1 to 25 of 184 SIEM Jobs in the UK excluding London

remote access/VPN configurations where required and ensure changes follow change control. Enable and review network security logging/alerting (e.g., syslog/SIEM integrations where applicable). Monitoring, Detection & Incident Response (Sophos MDR) Act as the internal technical point of contact for Sophos MDR and ensure smooth collaboration ...

analysis, threat detection, and handling security incidents end to end. Experience with security tooling such as Security Hub, GuardDuty, Detective, CloudTrail, CloudWatch, Inspector, SIEM (Elastic, Sentinel) and related cloud native controls. Practical experience with scripting (Python preferred) and Infrastructure as Code tooling such as Terraform. Solid understanding ...

Security Operations Center (MSSP) to ensure high‐fidelity alerting and low Mean Time to Resolve (MTTR). Tooling Optimization : Own the security stack (SIEM, EDR, XDR, SOAR). Ensure tools are integrated, automated, and providing maximum ROI rather than just generating “noise.” Automation : Drive a “Detection as Code” philosophy ...

cyber threats and AI-enabled attack techniques.Core Skills Strong foundation in modern cyber security engineering and detection engineering principles. Experience with security monitoring platforms, SIEM systems, and alerting/detection pipelines. Strong understanding of identity and access management, endpoint security, logging, network security, and vulnerability management. Knowledge of security architecture ...

work closely together to improve NHS cyber resilience and enable a "Defend as one" strategy across the health and care system. The Senior Security Analyst SIEM Engineering is responsible for deploying feeds from data sources into NHS England's SIEM system, for both newly developed services and existing services being … also manage the SIEM environment, build cyber detection capability and improve the automation of security monitoring. Main duties of the job The Senior Security Analyst SIEM Engineering is responsible for: Deploying feeds from data sources into the NHS England's SIEM tool and ensuring compliance with the SIEM's data ...

Proven experience leading incident response and remediation activity Expertise in Microsoft 365/Azure security and hybrid cloud environments Experience operating security tooling (EDR, SIEM, firewalls, identity platforms) at scale Solid understanding of frameworks such as ISO 27001, NCSC guidance, NIST CSF, MITRE ATT&CK Experience managing suppliers, SOC providers ...

Proven experience leading incident response and remediation activity Expertise in Microsoft 365/Azure security and hybrid cloud environments Experience operating security tooling (EDR, SIEM, firewalls, identity platforms) at scale Solid understanding of frameworks such as ISO 27001, NCSC guidance, NIST CSF, MITRE ATT&CK Experience managing suppliers, SOC providers ...

depth technical knowledge of deploying, maintaining, and configuring a wide range of security technologies within a large and complex environment (anti-malware/EDR, SIEM solutions, vulnerability scanners, patch management, CASB, DLP, penetration testing tools, etc.) Knowledge of TCP/IP and related network protocols: knowledge of standard network protocols ...

scenarios and leading in-depth CTI investigations. Act as the escalation tier for cyber threat intelligence tasks within Cyber Security tooling including EDR and SIEM tooling. Interrogate threat intelligence and internal security tooling to identify items of interest and potential cyber threats. Proactive research and assessment of Tactics. Techniques and ...

Analyst * Detection & Response Lead * Cyber Security Team Lead You'll ideally bring experience across some of the following: * Security Operations and Incident Response * SIEM, EDR/XDR and security monitoring tools * Vulnerability Management * Threat Detection and Threat Hunting * Cloud Security (Azure, AWS or GCP) * Security Frameworks such ...

similar) Nice to have BGP, FlowSpec, and traffic engineering knowledge NetFlow/sFlow analysis IDS/IPS, firewalls, and packet analysis (Wireshark, tcpdump) SIEM experience (Splunk) Linux proficiency Virtualisation (KVM, ESXi) Certifications such as CCNP, JNCIS/JNCIP, CySA+, GIAC GCIA or GCIH Bright Purple is an equal opportunities employer ...

Risk in financial services. Experience with frameworks such as NIST, ISO27001, COBIT, SOX, and FFIEC. Good understanding of cloud security, GDPR, IAM/PAM, SIEM, vulnerability management, and network security. CISSP, CISM, CRISC, or similar certifications preferred. Skills & Experience: Strong strategic and analytical thinking Excellent communication and stakeholder management Strong ...

audits, risk assessments and maturity reviews. Engineer and embed technical controls supporting NIST CSF and ISO/IEC 27001 objectives. Support security tooling integration (SIEM log sources, EDR/XDR dependencies, vulnerability tooling). Enable and validate security telemetry coverage audit policy configuration, log forwarding/collection, event quality (normalisation ...

function with clear RACI and coherent operating model. Govern the security tooling strategy and operating model (build vs. buy vs. MSSP); maximize value from SIEM, SOAR, IAM, PAM, EDR, DLP, DSPM, and CTI platforms. Security Operations & Incident Response Accountable for SOC performance (24×7 detection, response, threat hunting), DFIR, purple ...

networking, and application hardening for Windows, macOS, and Linux, including virtualization security. Experience deploying, maintaining, and administering security technologies like IDS, DLP, FIM, firewalls, SIEM, MFA, vulnerability assessment tools, web proxies, and WAFs. Experience with cloud providers and Infrastructure as Code (IaC) tools, such as Terraform, Ansible, or CloudFormation. Proficiency ...

environments Technology Skills & Experience Principles of network and boundary protection (firewalls, mail gateways, load balancers, antivirus, IPS/IDS, Diodes) Protective Monitoring systems (SIEM/SOC) and deployment principles Authentication & authorisation technologies (SAML, LDAP, PKI, etc.) Encryption protocols and structures supporting secure deployment Communication & Soft Skills Excellent verbal and written ...

incidents alongside the Head of Cyber Work with the existing MSSP across incident response and proactive monitoring and detection Maintain and optimise Microsoft Sentinel SIEM, XDR/MDR/EDR solutions, and supporting tools. Track deployment and health of all security products across the business. Stay ahead of emerging threats ...

architecture Experience with vulnerability management and security operations within OT environments Understanding of security technologies including: IAM, EDR, Firewalls, PKI, DLP, DAM Experience with SIEM technologies such as: Google Chronicle, Splunk ES & QRadar Experience with log source integration, correlation rules and parser development Strong stakeholder engagement and communication skills Desirable ...

identification, and continuous improvement Lead security engagement within client Design Authority and Enterprise Architecture forums Manage integration with the client SOC, including security reporting, SIEM alignment, and incident response coordination Oversee security incident management in line with the client Cyber Security Incident Response Plan Own joiner/mover/leaver ...

Bash, Python, or Java. Experience working within Agile/Scrum delivery environments. Strong knowledge of CI/CD pipelines and DevOps tooling. Familiarity with SIEM platforms, security controls, and cloud security tooling. Experience with Wiz tooling, including Wiz Cloud and Wiz Defend. Strong containerisation and orchestration experience using Docker and ...

systems remain at the required security posture against baseline requirements Work with the Security Monitoring engineering team to ensure logs are forward to the SIEM capability Work with the customer and appropriate agencies to develop new policies, design processes, and procedures, and develop technical designs Assess system vulnerabilities, implement risk ...

security operations as a discipline Required Experience & Skills 3+ years' experience in a SOC or closely related cyber security role Strong working knowledge of: SIEM platforms Security Incident Management Cloud environments Networking fundamentals Threat intelligence and threat hunting Information security principles Phishing, ransomware, and modern attack vectors Identity & Access Management ...

this technical role is on threat prevention, detection and response for Marshall, including the configuration and monitoring of a security information and event management (SIEM) system, operating next generation antivirus, intrusion detection/prevention systems (IDS/IPS), vulnerability management tools and Firewall, DLP, Web and Email Security Gateways.This … and help coordinate, routine security event monitoring and investigations using available toolsUse, configure and develop the use of a security information and event management (SIEM) and EDR toolMonitor and configure network intrusion detection and prevention systemsAnalyse and create reports for security incidents, to determine root cause and lessons learntCreate and ...

Proven experience as a Security/Cyber Security Architect Strong cloud security knowledge (Azure, AWS, M365) Broad security control experience (IAM, PAM, DLP, SIEM, endpoint, network) Experience in regulated or critical environments desirable Certifications such as CISSP, CISM or ISO 27001 beneficial If you're looking for a role with ...

and ability to integrate security into service delivery. Skilled in presenting complex security strategies to senior leadership and external stakeholders. Experience with security automation, SIEM platforms, and SOC operations. Knowledge of enterprise architecture frameworks (TOGAF). Familiarity with NHS Data Security and Protection Toolkit and Cyber Essentials Plus. Demonstrable compassionate ...