1 to 25 of 146 SIEM Jobs in the UK excluding London

governance, assurance frameworks, and audit processes (ISO 27001, NIST, GDPR, Cyber Essentials Plus). Experience with modern security tooling such as:o Cortex XDR/Palo Alto Networkso Splunk (SIEM and dashboarding)o Abnormal Security (email security)o Prisma Cloud (cloud security posture management)o Airlock (application and API security)o Nucleus (vulnerability management and reporting) Deep knowledge of incident More ❯

experience. Proven experience within a SOC (Security Operations Centre) or NOC (Network Operations Centre). Strong understanding of incident response methodologies and the MITRE ATT&CK framework. Experience using SIEM, IDS/IPS, vulnerability scanners, and Azure security tools. Technical expertise in Microsoft Defender, EDR (Endpoint Detection and Response), and network architecture. Practical experience managing cyber incidents and implementing secure More ❯

Overview We are data insight experts, empowering clients to own, manage and rule their data. One of our specialisations is in cybersecurity consultancy offering end-to-end SIEM services, helping clients design, deploy, and optimise security monitoring and threat detection solutions. Our team provides comprehensive support across all stages of SIEM implementation, from initial strategy and solution design to deployment … focus is on delivering tailored solutions that enhance security postures, maintain compliance, and provide actionable threat intelligence. What we're looking for We are seeking a client-focused Senior SIEM Consultant with a strong foundation in SIEM technologies, cybersecurity best practices, and threat detection strategies. In this role, you will work closely with clients to understand their security needs, provide … guidance on SIEM architecture, and design tailored solutions across platforms, including Splunk and other leading SIEM tools. You'll participate in hands-on configuration and optimisation as needed but with a primary focus on advising clients, developing design strategies, and ensuring their security objectives are met. This position is ideal for someone with experience in SIEM or SOC environments who More ❯

emerging tech. The following would also be of interest: Certifications in automation/cloud (Azure Solutions Architect, Terraform, GIAC), vulnerability management (Qualys, ISO 27001, NIST). Experience with SOAR, SIEM, XDR, and cloud-native security (especially Azure). Pre-sales or solution architecture exposure. What can we offer you? Through our one of a kind training programme, the Littlefish Academy More ❯

of NIST, CIS, ISO, COBIT, OWASP, and willingness to work out of hours/travel when needed. Desirable: Experience in MxDR/SOC support, security technologies (IDS/IPS, SIEM, firewalls), and compliance frameworks (GDPR, Cyber Essentials+, SOC2, PCI-DSS). Strong understanding of data protection principles. If you're a proactive security professional looking to shape and strengthen a More ❯

investigations into security incidents and breaches. Perform root cause analysis and provide actionable recommendations. Conduct static and dynamic malware analysis; reverse engineer to identify IOCs. Monitor, tune, and optimise SIEM tools - particularly IBM QRadar , Splunk, and Microsoft Sentinel. Develop and refine SOC use cases, runbooks, and playbooks. Integrate emerging threat intelligence into monitoring and detection workflows. Liaise with clients, Service More ❯

Contract SIEM Engineer Exciting contract opportunity to join a high-performing cybersecurity team Hybrid working model, three days onsite and two remote Contribute to cutting-edge SIEM and EDR deployments for a large-scale organisation Up to £410 per day (Inside IR35) Active SC clearance required ABOUT THE CLIENT: Our client is a well-established technology-driven organisation with a … advancing its cybersecurity capabilities. You will join a dedicated security team working to enhance threat detection and response across complex environments. This is a crucial role for an experienced SIEM Engineer to make a measurable impact by improving resilience and operational security. THE BENEFITS: Up to £410 per day (Inside IR35) Hybrid working arrangement Collaborative and innovative security culture Opportunity … to work with leading SIEM and EDR technologies THE SIEM ENGINEER ROLE: As a SIEM Engineer, you will design, deploy, and maintain SIEM and EDR solutions that strengthen the organisation's security posture. You will work closely with IT and security teams to manage log ingestion, implement integrations, and monitor system activity for potential threats. SIEM ENGINEER ESSENTIAL SKILLS: Proven More ❯

Conduct regular security audits and assessments to identify and remediate risks. Apply industry frameworks such as NIST Cybersecurity Framework, ISO 27001, CIS Controls . Oversee and enhance security technologies: SIEM, vulnerability management, cloud security (OCI/Azure/AWS), PKI, cryptography, web/email security, logging and monitoring . Monitor network traffic for anomalies and potential breaches. Collaborate with IT More ❯

of security goals. What do we need from you? Deep expertise in securing cloud platforms (AWS, Azure, GCP) with a focus on financial services Proven experience with tools like SIEM, SOAR, IDS/IPS, and cloud-native security solutions Strong understanding of encryption protocols, key management systems, and IAM best practices Hands-on experience with container security tools for Kubernetes More ❯

Qualys or similar platforms). Understanding of Email Security platforms (e.g., Darktrace) and Security Awareness & Training platforms. Knowledge of security frameworks (ISO 27001, NIST, GDPR, etc.). Familiarity with SIEM, security system administration, and incident response. Understanding of SOC operations and monitoring. No formal qualifications required, although a security or IT-related certification (e.g., CompTIA Security+, CISSP, CISM) are desirable. More ❯

to harness data analysis to detect threats, identify trends, and deliver actionable security insights. Strong track record in threat detection, incident management, and escalation handling. Hands-on experience managing SIEM and SOAR platforms such as Splunk, Microsoft Sentinel, or Elastic. Skilled in coaching analysts, building high-performing teams, and managing effective shift models. Confident communicator with the ability to translate More ❯

information security, risk, or compliance roles. Strong understanding of ISMS principles (ISO 27001) and audit support for SOC 2 Type II. Hands-on experience with security tools and controls - SIEM, IAM/PAM, endpoint protection, vulnerability management. Working knowledge of data-protection and privacy standards (GDPR, HIPAA). Excellent communication skills - able to collaborate across technical and non-technical teams. More ❯

day-to-day operations of the Counter Threat Unit, ensuring security controls are effectively implemented across infrastructure and cloud environments. Configure, maintain, and optimise security tools and solutions (e.g., SIEM, EDR )to protect enterprise systems. Monitor systems and networks for anomalies, gather and analyse threat intelligence, and contribute to situational awareness. Investigate and resolve security incidents in line with organisational More ❯

requiring strong communication skills and the ability to work across engineering, operations, and cyber security functions. What You'll Need (Essential) Strong working knowledge of core SOC tooling e.g. SIEM/Splunk, IDPS, Email/Web security, Firewalls Hands-on experience with Cisco ASR, Palo Alto or Fortinet firewalls Excellent understanding of network technologies (LAN/WAN, routing, switching) Experience More ❯

will play a key part in implementing security controls, mitigating risk and contributing to the continuous improvement of the company's overall security posture. Responsibilities: * Monitor security tools including SIEM (QRadar) and respond to threat detection alerts * Triage, analyse and prioritise security (via ServiceNow) * Investigate root causes of security issues and design effective remediation solutions * Oversee Patch Management * Conduct vulnerability More ❯

PowerShell and automation. Consulting experience across IT and digital teams. Flexibility for occasional travel and out-of-hours support. Exposure to MxDR/SOC environments and advanced security protocols (SIEM, IDS/IPS, firewalls). Knowledge of GDPR, Cyber Essentials+, PCI-DSS, and other compliance standards. Strong grasp of data protection legislation (e.g., GDPR, Data Protection Act). Global Impact More ❯

and automation. Consulting experience across IT and digital teams. Flexibility for occasional travel and out-of-hours support. Desirable: Exposure to MxDR/SOC environments and advanced security protocols (SIEM, IDS/IPS, firewalls). Knowledge of GDPR, Cyber Essentials+, PCI-DSS, and other compliance standards. Strong grasp of data protection legislation (e.g., GDPR, Data Protection Act). Why Join More ❯

effectiveness, and support compliance with ISO 27001, GDPR, and Cyber Essentials Plus Technology NIST, CIS, NCSC, Mitre Att&ck, Security Scorecard, M365/Azure Security Center Azure Security Center, SIEM, Defender ATP, M365 Security, Data Compliance and Governance, PIM & PAM Zscaler (ZTNA), Darktrace, Firewalls, NAC, Network segregation, remote access & wireless technologies Windows & KQL (MS Sentinel) scripting Cloud computing (IaaS, PaaS More ❯

background in cybersecurity or a related subject. Desirable Skills: Programming/scripting (Python, Bash, PowerShell, etc.). Additional SOC certifications (e.g., CREST Practitioner Intrusion Analyst). Experience with other SIEM platforms like QRadar. Additional Info: Permanent role with a salary up to £58K (depending on experience), plus shift allowance. Benefits include 25 days annual leave (plus buy/sell options More ❯

engineering lifecycle from design to deployment Desirable Skills Experience with cloud platforms (AWS, Azure) and Infrastructure as Code (CloudFormation, Terraform) Integration of enterprise services such as Active Directory, PKI, SIEM, and monitoring tools Hands-on with DevSecOps tools and CI/CD pipelines Relevant industry certifications (VMware VCP, AWS Solutions Architect, Microsoft, Kubernetes, etc.) Experience presenting at technical boards or More ❯

readiness and response. Key responsibilities of the role are summarised below: · Security monitoring and incident response · Detection engineering - Develop, maintain, and enhance security detection content primarily for the Splunk SIEM, to enable the detection of threats across diverse platforms (e.g. cloud, endpoints, and networks) · Use frameworks like MITRE ATT&CK to map detection rules and maximise threat coverage · Use analytical More ❯

requirements • Participating in the execution of daily checks raising any findings or anomalies to the CDC specialist for further investigation • Identifying and reporting inconsistencies or repetitive false positives in SIEM alerts to support alert tuning and reduce unnecessary noise • Escalating cases to the threat intelligence team when deeper intelligence correlation is required • Working with the operational technology cyber team to More ❯

IOT/Mobile technologies and related security best practices Cloud technologies (Amazon Web Services ("AWS"), Azure, etc.) and their operation and security best practices Identity and access management solutions SIEM CASB SOC design, build and operation Strong analytical mind and problem-solving skills. Excellent project management and interpersonal skills. Consulting experience (beneficial). Understanding of modern security concepts and principles More ❯

and reverse engineering. Programming and scripting such as Python, Perl, Bash, PowerShell, C++. CREST Practitioner Intrusion Analyst/Blue Teams Level 1 or other SOC related certifications. Experience with SIEM technologies, namely Sentinel and Splunk. If you are interested in this role but not sure if your skills and experience are exactly what we’re looking for, please do apply More ❯

and reverse engineering. Programming and scripting such as Python, Perl, Bash, PowerShell, C++. CREST Practitioner Intrusion Analyst/Blue Teams Level 1 or other SOC related certifications. Experience with SIEM technologies, namely Sentinel and Splunk. If you are interested in this role but not sure if your skills and experience are exactly what were looking for, please do apply, wed More ❯