101 to 125 of 157 SIEM Jobs in the UK excluding London

resilience, DLP measures and regulatory compliance. Role Principal Duties: Proactively monitor network and system activity to detect potential security threats, using tools such as SIEM and endpoint protection platforms Assist in the investigation and resolution of low-level security incidents, escalating more complex issues to senior staff Maintain detailed logs … handled in accordance with incident response procedures Security Tools & Infrastructure: Support the deployment, configuration, and maintenance of core security tools, including antivirus software, firewalls, SIEM systems, Microsoft security services and endpoint protection Ensure DLP policies are effectively integrated into security infrastructure, including email filtering and endpoint protection systems, to prevent ...

reviews and continuous improvement actions Own and manage key security platforms, including security awareness and secure communications tools Ensure effective configuration and use of SIEM and monitoring technologies, with meaningful reporting for senior stakeholders Identify, assess and mitigate cyber risks through regular assessments and control reviews Chair or contribute … and security governance Very strong familiarity with Microsoft security technologies, including Microsoft 365, E5 licensing and the associated security stack (e.g. identity, endpoint, email, SIEM and cloud security tooling) Broad technical exposure across infrastructure, cloud and network technologies, with the ability to translate technical risk into business language Experience working ...

Engineer Milton Keynes We are seeking a hands-on SOC Engineer with strong SIEM and security monitoring experience to join a fast-paced Cyber Security Operations Centre. This role requires both soft and technical skills, focused on the engineering, optimisation, and support of SOC tooling, telemetry, and detection capabilities … improve threat visibility and incident response across hybrid environments. Key Responsibilities Operate, support, and tune SIEM and security monitoring platforms, including Graylog and Splunk. Maintain and optimise log ingestion pipelines across multiple data sources. Develop and refine detection rules, alerts, dashboards, and SOC playbooks. Support incident response, investigation, and containment ...

service accounts. Onboard Windows, Linux/Unix, and network devices into PAM platforms. Manage privileged account controls within Active Directory. Integrate PAM solutions with SIEM tools for event ingestion, correlation, and alerting. Troubleshoot connector, policy, and session issues. Produce high-quality technical documentation and runbooks. Essential experience: Proven hands … discovery and automated governance. Experience onboarding multi-platform systems (Windows/Linux/network devices). Understanding of AD privileged identity management. Experience with SIEM integrations for PAM audit logging. Working knowledge of ISO 27001 and NIST CSF. Strong troubleshooting and analytical skills. Excellent documentation capability. Eligible for SC clearance. ...

tooling is operating effectively to protect client environments. Work with teams to assess risks, design controls and define testing requirements. Support senior engineers with SIEM, threat intelligence and malware analysis platforms. Apply patches/updates, raise changes and follow agreed processes. Keep up to date with threats and recommend improvements. … busy environment. ompTIA Network+ (or similar) or equivalent knowledge. It would be great if you had: Experience with Azure or AWS security features. SIEM experienceespecially Sentinel or Splunk. If you are interested in this role but not sure if your skills and experience are exactly what were looking for, please ...

Review supplier security documentation and identify risks or gaps Maintain security documentation, control records, and evidence repositories Analyse outputs from security tools (vulnerability scanners, SIEM, patching, access reviews) Work with technical teams to validate and improve security controls Contribute to security improvements and control design Experience Required Strong technical background … management, baselines, audits) Understanding of Windows/Linux, networking, IAM, virtualisation, cloud (Azure/AWS), backups, and monitoring Knowledge of security controls (firewalls, EDR, SIEM/logging, encryption, least privilege, vulnerability management) Ability to explain technical security concepts clearly to technical and non-technical audiences Strong documentation and organisational skills ...

We are looking for a Managing Security Engineer to lead the design, implementation and documentation of enterprise security monitoring platforms. This is a key technical leadership role, responsible for ensuring the right tooling, controls and ...

Defining the system specifications to support optimal performance. Integrating workflows with third-party systems and security tools, such as Security Information and Event Management (SIEM) solutions, multi-factor authentication solutions, and cloud platforms like Amazon Web Services (AWS) and Azure. Develop technical documentation for IAM implementations including process documentation ...

your expertise genuinely matters. In this hands-on technical role, youll own the end-to-end design, development and maturity of detection logic across SIEM platformsengineering effective responses to real-world attacker techniques. Youll ope... ZIPC1_UKTJ ...

Review supplier security documentation and identify risks or gaps Maintain security documentation, control records, and evidence repositories Analyse outputs from security tools (vulnerability scanners, SIEM, patching, access reviews) Work with technical teams to validate and improve security controls Contribute to security improvements and control design Experience Required Strong technical background … management, baselines, audits) Understanding of Windows/Linux, networking, IAM, virtualisation, cloud (Azure/AWS), backups, and monitoring Knowledge of security controls (firewalls, EDR, SIEM/logging, encryption, least privilege, vulnerability management) Ability to explain technical security concepts clearly to technical and non-technical audiences Strong documentation and organisational skills ...

NIST Conducting/supporting security audits & remediation Platform security (Entra ID, M365 E5, Azure IaaS/PaaS, Windows/Linux/Unix) Security tools: SIEM, EDR/XDR, vulnerability management Policy development, access control (RBAC/ABAC), logging standards Supporting assurance/government reviews (Secure by Design, GovAssure) Incident management … vulnerability assessment, SIEM/SOC systems ITSM workflows & change control Secure software supply chain & CI/CD security Threat intelligence, CVEs, CVSS interpretation Strong stakeholder communication & reporting skills Desirable: Degree in Cybersecurity, IT, or STEM Security Assurance certifications (CCP, SIRA) Professional security certifications (CISSP, SSCP, CISM, CRISC, CCSP, SABSA, GIAC ...

technical work and mentoring others. Senior SOC Analyst essential skills Proven experience working within a SOC environment, ideally 2+ years Strong knowledge of SIEM, incident management and threat intelligence Experience with cloud security, networking and information security principles Understanding of IDAM, RBAC and joiners, movers and leavers processes Ability … consent for your application to be processed and submitted to the client in conjunction with this vacancy only. Key skills: Senior SOC Analyst, SOC, SIEM, Incident Response, Cloud Security, Threat Intelligence, IDAM, ISO 27001, Team Leadership ...

full incident response lifecycle (detection through to recovery and post-incident review) Overseeing threat detection, vulnerability management, and cyber defence capabilities Driving improvements across SIEM, SOAR, EDR/XDR, and security tooling Ensuring robust monitoring, alerting, and response across cloud, network, and endpoint environments Partnering with Infrastructure, Cloud, and Risk … performance, risks, and KPIs to senior stakeholders What We're Looking For Proven experience leading a Security Operations or SOC function Strong understanding of SIEM, SOAR, EDR/XDR, IDS/IPS, and security tooling Experience managing incident response and threat management in complex environments Strong knowledge of frameworks such ...

prem infrastructure, while supporting both BAU operations and ongoing transformation projects. Key Responsibilities of the Cyber Security Engineer: Deploy, configure, and maintain security tooling (SIEM, EDR, DLP, vulnerability management, PAM) across cloud and on-prem environments Monitor, investigate, and respond to security incidents, including root cause analysis and forensic support … Cyber Security Engineer: Experience in a Cyber Security Engineer, SecOps, or similar hands-on security role Strong experience with enterprise security tooling including SIEM, EDR, DLP, and vulnerability management platforms Familiarity with tools such as CrowdStrike, Absolute, Sumo Logic, and Rapid7 (or similar technologies) Experience supporting cloud environments, ideally Azure ...

and benefits. Why This Role is Exciting High autonomy : Lead projects from idea to deployment Innovation-driven : Develop cutting-edge detections beyond standard SIEM rules Collaborative : Work closely with internal teams and an outsourced SOC partner Mission-focused : Protect critical healthcare data that supports precision medicine Key Responsibilities Design and … Business and an Employment Agency as defined within The Conduct of Employment Agencies & Employment Businesses Regulations 2003. Keywords: Cyber Threat Engineer, Detection & Response Engineer, SIEM Engineer, Security Detection Engineer,T hreat Hunting Engineer, Security Automation Engineer, SOC Engineer, Incident Response Engineer, Cloud Security Engineer, Network Security Engineer, Cybersecurity Analyst (Threat ...

systems, infrastructure and sensitive client data. The successful individual will: Lead and develop a high-performing Information Security team Oversee security operations including SIEM, endpoint protection, vulnerability management and incident response Manage cyber resilience across both cloud and on-premise environments Act as the senior escalation point for security incidents … financial services environments Strong understanding of cyber security operations, governance and risk management Experience managing and developing technical security teams Strong knowledge of SIEM technologies, cloud security and incident response processes Ability to communicate effectively with both technical teams and senior leadership Experience operating within regulated environments Desirable experience includes ...

and assess alerts escalated by the outsourced SOC; validate their accuracy and determine potential impact. Initial Investigation: Perform first-line investigation using available tools (SIEM, Device Logs, firewall logs and SIEM alerts). User Interaction: Engage with affected end users or asset owners to collect additional information, verify events … including malware, phishing, lateral movement and privilege escalation. Working knowledge of network fundamentals, windows/Linux system logs and authentication systems. Working knowledge of SIEM platforms (e.g. Microsoft sentinel, Splunk, Elastic, QRadar). Desirable: Awareness of security frameworks and methodologies (NIST CSF, MITRE ATT&CK, ISO27001). Qualifications: Desirable: CompTIA ...

posts early. Don't miss out! Person Specification Knowledge Essential Working knowledge of concept, procedures and processes of Security Information and Event Management (SIEM); ability to utilise related applications to protect organisational networks from cyber risks. Proven knowledge of tools, techniques and processes of intrusion detection and prevention; ability ...

experience (2 years+) Perform triage of security events ; determine scope, priority and impact, and make recommendations that enable expeditious remediation. Demonstratable experience working with SIEM technology and SIEM engineering (including tool configuration) i.e. ArcSight within an enterprise SOC. Experience in creation of use-cases, analytics and playbooks . An understanding ...

guardrails, and policies in AWS Implement and maintain IaC security scanning for Terraform Manage IAM policies, network segmentation, and secrets management Configure and tune SIEM (or similar) for cloud-focused detection Establish logging, monitoring, and alerting requirements based on threat modelling Investigate and respond to cloud security events Risk & Compliance … read and write IAC (Terraform) code, comfortable with IAC lifecycles Familiarity with container security and Kubernetes Understanding of secure coding, penetration testing techniques, SIEM, and vulnerability management Strong technical skills relevant to Information Security such as secure coding standards, ethical hacking techniques, network security and risk analysis Understanding of managing ...

ongoing transformation initiatives. Key Responsibilities: Own day to day cyber security operations, keeping systems and data secure Support and improve security tooling (firewalls, SIEM, endpoint, encryption) Monitor, investigate and respond to security incidents Look after core network infrastructure (LAN/WAN, Wi-Fi, L2/3, remote access, load balancing … vulnerability checks and ensure patching is up to date Use SIEM tools to spot and act on potential threats early Support audits, access controls and compliance requirements Get involved in (and lead) security and infrastructure projects Keep documentation and processes up to date Work with third-party suppliers where needed ...

implement improvements aligned to security best practice and compliance requirements Secure and support cloud platforms including: Microsoft Azure Amazon Web Services Configure and manage SIEM and security monitoring solutions Provide technical guidance and cyber security advice directly to clients Work closely with internal engineering teams and mentor junior technical staff … experience in a Solutions Engineer, Infrastructure Engineer, Service Desk Engineer, or Cyber Security role Strong understanding of: Network security Firewalls Endpoint Detection & Response (EDR) SIEM technologies Hands-on experience with endpoint security solutions such as: Microsoft Defender Sophos Bitdefender Experience securing cloud-based environments within Azure and/ ...

priority, ensuring appropriate escalation and response. Manage end-to-end incident response activities from detection through to resolution. Support the development and enhancement of SIEM use cases, detection rules, analytics, and playbooks. Conduct real-time analysis of logs and security data to identify malicious activity or policy violations. Work closely … documentation, and operational procedures. Requirements: Proven experience working as a SOC Analyst (Tier 2/3) within enterprise or critical environments. Strong experience with SIEM technologies (e.g. ArcSight or similar), including configuration and engineering support. Ability to triage security alerts and accurately assess risk, impact, and priority. Experience managing security ...

enjoys working across a broad technology estate and keeping up to date with emerging threats and security technologies. Key Responsibilities: * Monitor and develop SIEM and threat detection platforms * Investigate and respond to security incidents and alerts * Support vulnerability scanning, remediation, and reporting activities * Assist with development of security policies, procedures … cyber threats and recommend improvements where appropriate Key Skills & Experience: * 2-4 years' experience within a cybersecurity or infrastructure security role * Experience working with SIEM tools and vulnerability management platforms * Strong understanding of EDR, XDR, MDR, IDS/IPS technologies * Good knowledge of Microsoft security technologies and infrastructure environments * Understanding ...

implement and maintain effective OT security controls. Key Responsibilities Implement OT security controls (segmentation, secure remote access, monitoring tools) Integrate OT environments into SIEM/SOC platforms and tune detections Support OT asset discovery, inventory, and security assessments Identify vulnerabilities and support remediation planning Assist with OT incident response … critical infrastructure environments Strong OT/ICS security background Experience implementing OT security controls and strategies Knowledge of OT networks, segmentation, and industrial protocols SIEM/SOC integration experience in OT environments Strong understanding of: IEC 62443 NIST Cybersecurity Framework ISO 27001 UK CAF framework Experience with OT risk assessments ...