376 to 400 of 456 SIEM Jobs in the UK

Defining the system specifications to support optimal performance. Integrating workflows with third-party systems and security tools, such as Security Information and Event Management (SIEM) solutions, multi-factor authentication solutions, and cloud platforms like Amazon Web Services (AWS) and Azure. Develop technical documentation for IAM implementations including process documentation ...

scope to evolve the position based on their strengths and expertise. The successful candidate will play a key role in strengthening security posture through SIEM ownership, incident response, and system hardening, directly contributing to Europe's technological sovereignty. The Role The IT Security Specialist will: Design, build, and operate … centralised SIEM platform to aggregate and analyse security logs across infrastructure, networks, and applications Own security log analysis, vulnerability management, and incident investigation, including defining baselines and developing alerting rules for critical events Lead incident response efforts, using log correlation and analysis to investigate and resolve security issues quickly and ...

Review supplier security documentation and identify risks or gaps Maintain security documentation, control records, and evidence repositories Analyse outputs from security tools (vulnerability scanners, SIEM, patching, access reviews) Work with technical teams to validate and improve security controls Contribute to security improvements and control design Experience Required Strong technical background … management, baselines, audits) Understanding of Windows/Linux, networking, IAM, virtualisation, cloud (Azure/AWS), backups, and monitoring Knowledge of security controls (firewalls, EDR, SIEM/logging, encryption, least privilege, vulnerability management) Ability to explain technical security concepts clearly to technical and non-technical audiences Strong documentation and organisational skills ...

from incidents, helping tune detections, and strengthening operational procedures and documentation. Key Responsibilities Monitoring and Triage Monitor security events and alerts using industry-standard SIEM and incident/event management platforms (e.g., Elastic, Microsoft Sentinel, Splunk). Perform rapid triage to determine alert validity, severity, scope, and potential business … time-pressured environments, with excellent written communication (clear, structured incident notes and stakeholder updates). Strong foundational knowledge of incident and event management/SIEM platforms (e.g., Elastic, Sentinel, Splunk), including query languages used for investigations and detections such as: Kusto Query Language (KQL) ES|QL Kibana Query Language Strong ...

NIST Conducting/supporting security audits & remediation Platform security (Entra ID, M365 E5, Azure IaaS/PaaS, Windows/Linux/Unix) Security tools: SIEM, EDR/XDR, vulnerability management Policy development, access control (RBAC/ABAC), logging standards Supporting assurance/government reviews (Secure by Design, GovAssure) Incident management … vulnerability assessment, SIEM/SOC systems ITSM workflows & change control Secure software supply chain & CI/CD security Threat intelligence, CVEs, CVSS interpretation Strong stakeholder communication & reporting skills Desirable: Degree in Cybersecurity, IT, or STEM Security Assurance certifications (CCP, SIRA) Professional security certifications (CISSP, SSCP, CISM, CRISC, CCSP, SABSA, GIAC ...

Cyber Security Analyst (SOC) Role: Cyber Security Analyst (SOC) Specialism(s): Security Operations, Security Alerts, Security Incident Management, SIEM, Defender, Cofense, Azure, Email Security, Conditional Access Policies, User Authentication, EDR, Playbooks Security Assessment, Vulnerability Analysis, Risk Analysis, SOAR Type: Contract, Daily Rate Pay Rate: £300 - £400 per day (Inside IR35 … . *Candidates must be eligible for UK Security Clearance* Role Requirements * Play an active role in the CSOC Operations team by: o Monitor active SIEM solutions and platforms o Investigate and triage to security alerts and incidents o Be the escalation point for junior analysts, offering knowledge and mentorship where ...

technical work and mentoring others. Senior SOC Analyst essential skills Proven experience working within a SOC environment, ideally 3+ years Strong knowledge of SIEM, incident management and threat intelligence Experience with cloud security, networking and information security principles Understanding of IDAM, RBAC and joiners, movers and leavers processes Ability … consent for your application to be processed and submitted to the client in conjunction with this vacancy only. Key skills: Senior SOC Analyst, SOC, SIEM, Incident Response, Cloud Security, Threat Intelligence, IDAM, ISO 27001, Team Leadership ...

technical work and mentoring others. Senior SOC Analyst essential skills Proven experience working within a SOC environment, ideally 2+ years Strong knowledge of SIEM, incident management and threat intelligence Experience with cloud security, networking and information security principles Understanding of IDAM, RBAC and joiners, movers and leavers processes Ability … consent for your application to be processed and submitted to the client in conjunction with this vacancy only. Key skills: Senior SOC Analyst, SOC, SIEM, Incident Response, Cloud Security, Threat Intelligence, IDAM, ISO 27001, Team Leadership ...

and targeted assessments. Report regularly on status, SLA performance, and trends. Security operations and incident response: Manage our MSSP partner for 24/7 SIEM and SOC monitoring; ensure telemetry, detections, and playbooks match our threat model. Serve as incident commander for real events, and run regular tabletops and post … experience strongly preferred. Proven, hands‐on ownership of vulnerability management programs at scale. Experience managing an MSSP/MDR relationship for SIEM and 24/7 SOC. Strong application and cloud security fundamentals, with hands‐on experience in AWS, GCP, or Azure, and the ability to partner credibly with engineering. ...

full incident response lifecycle (detection through to recovery and post-incident review) Overseeing threat detection, vulnerability management, and cyber defence capabilities Driving improvements across SIEM, SOAR, EDR/XDR, and security tooling Ensuring robust monitoring, alerting, and response across cloud, network, and endpoint environments Partnering with Infrastructure, Cloud, and Risk … performance, risks, and KPIs to senior stakeholders What We're Looking For Proven experience leading a Security Operations or SOC function Strong understanding of SIEM, SOAR, EDR/XDR, IDS/IPS, and security tooling Experience managing incident response and threat management in complex environments Strong knowledge of frameworks such ...

prem infrastructure, while supporting both BAU operations and ongoing transformation projects. Key Responsibilities of the Cyber Security Engineer: Deploy, configure, and maintain security tooling (SIEM, EDR, DLP, vulnerability management, PAM) across cloud and on-prem environments Monitor, investigate, and respond to security incidents, including root cause analysis and forensic support … Cyber Security Engineer: Experience in a Cyber Security Engineer, SecOps, or similar hands-on security role Strong experience with enterprise security tooling including SIEM, EDR, DLP, and vulnerability management platforms Familiarity with tools such as CrowdStrike, Absolute, Sumo Logic, and Rapid7 (or similar technologies) Experience supporting cloud environments, ideally Azure ...

controls across programme environments. Ensuring systems remain compliant with defined security baselines and policies. Developing and maintaining system security baseline documentation. Supporting integration with SIEM and protective monitoring platforms. Assessing vulnerabilities and implementing risk mitigation strategies. Supporting the implementation of secure designs and technical architectures. Collaborating with engineers and architects … Endpoint protection technologies including malware protection, application control and DLP. Microsoft and Linux operating systems in secure environments. Virtualisation platforms and network infrastructure components. SIEM platforms and protective monitoring solutions. Authentication and identity technologies including SAML, LDAP and PKI. Network security technologies including firewalls, proxies and boundary protection. Experience supporting ...

and benefits. Why This Role is Exciting High autonomy : Lead projects from idea to deployment Innovation-driven : Develop cutting-edge detections beyond standard SIEM rules Collaborative : Work closely with internal teams and an outsourced SOC partner Mission-focused : Protect critical healthcare data that supports precision medicine Key Responsibilities Design and … Business and an Employment Agency as defined within The Conduct of Employment Agencies & Employment Businesses Regulations 2003. Keywords: Cyber Threat Engineer, Detection & Response Engineer, SIEM Engineer, Security Detection Engineer,T hreat Hunting Engineer, Security Automation Engineer, SOC Engineer, Incident Response Engineer, Cloud Security Engineer, Network Security Engineer, Cybersecurity Analyst (Threat ...

and benefits. Why This Role is Exciting High autonomy : Lead projects from idea to deployment Innovation-driven : Develop cutting-edge detections beyond standard SIEM rules Collaborative : Work closely with internal teams and an outsourced SOC partner Mission-focused : Protect critical healthcare data that supports precision medicine Key Responsibilities Design and … Business and an Employment Agency as defined within The Conduct of Employment Agencies & Employment Businesses Regulations 2003. Keywords: Cyber Threat Engineer, Detection & Response Engineer, SIEM Engineer, Security Detection Engineer,T hreat Hunting Engineer, Security Automation Engineer, SOC Engineer, Incident Response Engineer, Cloud Security Engineer, Network Security Engineer, Cybersecurity Analyst (Threat ...

systems, infrastructure and sensitive client data. The successful individual will: Lead and develop a high-performing Information Security team Oversee security operations including SIEM, endpoint protection, vulnerability management and incident response Manage cyber resilience across both cloud and on-premise environments Act as the senior escalation point for security incidents … financial services environments Strong understanding of cyber security operations, governance and risk management Experience managing and developing technical security teams Strong knowledge of SIEM technologies, cloud security and incident response processes Ability to communicate effectively with both technical teams and senior leadership Experience operating within regulated environments Desirable experience includes ...

and assess alerts escalated by the outsourced SOC; validate their accuracy and determine potential impact. Initial Investigation: Perform first-line investigation using available tools (SIEM, Device Logs, firewall logs and SIEM alerts). User Interaction: Engage with affected end users or asset owners to collect additional information, verify events … including malware, phishing, lateral movement and privilege escalation. Working knowledge of network fundamentals, windows/Linux system logs and authentication systems. Working knowledge of SIEM platforms (e.g. Microsoft sentinel, Splunk, Elastic, QRadar). Desirable: Awareness of security frameworks and methodologies (NIST CSF, MITRE ATT&CK, ISO27001). Qualifications: Desirable: CompTIA ...

latest security and cloud technology developments, including researching and evaluating emerging cyber threats affecting cloud services and platforms. Use advanced analytic tools, including SIEM and cloud security platforms, to identify emerging threat patterns, suspicious activity and vulnerabilities across cloud environments. Apply experience and knowledge to support the investigation and triage … posts early. Don't miss out! Person Specification Knowledge Essential Working knowledge of concept, procedures and processes of Security Information and Event Management (SIEM); ability to utilise related applications to protect organisational networks from cyber risks. Proven knowledge of tools, techniques and processes of intrusion detection and prevention; ability ...

enhancing detection efficacy, reducing false positives, and ensuring robust coverage against evolving threat landscapes. Key Responsibilities Design and implement detection use cases across SIEM and SOAR platforms using threat intelligence and incident data Develop, map, and maintain detection logic aligned to MITRE ATT&CK frameworks Continuously tune and optimise correlation … evolve a repository of use cases, KPIs, and SOC performance metrics Requirements 3+ years of commercial experience in SOC content engineering, detection engineering, or SIEM administration Strong hands-on experience with SIEM platforms and query languages (e.g. SPL, KQL) Solid understanding of detection engineering principles, data modelling, and regex Proven ...

posts early. Don't miss out! Person Specification Knowledge Essential Working knowledge of concept, procedures and processes of Security Information and Event Management (SIEM); ability to utilise related applications to protect organisational networks from cyber risks. Proven knowledge of tools, techniques and processes of intrusion detection and prevention; ability ...

experience (2 years+) Perform triage of security events ; determine scope, priority and impact, and make recommendations that enable expeditious remediation. Demonstratable experience working with SIEM technology and SIEM engineering (including tool configuration) i.e. ArcSight within an enterprise SOC. Experience in creation of use-cases, analytics and playbooks . An understanding ...

guardrails, and policies in AWS Implement and maintain IaC security scanning for Terraform Manage IAM policies, network segmentation, and secrets management Configure and tune SIEM (or similar) for cloud-focused detection Establish logging, monitoring, and alerting requirements based on threat modelling Investigate and respond to cloud security events Risk & Compliance … read and write IAC (Terraform) code, comfortable with IAC lifecycles Familiarity with container security and Kubernetes Understanding of secure coding, penetration testing techniques, SIEM, and vulnerability management Strong technical skills relevant to Information Security such as secure coding standards, ethical hacking techniques, network security and risk analysis Understanding of managing ...

implement improvements aligned to security best practice and compliance requirements Secure and support cloud platforms including: Microsoft Azure Amazon Web Services Configure and manage SIEM and security monitoring solutions Provide technical guidance and cyber security advice directly to clients Work closely with internal engineering teams and mentor junior technical staff … experience in a Solutions Engineer, Infrastructure Engineer, Service Desk Engineer, or Cyber Security role Strong understanding of: Network security Firewalls Endpoint Detection & Response (EDR) SIEM technologies Hands-on experience with endpoint security solutions such as: Microsoft Defender Sophos Bitdefender Experience securing cloud-based environments within Azure and/ ...

require a Security Operations Engineer to join the firm in London on a 9 month fixed term contract basis. Key Responsibilities: * Monitor alerts from SIEM, EDR and other security monitoring tools. * Investigate suspicious activity across endpoints, networks and cloud environments. * Support the investigation and resolution of security incidents. * Support … configuration, tuning and ongoing improvement of security monitoring tools such as SIEM and EDR platforms. * Use threat intelligence sources to identify emerging risks relevant to the organisation. Required Skills: * Strong understanding of network protocols and system behaviour including TCP/IP, DNS and HTTP/S. System internals (Windows, Linux ...

priority, ensuring appropriate escalation and response. Manage end-to-end incident response activities from detection through to resolution. Support the development and enhancement of SIEM use cases, detection rules, analytics, and playbooks. Conduct real-time analysis of logs and security data to identify malicious activity or policy violations. Work closely … documentation, and operational procedures. Requirements: Proven experience working as a SOC Analyst (Tier 2/3) within enterprise or critical environments. Strong experience with SIEM technologies (e.g. ArcSight or similar), including configuration and engineering support. Ability to triage security alerts and accurately assess risk, impact, and priority. Experience managing security ...

enjoys working across a broad technology estate and keeping up to date with emerging threats and security technologies. Key Responsibilities: * Monitor and develop SIEM and threat detection platforms * Investigate and respond to security incidents and alerts * Support vulnerability scanning, remediation, and reporting activities * Assist with development of security policies, procedures … cyber threats and recommend improvements where appropriate Key Skills & Experience: * 2-4 years' experience within a cybersecurity or infrastructure security role * Experience working with SIEM tools and vulnerability management platforms * Strong understanding of EDR, XDR, MDR, IDS/IPS technologies * Good knowledge of Microsoft security technologies and infrastructure environments * Understanding ...