51 to 75 of 157 SIEM Jobs in the UK excluding London

within a security-focused environment, supporting and implementing solutions such as Mobile Device Management (MDM), Microsoft Endpoint Manager, Multi-Factor Authentication (MFA), Password Management, SIEM, EDR (Endpoint Detection & Response) and vulnerability scanning technologies. Assist with maintaining and improving client cyber security standards, contributing towards Cyber Essentials Plus accreditation projects and ...

complex solutions Strong communication and stakeholder engagement skills Commercially aware and target-driven (Desirable) Experience with cyber security technologies such as firewalls, XDR, SIEM/SOC, SASE, or consultancy services Exposure to enterprise, public sector, or regulated industries Experience working with vendor-led opportunities What’s on Offer Competitive salary ...

enterprise clients Create high-level and low-level architecture designs and technical specifications Work with cloud platforms, directories, HR systems, and security tools (SIEM, MFA) Define operating models, roadmaps, and maturity assessments (Senior and above) Develop client proposals, commercial offers, and executive presentations (Senior Manager and above) Build and maintain ...

contributing to continuous improvement of security operations What they’re looking for: Experience in a SOC or Security Operations environment Hands-on exposure to SIEM tools (e.g. Sentinel, Splunk, QRadar) Understanding of incident response, alert triage, and escalation processes Familiarity with EDR tools and general security tooling Ability to work ...

meet business, compliance, and risk mitigation requirements; ensuring controls are effective, measurable, and operationally sustainable. Implement and maintain detection and response capabilities through SIEM integration with security controls and IT systems, with a focus on reducing time-to-detect and time-to-remediate through improved pre-incident engineering. Participation … 24x7 on-call support rota, responding to SIEM health alerts and restoring log ingestion where required. Manage use cases, perform data enrichment, and define standardized and automated containment workflows. Develop and manage operational procedures and reporting methodology. Manage and oversee security technology platforms (e.g. SIEM, SOAR, EDR, and email security ...

detection engineering, cloud security, incident response, vulnerability management, and security architecture.Key Responsibilities Design, implement, and improve security controls across cloud and enterprise infrastructure Enhance SIEM, SOAR, and EDR/XDR capabilities including alerting, tuning, and integrations Build intelligent detection and response workflows Develop automation solutions using scripting and AI-assisted … best practices Monitor emerging threats and recommend improvements to security posture Technical EnvironmentThe team works across a modern cloud-first stack with exposure to: SIEM/SOAR platforms EDR/XDR tooling AWS cloud environments Identity & Access Management Vulnerability Management Security Automation & Scripting CSPM tooling AI-assisted security operations What ...

detection engineering, cloud security, incident response, vulnerability management, and security architecture.Key Responsibilities Design, implement, and improve security controls across cloud and enterprise infrastructure Enhance SIEM, SOAR, and EDR/XDR capabilities including alerting, tuning, and integrations Build intelligent detection and response workflows Develop automation solutions using scripting and AI-assisted … best practices Monitor emerging threats and recommend improvements to security posture Technical EnvironmentThe team works across a modern cloud-first stack with exposure to: SIEM/SOAR platforms EDR/XDR tooling AWS cloud environments Identity & Access Management Vulnerability Management Security Automation & Scripting CSPM tooling AI-assisted security operations What ...

analysts in hunting methodologies and investigative techniques Review and improve alert fidelity, detection coverage, and response effectiveness Provide technical oversight for tooling such as SIEM, EDR/XDR, NDR, SOAR, and cloud-native security platforms Detection Engineering & Improvement Collaborate with detection engineers to convert hunt findings into new or improved … Operations, Threat Hunting, or Incident Response Proven experience leading investigations involving advanced persistent threats, insider threats, or targeted attacks Strong hands-on expertise with: SIEM platforms (e.g. Sentinel, Splunk, Elastic) EDR/XDR solutions (e.g. Defender, CrowdStrike, SentinelOne) Network and cloud security telemetry Strong understanding of: MITRE ATT&CK Windows ...

project. Essential: * Experience of shaping and rolling out Security projects within a complex multi-organisation enterprise. * Experience standing up a Security Monitoring (SIEM)/Security Orchestration, Automation & Response (SOAR)/Security Operations Centre (SOC). * Experience implementing Identity Access Management (IAM) in a multi-organisation ecosystem. * Experience managing multiple rainbow ...

patching, upgrades and platform improvements Monitor system health and carry out maintenance Investigate incidents and perform root cause analysis Support integrations with Active Directory, SIEM, Syslog and monitoring tools Automate processes to improve efficiency Required Experience Strong Imperva DAM or similar experience Strong Linux administration skills Scripting experience, Bash, Perl ...

partysupplierstoprogressinvestigationandremediation. Participateinout-of-hoursresponseasrequired. Knowledge,Skills&ExperienceEssential ProvenexperienceinaLevel3orSeniorSecurityAnalystorIncidentResponserole. Hands-onexperienceinvestigatingandresolvingincidentsacrossendpoints,identityplatforms,networks,andcloudservices. Strongunderstandingofmalwareandransomwareresponse,identitycompromise,andvulnerabilityremediation. ExperienceworkingwithinformalSecurityIncidentandMajorIncidentprocesses. Strongwrittendocumentationandstakeholdercommunicationskills. Knowledge,Skills&ExperienceDesirable Experiencesupportingmulti-siteoroperationallysensitiveenvironments. FamiliaritywithDefender,SIEM,EDR,andvulnerabilitymanagementtools. UnderstandingofregulatedorPCI-adjacentenvironments. Relevantsecuritycertificationsorequivalentexperience. BehaviouralCompetencies Takesownershipfromdetectionthroughtoresolution. Investigatesthoroughlyandchallengesincompletefixes. Calm,methodical,anddecisiveduringliveincidents. Understandsoperationalandbusinessimpact. Professionalandconfidentwhenengagingcustomersandsuppliers. DecisionMaking&Authority Makestechnicaldecisionsrelatingtoinvestigation,containment,andremediationofsecurityincidents. EscalatesriskanddecisionpointsappropriatelytoIncidentManagementandServiceDeliveryleadership. KeyInterfaces IncidentManagement SecurityOperations InfrastructureandNetworkServices Third-partysuppliers ...

Security posture features. Skilled in Fleet/Agent deployment, data stream design, and performance tuning at scale. Strong client management and relationship building experience SIEM experience with Splunk/Elastic Excellent analytical and problem-solving skills coupled with ability to assess complex situations, identify risks, and recommend effective solutions Proven ...

Supporting change management aligned to ITIL best practice Technologies you'll need experience with: Microsoft 365 — Admin, Security, Compliance, Exchange and GDAP Microsoft Sentinel (SIEM/SOAR) and incident triage/response Microsoft 365 Defender — Defender for Endpoint and Defender for Office 365 Microsoft Entra & Intune — Conditional Access, LAPS, Configuration ...

technical and non-technical stakeholders Eligibility for SC Clearance Desirable skills Scripting or programming experience (Python, PowerShell, Bash, Perl or C++) Experience with additional SIEM tools such as QRadar Cyber security certifications such as Security+, CEH, CPSA or CREST Please either apply through this advert or emailing me directly … required skills) your application to our client in conjunction with this vacancy only. KEY SKILLS: SOC Analyst, Security Operations Centre, Microsoft Sentinel, Splunk, SIEM, Incident Response, MITRE ATT and CK, Networking, SC Clearance ...

technical and non-technical stakeholders Eligibility for SC Clearance Desirable skills Scripting or programming experience (Python, PowerShell, Bash, Perl or C++) Experience with additional SIEM tools such as QRadar Cyber security certifications such as Security+, CEH, CPSA or CREST Please either apply through this advert or emailing me directly … required skills) your application to our client in conjunction with this vacancy only. KEY SKILLS: SOC Analyst, Security Operations Centre, Microsoft Sentinel, Splunk, SIEM, Incident Response, MITRE ATT and CK, Networking, SC Clearance ...

likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible for un-caveated UK SC Clearance. … Responsibilities Develop, maintain, and optimise detection content (primarily within Splunk SIEM) to identify threats across cloud, endpoint, and network environments. Collaborate across security functions to identify gaps in logging, alerting, and detection coverage aligned to business risk. Improve SecOps processes by recommending enhanced logging, identifying trends, and driving operational optimisation. ...

likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible for un-caveated UK SC Clearance. … Responsibilities Develop, maintain, and optimise detection content (primarily within Splunk SIEM) to identify threats across cloud, endpoint, and network environments. Collaborate across security functions to identify gaps in logging, alerting, and detection coverage aligned to business risk. Improve SecOps processes by recommending enhanced logging, identifying trends, and driving operational optimisation. ...

likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible for un-caveated UK SC Clearance. … Responsibilities Develop, maintain, and optimise detection content (primarily within Splunk SIEM) to identify threats across cloud, endpoint, and network environments. Collaborate across security functions to identify gaps in logging, alerting, and detection coverage aligned to business risk. Improve SecOps processes by recommending enhanced logging, identifying trends, and driving operational optimisation. ...

likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible for un-caveated UK SC Clearance. … Responsibilities Develop, maintain, and optimise detection content (primarily within Splunk SIEM) to identify threats across cloud, endpoint, and network environments. Collaborate across security functions to identify gaps in logging, alerting, and detection coverage aligned to business risk. Improve SecOps processes by recommending enhanced logging, identifying trends, and driving operational optimisation. ...

likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible for un-caveated UK SC Clearance. … Responsibilities Develop, maintain, and optimise detection content (primarily within Splunk SIEM) to identify threats across cloud, endpoint, and network environments. Collaborate across security functions to identify gaps in logging, alerting, and detection coverage aligned to business risk. Improve SecOps processes by recommending enhanced logging, identifying trends, and driving operational optimisation. ...

events, alerts and incidents across cloud, platform, and application layers. Execute vulnerability scanning, patch assurance and configuration compliance checks. Maintain security tooling such as SIEM, EDR, vulnerability scanners, and cloud-native controls. Support ISO 27001 control operation and evidence collection. Ensure compliance with MoD security standards including JSP 440 and … Support improvement of SecOps processes, SOPs and monitoring automation. Essential Skills Experience operating within a Security Operations or SecOps function Hands-on experience with SIEM (e.g. ELK), EDR and vulnerability tooling Experience securing Linux and Windows environments Understanding of ISO 27001 and secure configuration principles Experience supporting cloud or virtualised ...

resilience. You will sit at the heart of our cyber defence operations, working daily with technologies including Microsoft O365 Defender, Entra ID, Intune, Rapid7 SIEM, and Sophos Antivirus. Youll be responsible for monitoring security events, investigating suspicious activity, responding to incidents, and continuously improving our security posture. This … cyber security What you will do: Security Monitoring & Incident Response Actively monitor alerts and telemetry across endpoints, identities, email, and cloud services using Rapid7 SIEM, Microsoft Defender, and Sophos AV. Investigate suspected cyber attacks including malware infections, phishing campaigns, identity compromise, and unauthorised access attempts. Perform triage, root cause analysis ...

Senior Cyber Security Analyst, Professional Services, CompTIA, SIEM, ISO27001, Part Remote Senior Cyber Security Analyst required to work for a Law Firm based in the City of London. It will be 3 days a week in the office and 2 from home. We need an experienced Senior Cyber Security Analyst … relevant certification preferred Strong understanding of network and end point security, incident response, threat intelligence, and vulnerability management Experienced with security tools such as SIEM platforms, EDR/XDR solutions, firewalls, IDS/IPS Strong knowledge of Microsoft Azure cloud security technologies and concepts Familiar with cybersecurity frameworks such ...

demonstrate you are well versed in dealing with Cyber Security incident management/responses and mitigating the risks. You will have proven experience in SIEM, Anti-Virus, Vulnerability management, Data Loss Prevention and security tools as well as a good understanding of compliance around ISO 27001 and PCI-DSS This ...

demonstrate you are well versed in dealing with Cyber Security incident management/responses and mitigating the risks. You will have proven experience in SIEM, Anti-Virus, Vulnerability management, Data Loss Prevention and security tools as well as a good understanding of compliance around ISO 27001 and PCI-DSS This ...