326 to 350 of 457 SIEM Jobs in the UK

real-world project work that doubles as hands-on experience. 100+ hours of live training Practical skills in troubleshooting, networking (Cisco), Azure cloud, Splunk SIEM & Tenable vulnerability management Job guarantee with our hiring partners Get certified, get experience, get hired. Apply today and start your journey into networking. Course cost ...

real-world project work that doubles as hands-on experience. 100+ hours of live training Practical skills in troubleshooting, networking (Cisco), Azure cloud, Splunk SIEM & Tenable vulnerability management Job guarantee with our hiring partners Get certified, get experience, get hired. Apply today and start your journey into networking. Course cost ...

real-world project work that doubles as hands-on experience. 100+ hours of live training Practical skills in troubleshooting, networking (Cisco), Azure cloud, Splunk SIEM & Tenable vulnerability management Job guarantee with our hiring partners Get certified, get experience, get hired. Apply today and start your journey into networking. Course cost ...

real-world project work that doubles as hands-on experience. 100+ hours of live training Practical skills in troubleshooting, networking (Cisco), Azure cloud, Splunk SIEM & Tenable vulnerability management Job guarantee with our hiring partners Get certified, get experience, get hired. Apply today and start your journey into networking. Course cost ...

real-world project work that doubles as hands-on experience. 100+ hours of live training Practical skills in troubleshooting, networking (Cisco), Azure cloud, Splunk SIEM & Tenable vulnerability management Job guarantee with our hiring partners Get certified, get experience, get hired. Apply today and start your journey into networking. Course cost ...

real-world project work that doubles as hands-on experience. 100+ hours of live training Practical skills in troubleshooting, networking (Cisco), Azure cloud, Splunk SIEM & Tenable vulnerability management Job guarantee with our hiring partners Get certified, get experience, get hired. Apply today and start your journey into networking. Course cost ...

within 18 months following your successful probationary period. Key Responsibilities Incident Triage & Investigation – You review and prioritise new alerts from security monitoring tools (e.g., SIEM, endpoint solutions), performing basic checks to distinguish genuine threats from false positives. You rely on established playbooks and make initial validation decisions while escalating more ...

and operational infrastructure, ensuring clear separation from corporate environments Continuously hardening systems across endpoints, networks, and cloud platforms Designing and improving detection capabilities across SIEM and XDR tools, moving beyond standard alerts Developing detection logic to identify anomalous behaviour across infrastructure, applications, and telemetry Leading technical responses to security incidents … across infrastructure, cloud environments, and applications Deep knowledge of public cloud security (GCP, AWS, Azure) and SaaS platforms such as Microsoft 365 Familiarity with SIEM/XDR platforms and vulnerability management tools Solid understanding of identity and access management, Zero Trust architectures, and secure network design Ability to write scripts ...

while remaining at the forefront of the evolving threat landscape. Key Responsibilities Monitor and analyse security events across networks, endpoints, and cloud environments using SIEM, EDR, and related security tools, in line with documented SLAs. Investigate, respond to, and resolve security incidents and alerts, ensuring timely detection, containment, and remediation. … Security or Cybersecurity role. Strong understanding of cyber defence practices and modern attack techniques. Hands-on experience with security technologies such as EDR, XDR, SIEM, SOAR, IDS, and IPS. Experience in vulnerability analysis, security alert analysis, incident response, and email threat analysis. Ability to read and understand scripting and query ...

closely with infrastructure, cloud, and SOC teams to detect, prevent, and respond to security threats. Key Responsibilities Monitor and respond to security alerts across SIEM and EDR platforms Manage and tune security tools including firewalls, WAFs, and endpoint protection Investigate and support response to security incidents Perform vulnerability assessments and … policies, standards, and procedures Assist with threat detection engineering and rule tuning Required Skills & Experience Strong understanding of core security technologies (NGFW, WAF, EDR, SIEM) Experience in a SOC, security engineering, or infrastructure security role Good knowledge of networking and common attack types (e.g. SQL injection, phishing, malware) Experience with ...

detect and respond to threats quickly and efficiently. Install, configure and maintain security monitoring tools Ensure SOC tooling is optimised and operating effectively Support SIEM platforms and threat intelligence tooling Work with teams to assess risk and design security controls Apply updates, patches and follow change processes Stay current with … emerging threats and recommend improvements SOC ENGINEER ESSENTIAL SKILLS Strong understanding of information security fundamentals Experience with SIEM tools such as Sentinel or Splunk Familiarity with security monitoring technologies Analytical mindset with strong problem solving skills Ability to manage multiple priorities and meet deadlines Strong communication and collaboration skills ...

and high-fidelity threat detection across enterprise environments. This role goes beyond reactive alert handling. You will actively hunt for malicious activity using telemetry, SIEM data, and threat intelligence, develop hypotheses based on MITRE ATT&CK Tactics, Techniques, and Procedures (TTPs), and support incident management and response activities when threats … hunting, cyber threat detection, SOC, blue team, or cyber defence environments, with ideally around five years hands on experience. Strong hands-on experience using SIEM platforms, including: Microsoft Sentinel (KQL) Splunk (SPL) Elastic Security/Kibana (KQL, ESQL) Practical and operational understanding of MITRE ATT&CK, attacker techniques, and adversary ...

while remaining at the forefront of the evolving threat landscape. Key Responsibilities Monitor and analyse security events across networks, endpoints, and cloud environments using SIEM, EDR, and related security tools, in line with documented SLAs. Investigate, respond to, and resolve security incidents and alerts, ensuring timely detection, containment, and remediation. … Security or Cybersecurity role. Strong understanding of cyber defence practices and modern attack techniques. Hands-on experience with security technologies such as EDR, XDR, SIEM, SOAR, IDS, and IPS. Experience in vulnerability analysis, security alert analysis, incident response, and email threat analysis. Ability to read and understand scripting and query ...

investigate incidents and deliver containment, remediation, and root cause analysis; produce high-quality intel-informed incident reports. Create and tune detections (e.g., SIEM/SOAR, EDR) using intelligence signals (TTPs, behaviors, YARA/Sigma where applicable). Produce and present consumable intelligence outputs (e.g., flash alerts, threat overviews, executive briefs … system, application, and cloud/SaaS logs to investigate security and operational issues; comfort enriching with IOCs and behaviours. Hands-on experience with a SIEM (Splunk preferred) for investigations, alert creation, reporting, and threat hunting. Ability to produce clear, actionable intel and incident reports, including executive-ready summaries and visuals. ...

events Drive proactive threat hunting campaigns to identify emerging threats, vulnerabilities, and anomalous behaviour Develop and improve detection logic, alerting, and monitoring content within SIEM platforms including Elastic Stack Analyse threat intelligence, indicators of compromise (IOCs), and attacker TTPs to strengthen detection capability Produce detailed post-incident reports with clear … leadership, curiosity, and a proactive mindset. You should have experience in areas such as: Security Operations Centre (SOC) environments Threat hunting and incident response SIEM technologies, ideally Elastic Stack Threat intelligence and attacker methodologies Windows and Linux operating systems Networking fundamentals including protocols, IP addressing, and traffic analysis Understanding ...

will play a central role in our cyber defence operations, working daily with platforms including Microsoft Defender for O365, Entra ID, Intune, Rapid7 SIEM, and Sophos Antivirus. The role involves monitoring security events, investigating suspicious activity, responding to incidents, and continuously strengthening our security posture. You’ll join a supportive … your career within cyber security. Key Responsibilities Security Monitoring & Incident Response Monitor alerts and telemetry across endpoints, identities, email, and cloud services using Rapid7 SIEM, Microsoft Defender, and Sophos Antivirus. Investigate cyber security incidents including malware infections, phishing attacks, identity compromise, and unauthorised access attempts. Conduct incident triage, root cause ...

perks! Governance and Cyber Security Coordinator - Key Skills: 1-3 years of experience in IT governance, cybersecurity, or compliance roles Familiarity with GRC and SIEM tools Familiarity with ISO 27001 and SOX frameworks Expertise in Excel and Word Governance and Cyber Security Coordinator Due to the volume of applications received ...

understanding of Information Security solutions e.g. email/web gateways, Privileged Account Management (PAM), Identity Governance and Administration (IGA), Security Information and Event Management (SIEM), Endpoint protection etc. Knowledge/experience working with firewalls is highly advantageous Experience of Cloud security solutions and standards is highly advantageous Competence, knowledge and ...

botnets and web protocol attacks Experience with load balancing, proxies and reverse proxies Knowledge of BGP, ACLs and Zero Trust Architecture Exposure to SIEM data, threat intelligence and traffic reporting Experience supporting cloud infrastructure environments Ability to troubleshoot complex networking and security issues across edge and origin infrastructure This role ...

require a Security Operations Engineer to join the firm in London on a 9 month fixed term contract basis. Key Responsibilities: Monitor alerts from SIEM, EDR and other security monitoring tools click apply for full job details ...

and Storage on Edge - Content Delivery Network and Edge Computing - Border Gateway Protocol (BGP) and ACL's - Zero Trust Architecture - Load Balancing - Threat Intelligence, SIEM Data and Traffic Reporting - Proxies and Reverse Proxies to manage Ingress/Egress - Cloud infrastructure, particularly ...

security policy deployment FortiAnalyzer Centralised logging and reporting strategy SOC integration and event correlation Incident and event handling workflows Compliance reporting and audit outputs SIEM interoperability and operational analytics Secure SD-WAN SLA rule creation and traffic steering Link health checks and performance optimisation ADVPN architecture and dynamic overlay networking ...

NIST, ISO/IEC 27001, and CIS Evaluate, select, and integrate security technologies including: Identity and Access Management (IAM) Security Information and Event Management (SIEM) Endpoint Detection and Response (EDR) Data Loss Prevention (DLP) Web Application Firewalls (WAF) Encryption and key management solutions Collaborate with engineering, DevOps, and IT teams ...

presentation skills Nice to Have Strong understanding of public sector procurement frameworks and buying cycles Experience selling cyber security technologies such as firewalls, XDR, SIEM/SOC, or SASE Established relationships across UK public sector, education, health, or justice environments Why Apply? Competitive base salary with uncapped commission Manage strategic ...

planned/unplanned failover, failback, RPO/RTO, subset failover Security: RBAC, AD/Entra ID integration, encryption at rest, network security policies, CyberArk, SIEM (Sentinel/Defender) Ops tooling: monitoring and alerting in Prism/x play, Cohesity backups, alert forwarding into tools like OpsRamp Migration: Nutanix Move from ...