401 to 425 of 456 SIEM Jobs in the UK

implement and maintain effective OT security controls. Key Responsibilities Implement OT security controls (segmentation, secure remote access, monitoring tools) Integrate OT environments into SIEM/SOC platforms and tune detections Support OT asset discovery, inventory, and security assessments Identify vulnerabilities and support remediation planning Assist with OT incident response … critical infrastructure environments Strong OT/ICS security background Experience implementing OT security controls and strategies Knowledge of OT networks, segmentation, and industrial protocols SIEM/SOC integration experience in OT environments Strong understanding of: IEC 62443 NIST Cybersecurity Framework ISO 27001 UK CAF framework Experience with OT risk assessments ...

lead on threat detection, incident response, and continuous security improvement across the business. What You'll Be Doing Monitoring and analysing security events (SIEM, endpoints, networks) Investigating incidents, performing root cause analysis and remediation Identifying vulnerabilities and driving proactive security improvements Acting as the go-to escalation point for security … teams to embed security across systems What We're Looking For Experience in a cybersecurity/IT security role Strong knowledge of security tools (SIEM (Sentinel), EDR/XDR, firewalls, IDS) Experience working in a SOC/NOC or similar environment Good understanding of security frameworks (ISO 27001, NIST, GDPR ...

giving you the chance to influence detection capability and response maturity. What You'll Be Doing Monitoring & Triage Analyse and triage security alerts using SIEM platforms Correlate events and identify patterns across multiple data sources Assess severity, scope, and business impact Investigation & Analysis Conduct detailed investigations across endpoint, network, identity … Contribute to documentation, playbooks, and operational standards What We're Looking For Strong experience within a SOC/CSOC environment Hands-on expertise with SIEM tools (e.g. Microsoft Sentinel, Splunk, Elastic) Experience with query languages such as KQL/ES|QL/Kibana Solid understanding of threat detection, IOCs, and ...

environment supporting mission-critical systems. This is an exciting opportunity for a skilled Tier 2/3 SOC professional with strong incident response and SIEM expertise to work within a fast-paced enterprise Security Operations Centre. The successful candidate will be responsible for monitoring and analysing security events in real … alert triage and incident investigation Determine incident scope, priority, impact, and remediation actions Manage incidents through the full lifecycle from detection to resolution Support SIEM engineering activities including configuration, tuning, and optimisation Develop and enhance SIEM use cases, analytics, and playbooks Provide clear remediation guidance to technical and operational stakeholders ...

potential cyber risks, assess their impact and develop technical mitigation strategies. Working with Security Architecture to inform focused security solution design for SOC/SIEM solutions. Formulate security strategy, creatively applying a wide range of technical and/or management principles. Stay up to date with the latest cybersecurity threats … and evaluate risk and understand the implications of new technologies. Good project management skills, with the ability to balance multiple initiatives and priorities simultaneously. SIEM experience with Azure Sentinel and or Splunk. Experience of running simulated or reacting to actual incidents, following procedures and good practice to limit, reduce and ...

contract XSIAM Engineer with deep expertise in Palo Alto Networks technologies, ideally coming from an XSOAR background, and possessing strong experience across XDR and SIEM environments. This is a key role within our security operations function, focused on enhancing detection, automation, and response capabilities. *For this role you must … and manage security automation workflows, drawing from previous XSOAR experience Integrate and optimize XDR capabilities to support proactive threat detection Set up and maintain SIEM-style log ingestion, correlation rules, and enrichment pipelines Build custom dashboards and reporting tools for real-time security insights Troubleshoot complex issues related to XSIAM ...

your expertise genuinely matters. In this hands-on technical role, youll own the end-to-end design, development and maturity of detection logic across SIEM platformsengineering effective responses to real-world attacker techniques. Youll operate with a high degree of autonomy, acting as a trusted SME across multiple secure environments … Farnborough office. Security: You must hold or be eligible for SC Clearance. What you'll be doing: Design, build, test and continuously refine advanced SIEM detection logic, including rules, correlations and analytics. Research emerging threats, vulnerabilities and adversary TTPs, mapping them to MITRE ATT&CK to close detection and visibility ...

doing: Overseeing Security Operators during shifts, ensuring continuous security monitoring Performing initial investigations of potential threats using Security Incident and Event Management (SIEM) tools Monitoring SIEM systems for faults and anomalies Contributing to routine security incident management by identifying, prioritising, and escalating threats Supporting the confidentiality, integrity, and availability ...

techniques and tools to perform network defence Skills & Experience Essential Knowledge of concept, procedures and processes of Security Information and Event Management (SIEM); ability to utilise related applications to protect organisational networks from cyber risks. Desirable Knowledge of technologies, methods and tools of forensics investigations for IT security violations ...

join our Managed Security Service Provider (MSSP) team. You will be responsible for driving our adoption of Sentinel, client onboarding projects, managing multi-vendor SIEM proof of concepts with a specific focus on a Microsoft Sentinel, developing custom connectors to ingest log data into SIEM tooling. The ideal candidate will … Splunk deployments is beneficial. This role sits within our MSSP team, as a senior member of the security engineering team focused on growing our SIEM management capabilities and integrating those into our Managed SOC offering in a consistent and professional way. You will work on a variety of projects ...

threats from both open-source (OSINT) and commercial threat intelligence. Proven experience operating cyber security solutions and tools e.g. Security Information and Event Management ( SIEM ), maintaining security records and documentation in accordance with security operating procedures. Demonstrated experience in managing relationships with external vendors, managed security service providers ( MSSPs ), and ...

robust protection of business systems and data. Key Responsibilities Manage day-to-day cyber security operations and incident response Monitor and optimise security tools (SIEM, firewalls, endpoint security) Maintain and support network infrastructure (LAN/WAN, Wi-Fi, L2/L3) Identify threats, conduct investigations, and implement security fixes Support … cyber security projects and ongoing improvements Key Skills & Experience Proven experience in cyber security operations and network infrastructure Strong knowledge of Palo Alto firewalls, SIEM tools, and endpoint security Experience with L2/L3 networking (Nexus, LAN/WAN, Wi-Fi) Vulnerability management (e.g. Qualys) and incident response expertise Understanding ...

ongoing transformation initiatives. Key Responsibilities: Own day to day cyber security operations, keeping systems and data secure Support and improve security tooling (firewalls, SIEM, endpoint, encryption) Monitor, investigate and respond to security incidents Look after core network infrastructure (LAN/WAN, Wi-Fi, L2/3, remote access, load balancing … vulnerability checks and ensure patching is up to date Use SIEM tools to spot and act on potential threats early Support audits, access controls and compliance requirements Get involved in (and lead) security and infrastructure projects Keep documentation and processes up to date Work with third-party suppliers where needed ...

both technical and GRC security experience. Key Responsibilities: Oversee security incident management and response Threat management Configure, implement and maintain security tools such as SIEM, XDR, EDR, vulnerability management Implement and maintain security controls Conduct vendor risk assessments, support internal and external audits Governance, risk and compliance Skills & Experience: Proven … threat management and threat analysis Threat management - actively develop and refine threat intelligence, threat hunting capabilities, and prevention/detection measures Strong knowledge of SIEM, XDR, EDR, vulnerability management, firewalls and network security Good understanding of risk management, vendor security assessments and compliance Understanding of UK regulations, including Cyber Essentials ...

leadership, incident response, threat hunting, client engagement, and operational oversight within an MSSP environment. The ideal candidate will have strong hands-on experience with SIEM, EDR/XDR, SOAR, threat intelligence platforms, and advanced security operations. Responsibilities include leading investigations, improving SOC processes, tuning detections, mentoring analysts, supporting incident escalations … high-quality security monitoring services. Key Requirements 7+ years of Security Operations experience with leadership exposure in SOC/MSSP environments Strong expertise in SIEM, EDR/XDR, threat hunting, and incident response Experience with security automation, detection engineering, and SOC process improvement Excellent communication, mentoring, and stakeholder management skills ...

role with a strong governance element, involving everything from security implementation and risk assessments through to documentation, standards development, and supplier engagement. Exposure to SIEM/SOC integration within OT environments would be beneficial. Key Responsibilities Implement and support OT cyber security controls across industrial environments Assist in the development … experience performing risk assessments, gap analysis, and remediation planning Ability to work effectively with technical operations and engineering stakeholders Experience supporting or interfacing with SIEM/SOC capabilities in OT environments Strong written and verbal communication skills, including technical documentation and policy creation Ability to start within a short notice ...

Discover and vault service/application/shared accounts Configure session proxies, Just-in-Time access, and break-glass procedures Integrate PAM with SIEM and Active Directory/Entra ID Manage upgrades, patches, and troubleshoot platform issues Maintain documentation, policies, and runbooks Support audit and compliance reporting Essential Requirements: Hands … Credential vaulting, password rotation, and session monitoring experience Onboarding Windows, Linux/Unix, and network devices to PAM Knowledge of AD privileged accounts and SIEM integration Understanding of ISO 27001/NIST CSF frameworks Strong troubleshooting and documentation skills Desirable: Degree in InfoSec, CS, or STEM Beyond Trust certifications Experience ...

real time, and driving continuous improvement across a modern IT environment. Key Responsibilities Own and manage the organisation's cyber security tooling including firewalls, SIEM, IPS, endpoint protection, vulnerability management, and threat monitoring. Support and maintain core network infrastructure across LAN/WAN, Layer 2/3 networking … operational stability, compliance, documentation, and high service standards. Experience Required Strong experience across cyber security operations and network infrastructure. Hands-on knowledge of firewalls, SIEM tools, endpoint security, and networking technologies. Experience responding to security incidents and managing vulnerabilities. Strong troubleshooting and problem-solving capabilities. Relevant certifications such as Security+ ...

Support complaint management and relationship recovery where required, always with the customer experience front of mind. Security Operations & Incident Support Provide expert guidance on SIEM/XDR services, detection strategies and operational uplift. Support incident response activities, from investigation through to lessons learned and improvement planning. Analyse incidents, logs, integrations … leadership. Lead SecOps meetings, operational reviews and security consultations. Technical Experience & Skills Microsoft & Azure Security Defender for Endpoint/Server/365 Office 365 SIEM/Observability Hands-on experience with Microsoft Sentinel Experience with Datadog or similar observability platforms Security Tooling Cloud Security Strong understanding of cloud security principles ...

real time, and driving continuous improvement across a modern IT environment. Key Responsibilities Own and manage the organisation's cyber security tooling including firewalls, SIEM, IPS, endpoint protection, vulnerability management, and threat monitoring. Support and maintain core network infrastructure across LAN/WAN, Layer 2/3 networking … operational stability, compliance, documentation, and high service standards. Experience Required Strong experience across cyber security operations and network infrastructure. Hands-on knowledge of firewalls, SIEM tools, endpoint security, and networking technologies. Experience responding to security incidents and managing vulnerabilities. Strong troubleshooting and problem-solving capabilities. Relevant certifications such as Security+ ...

technologies and play a hands-on role in building a more resilient and secure environment. Key Responsibilities Take ownership of monitoring and developing SIEM activity across the environment, helping to improve detection capability over time Manage and enhance endpoint and threat detection tooling (including EDR, XDR, and MDR platforms … backup, disaster recovery, and data protection measures Skills & Experience: Demonstrable experience in a cybersecurity or infrastructure-focused security role Practical, hands-on exposure to SIEM platforms and vulnerability management tools Strong understanding of endpoint detection and response technologies (EDR, XDR, MDR) Good working knowledge of common cyber threats, attack methods ...

maintain detection logic using a detections‐as‐code approach, collaborating with Security Solution Engineering to deploy detections through CI/CD pipelines into our SIEM and EDR platforms Contribute to detection coverage mapped to MITRE ATT&CK framework, identifying gaps in visibility and supporting detection development prioritization based on threat … NIST Incident Response Lifecycle and experience contributing to incident response documentation and procedures Proficiency with security monitoring and forensic tools including EDR, SIEM, and SOAR systems Experience developing detections‐as‐code, including familiarity with version control, CI/CD pipelines, and detection testing frameworks Working knowledge of MITRE ...

Responsibilities Security Tooling Operations Monitor, triage, and investigate alerts across core platforms including Wiz, Zscaler, and CrowdStrike Security Operations Perform daily alert reviews across SIEM and security tooling Contribute to runbooks, playbooks, and operational documentation Support threat intelligence analysis and apply findings to detection and response activities Work closely with … CrowdStrike Falcon Zscaler Wiz Experience working in a Security Operations or SOC environment Proven experience in alert triage, incident investigation, and response Familiarity with SIEM platforms and security telemetry analysis Understanding of cloud security concepts (Azure, AWS, or GCP) Desirable Skills Knowledge of MITRE ATT&CK or Cyber Kill Chain ...

enhancing detection efficacy, reducing false positives, and ensuring robust coverage against evolving threat landscapes. Key Responsibilities Design and implement detection use cases across SIEM and SOAR platforms using threat intelligence and incident data Develop, map, and maintain detection logic aligned to MITRE ATT&CK frameworks Continuously tune and optimise correlation … evolve a repository of use cases, KPIs, and SOC performance metrics Requirements 3+ years of commercial experience in SOC content engineering, detection engineering, or SIEM administration Strong commercial experience with Splunk Strong hands-on experience with SIEM platforms and query languages (e.g. SPL, KQL) Solid understanding of detection engineering principles ...

with BAE Systems in Preston on helping them source a Systems Administrator that has a couple of years' experience working with Linux (RHEL) and SIEM technologies. About the Role This role focuses on the day-to-day administration, monitoring, and support of Red Hat Linux servers within an enterprise environment. … system health, troubleshooting issues, and ensuring reliable performance across both Linux and Windows platforms. Alongside core system administration duties, you'll support security tooling (SIEM and SOAR), ensuring systems are correctly configured to collect, process, and deliver accurate data. You'll also help onboard new systems and data sources, ensuring ...