISO) Need an individual with a strong hands‐on network and security background Cisco networking Cisco firewalls (Firepower/Threat Detection) Palo Alto firewalls SIEM experience (Logarithm desirable) Web proxy (Forcepoint desirable) Governance skills Policy writing/reviewing Reporting KPI monitoring Certifications like CCNP/CISM would be desirable ...

strategic level. Strong technical grounding across key security domains: network, cloud, endpoint, application, and data security. Experience managing or working with vulnerability management tools, SIEM/SOC environments, and incident response processes. Excellent communication and stakeholder management skills, with the ability to influence at all levels of the organisation. Sound ...

function with clear RACI and coherent operating model. Govern the security tooling strategy and operating model (build vs. buy vs. MSSP); maximize value from SIEM, SOAR, IAM, PAM, EDR, DLP, DSPM, and CTI platforms. Security Operations & Incident Response Accountable for SOC performance (24×7 detection, response, threat hunting), DFIR, purple ...