76 to 100 of 157 SIEM Jobs in the UK excluding London

/SSL Encryption CDN, Edge Computing, Caching, and Edge Storage Border Gateway Protocol (BGP) and ACLs Zero Trust Architecture Load Balancing concepts Threat Intelligence, SIEM Monitoring, and Traffic Reporting Proxies and Reverse Proxies for Ingress/Egress management Cloud Infrastructure, particularly CDN and Edge Security platforms ...

enterprise security platforms Strong understanding of offensive techniques mapped to detection capabilities (aligned to MITRE ATT&CK) Experience integrating security tooling outputs into SIEM platforms and broader security workflows Experience with tools such as SafeBreach, BloodHound, Microsoft EASM , or similar technologies is highly desirable Experience working within the Banking and ...

Cyber Threat Detection/SIEM Analyst - SANS/GIAC Cyber Threat Detection Analyst Location: Wokingham, Berkshire (On-site) Salary: Competitive (dependent on experience) + excellent benefits & training Security Clearance: Ideally SC Cleared or eligible for SC Role Overview As a Cyber Threat Detection Analyst, you will play a hands … and high-fidelity threat detection across enterprise environments. This role goes beyond reactive alert handling. You will actively hunt for malicious activity using telemetry, SIEM data, and threat intelligence, develop hypotheses based on MITRE ATT&CK Tactics, Techniques, and Procedures (TTPs), and support incident management and response activities when threats ...

profession standards with HR/L&D.Timely access to SL stakeholders, systems, repositories, and tooling (e.g., policy library, LMS, phishing platform, service management/SIEM, PMO data). Availability of policy owners and project managers for reviews and attestations. SL will provide required clearances, facilities, and collaboration tools. Core experience ...

global JML processes Map current and future state identity lifecycle processes Gather and define business and technical requirements Capture integration requirements (HR systems, SIEM, PAM, ITSM, AD/Entra) Support application onboarding, role modelling, and access policies Document data flows, attribute mappings, and provisioning rules Work with global stakeholders ...

Security (IAM, MFA, encryption, policy enforcement) Storage & data services (object/block/file, backup, replication) Automation (IaC, pipelines, scripting) Observability (logging, metrics, tracing, SIEM integration) Why Join Quorum? Quorum is an employee-owned IT consultancy, delivering managed services, projects, and professional services to organisations across the public and private ...

/CD pipelines Driving ISO 27000 implementation and supporting ongoing compliance initiatives Introducing and managing cybersecurity tools such as vulnerability scanners, endpoint protection, SIEM, and cloud security monitoring solutions Requirements: Extensive experience in a DevOps team lead role using AWS, (IAM, S3, EKS). Experience with IaC such as Terraform.. ...

within 18 months following your successful probationary period. Key Responsibilities Incident Triage & Investigation – You review and prioritise new alerts from security monitoring tools (e.g., SIEM, endpoint solutions), performing basic checks to distinguish genuine threats from false positives. You rely on established playbooks and make initial validation decisions while escalating more ...

Engineer, Infrastructure Security Engineer, Network Security Engineer, Platform Security Engineer, Cyber Security Engineer or DevSecOps Engineer with strong enterprise firewalling, secure infrastructure, Elastic/SIEM, public cloud security and hands-on security engineering experience. This is a senior, hands-on role working across firewalling, on-premise and cloud security, secure … Working with VMware NSX/vDefend security controls, including distributed firewall policies and micro-segmentation Working with Elastic Stack/Elastic Security for logging, SIEM, monitoring, threat detection and dashboards Supporting AWS/public cloud security across secure and regulated environments Hardening Windows Server environments, Active Directory, Group Policy and ...

closely with infrastructure, cloud, and SOC teams to detect, prevent, and respond to security threats. Key Responsibilities Monitor and respond to security alerts across SIEM and EDR platforms Manage and tune security tools including firewalls, WAFs, and endpoint protection Investigate and support response to security incidents Perform vulnerability assessments and … policies, standards, and procedures Assist with threat detection engineering and rule tuning Required Skills & Experience Strong understanding of core security technologies (NGFW, WAF, EDR, SIEM) Experience in a SOC, security engineering, or infrastructure security role Good knowledge of networking and common attack types (e.g. SQL injection, phishing, malware) Experience with ...

likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible for un-caveated UK SC Clearance. … Responsibilities Develop, maintain, and optimise detection content (primarily within Splunk SIEM) to identify threats across cloud, endpoint, and network environments. Collaborate across security functions to identify gaps in logging, alerting, and detection coverage aligned to business risk. Improve SecOps processes by recommending enhanced logging, identifying trends, and driving operational optimisation. ...

detect and respond to threats quickly and efficiently. Install, configure and maintain security monitoring tools Ensure SOC tooling is optimised and operating effectively Support SIEM platforms and threat intelligence tooling Work with teams to assess risk and design security controls Apply updates, patches and follow change processes Stay current with … emerging threats and recommend improvements SOC ENGINEER ESSENTIAL SKILLS Strong understanding of information security fundamentals Experience with SIEM tools such as Sentinel or Splunk Familiarity with security monitoring technologies Analytical mindset with strong problem solving skills Ability to manage multiple priorities and meet deadlines Strong communication and collaboration skills ...

detect and respond to threats quickly and efficiently. Install, configure and maintain security monitoring tools Ensure SOC tooling is optimised and operating effectively Support SIEM platforms and threat intelligence tooling Work with teams to assess risk and design security controls Apply updates, patches and follow change processes Stay current with … emerging threats and recommend improvements SOC ENGINEER ESSENTIAL SKILLS Strong understanding of information security fundamentals Experience with SIEM tools such as Sentinel or Splunk Familiarity with security monitoring technologies Analytical mindset with strong problem solving skills Ability to manage multiple priorities and meet deadlines Strong communication and collaboration skills ...

and high-fidelity threat detection across enterprise environments. This role goes beyond reactive alert handling. You will actively hunt for malicious activity using telemetry, SIEM data, and threat intelligence, develop hypotheses based on MITRE ATT&CK Tactics, Techniques, and Procedures (TTPs), and support incident management and response activities when threats … hunting, cyber threat detection, SOC, blue team, or cyber defence environments, with ideally around five years hands on experience. Strong hands-on experience using SIEM platforms, including: Microsoft Sentinel (KQL) Splunk (SPL) Elastic Security/Kibana (KQL, ESQL) Practical and operational understanding of MITRE ATT&CK, attacker techniques, and adversary ...

while remaining at the forefront of the evolving threat landscape. Key Responsibilities Monitor and analyse security events across networks, endpoints, and cloud environments using SIEM, EDR, and related security tools, in line with documented SLAs. Investigate, respond to, and resolve security incidents and alerts, ensuring timely detection, containment, and remediation. … Security or Cybersecurity role. Strong understanding of cyber defence practices and modern attack techniques. Hands-on experience with security technologies such as EDR, XDR, SIEM, SOAR, IDS, and IPS. Experience in vulnerability analysis, security alert analysis, incident response, and email threat analysis. Ability to read and understand scripting and query ...

events Drive proactive threat hunting campaigns to identify emerging threats, vulnerabilities, and anomalous behaviour Develop and improve detection logic, alerting, and monitoring content within SIEM platforms including Elastic Stack Analyse threat intelligence, indicators of compromise (IOCs), and attacker TTPs to strengthen detection capability Produce detailed post-incident reports with clear … leadership, curiosity, and a proactive mindset. You should have experience in areas such as: Security Operations Centre (SOC) environments Threat hunting and incident response SIEM technologies, ideally Elastic Stack Threat intelligence and attacker methodologies Windows and Linux operating systems Networking fundamentals including protocols, IP addressing, and traffic analysis Understanding ...

will play a central role in our cyber defence operations, working daily with platforms including Microsoft Defender for O365, Entra ID, Intune, Rapid7 SIEM, and Sophos Antivirus. The role involves monitoring security events, investigating suspicious activity, responding to incidents, and continuously strengthening our security posture. You’ll join a supportive … your career within cyber security. Key Responsibilities Security Monitoring & Incident Response Monitor alerts and telemetry across endpoints, identities, email, and cloud services using Rapid7 SIEM, Microsoft Defender, and Sophos Antivirus. Investigate cyber security incidents including malware infections, phishing attacks, identity compromise, and unauthorised access attempts. Conduct incident triage, root cause ...

perks! Governance and Cyber Security Coordinator – Key Skills: 1–3 years of experience in IT governance, cybersecurity, or compliance roles Familiarity with GRC and SIEM tools Familiarity with ISO 27001 and SOX frameworks Expertise in Excel and Word Governance and Cyber Security Coordinator Due to the volume of applications received ...

understanding of Information Security solutions e.g. email/web gateways, Privileged Account Management (PAM), Identity Governance and Administration (IGA), Security Information and Event Management (SIEM), Endpoint protection etc. Knowledge/experience working with firewalls is highly advantageous Experience of Cloud security solutions and standards is highly advantageous Competence, knowledge and ...

security policy deployment FortiAnalyzer Centralised logging and reporting strategy SOC integration and event correlation Incident and event handling workflows Compliance reporting and audit outputs SIEM interoperability and operational analytics Secure SD-WAN SLA rule creation and traffic steering Link health checks and performance optimisation ADVPN architecture and dynamic overlay networking ...

NIST, ISO/IEC 27001, and CIS Evaluate, select, and integrate security technologies including: Identity and Access Management (IAM) Security Information and Event Management (SIEM) Endpoint Detection and Response (EDR) Data Loss Prevention (DLP) Web Application Firewalls (WAF) Encryption and key management solutions Collaborate with engineering, DevOps, and IT teams ...

presentation skills Nice to Have Strong understanding of public sector procurement frameworks and buying cycles Experience selling cyber security technologies such as firewalls, XDR, SIEM/SOC, or SASE Established relationships across UK public sector, education, health, or justice environments Why Apply? Competitive base salary with uncapped commission Manage strategic ...

while maintaining compliance with regulatory and data protection standards. As our Security Operations Engineer, you will typically: Operate and optimise core security operations tooling (SIEM, DLP, IAM, endpoint protection) to safeguard systems and data Develop, implement, and monitor KPIs and dashboards to measure detection effectiveness, incident response performance, data protection … Microsoft Sentinel, Microsoft Purview, Defender suite, and Entra ID Security Operations (SecOps) expertise covering monitoring, triage, investigation, and incident response Microsoft Sentinel for advanced SIEM, SOAR, and threat detection use cases Identity and Access Management (IAM) including privileged access management and Zero Trust principles Endpoint, email, and cloud threat protection ...

closely with infrastructure, cloud, and SOC teams to detect, prevent, and respond to security threats. Key Responsibilities Monitor and respond to security alerts across SIEM and EDR platforms Manage and tune security tools including firewalls, WAFs, and endpoint protection Investigate and support response to security incidents Perform vulnerability assessments and … policies, standards, and procedures Assist with threat detection engineering and rule tuning Required Skills & Experience Strong understanding of core security technologies (NGFW, WAF, EDR, SIEM) Experience in a SOC, security engineering, or infrastructure security role Good knowledge of networking and common attack types (e.g. SQL injection, phishing, malware) Experience with ...

will apply hands-on engineering expertise to design, build, and optimise automation workflows that improve the scalability and efficiency of SOC services. Working across SIEM, endpoint, and orchestration platforms (primarily Palo Alto XSOAR), you will reduce analyst workload, accelerate incident response, and enhance decision-making across customer environments. Key Responsibilities … Sales Support – Assist with demos, scoping, and proof-of-value activities where required. Core Duties Automation Design & Development Build and maintain workflows across SIEM, EDR, and SOAR platforms Develop reusable scripts, templates, and components Ensure solutions support secure, multi-tenant environments Integration & Response Automation Orchestrate containment, enrichment, and remediation actions ...