426 to 450 of 456 SIEM Jobs in the UK

rotational basis. Develop and tune detection rules to improve alert quality and reduce false positives. Write and optimise queries (e.g., KQL) across SIEM platforms. Collaboration & Support: Work closely with internal teams and third-party providers to investigate and resolve incidents. Support MSSP interactions and escalations where required. Participate in incident …/Tier 3 preferred). Strong background in incident investigation and response. Experience handling escalated alerts and security tickets. Technical Skills: Experience with SIEM platforms (e.g., Microsoft Sentinel). Experience with EDR/XDR tools (e.g., CrowdStrike). ServiceNow or similar ITSM/SecOps platforms. Ability to write and optimise ...

SIEM Engineer – Watford, UK Up to £85,000 salary depending on experience Full time onsite role in Watford DV clearance required ABOUT THE CLIENT Our client is a highly respected technology and security services provider supporting organisations operating in complex and security critical environments. Their teams design and deliver advanced … ensure the right controls, tooling and processes are in place to protect critical systems and data. You will take ownership of detection engineering, SIEM platform performance and the full lifecycle of security detection content, ensuring security monitoring remains effective, scalable and reliable. Key responsibilities include: Acting SME on Splunk Enterprise ...

security monitoring strategy and best practice. What you will bring: Proven experience deploying and managing Splunk at enterprise scale. Strong hands-on knowledge of SIEM engineering, including indexing, parsing, onboarding and performance tuning. Experience designing and optimising detection content, including MITRE ATT&CK-aligned use cases and alert tuning … experience with KQL and EQL would be beneficial, but is not essential. Experience with automation and Infrastructure-as-Code within security monitoring or SIEM environments. Solid understanding of SIEM platform operations, including clustering, scaling, high availability, disaster recovery and performance optimisation. Strong problem-solving skills and a proactive approach ...

solution deployment.Should have experience in configuring and managing security products such as firewalls, intrusion detection/prevention systems (IDS/IPS), SIEM (Security Information and Event Management) systems, Log Collector and Identity Management solution.Should have customer facing skills and lead security discussion with customers.You will bringA bachelor’s degree ...

ability to apply it to a variety of business situations. Desirable Expert knowledge of concept, procedures and processes of Security Information and Event Management (SIEM); ability to utilise related applications to protect organisational networks from cyber risks. Qualifications Essential Masters level degree in Cyber Security a relevant subject, or equivalent ...

and in you. We are seeking an experienced Senior Sales Engineer with deep technical expertise in Managed Detection & Response (MDR), Security Information & Event Management (SIEM), and Endpoint Detection & Response (EDR). In this customer-facing, pre-sales role, you’ll partner with account executives, channel partners, and customers to deliver … Conduct pre-sales product demonstrations: deliver engaging and technically accurate presentations that showcase the capabilities and benefits of our cybersecurity solutions, including MDR, SIEM, and EDR. Technical discovery & solution design: translate customer business drivers and security challenges into tailored solution architectures. Lead workshops and discussions that highlight both technical and ...

MSPs to ensure security controls are implemented and sustained. Contribute to governance artefacts - policies, standards and documentation that underpin OT security. Support integration with SIEM/SOC functions for OT environments. What our client is looking for Strong OT security experience within ICS or critical infrastructure - ideally from … process industries. Hands-on experience implementing OT security strategies, policies and standards. Solid understanding of OT networks, segmentation and common industrial protocols. Familiarity with SIEM/SOC integration for OT environments. Experience working with operations/engineering teams and advising MSPs or third-party security providers. Excellent communication and documentation ...

investigations and incident response for OT-related cyber events Analyse industrial network traffic to identify anomalies, threats and protocol misuse Integrate OT telemetry into SIEM and EDR platforms to enhance visibility and correlation Support secure by design initiatives for new OT systems, including segmentation and access control validation Assess vulnerabilities … control systems (ICS) - including SCADA, PLCs, DCS Hands-on experience with OT security tools (e.g. Claroty, Nozomi, Dragos or similar NDR platforms) Experience with SIEM, EDR and network traffic analysis Background in incident response, threat detection and security monitoring within OT or converged environments Understanding of network segmentation, secure remote ...

resilient, efficient, and aligned to evolving threat landscapes. A key part of the role is leading complex deployments and providing technical direction across SIEM, EDR, SOAR, and supporting technologies. You’ll oversee platform health through proactive lifecycle management, including patching, upgrades, and service transitions, while driving improvements in detection, automation … security technologies and platform engineering. Strong hands-on experience with Microsoft Sentinel, Defender XDR, and Azure security services Proven ability to design and operate SIEM, EDR, SOAR, and log management solutions at scale Expertise in KQL for detection engineering, tuning, and performance optimisation Experience building and maintaining automation using Logic ...

events, alerts and incidents across cloud, platform, and application layers. Execute vulnerability scanning, patch assurance and configuration compliance checks. Maintain security tooling such as SIEM, EDR, vulnerability scanners, and cloud-native controls. Support ISO 27001 control operation and evidence collection. Ensure compliance with MoD security standards including JSP 440 and … Support improvement of SecOps processes, SOPs and monitoring automation. Essential Skills Experience operating within a Security Operations or SecOps function Hands-on experience with SIEM (e.g. ELK), EDR and vulnerability tooling Experience securing Linux and Windows environments Understanding of ISO 27001 and secure configuration principles Experience supporting cloud or virtualised ...

Senior Network and Security Analyst - L2/L3 Network Infrastructure - Cyber Security - SIEM tools My client who are leaders in their field are looking for a Senior Cyber Security and Network Analyst to provide effective and timely operational support, development and management of the IT network and security infrastructure … cyber security and network infrastructure, ensuring systems remain secure, resilient, and aligned to business needs Manage day-to-day security operations, including monitoring SIEM platforms, firewalls, endpoint protection, and threat detection tools Investigate security incidents and vulnerabilities, recommending and implementing corrective actions where required Maintain and support network technologies including ...

design, implementation, and optimisation of security monitoring platforms feeding into a central SOC. This is a hands-on leadership role focused on building scalable SIEM solutions and strengthening client security posture. Key Responsibilities Lead design and deployment of security monitoring tools (Elastic & Splunk) Build and optimise large-scale log ingestion … using KQL, EQL, and SPL Drive detection engineering lifecycle aligned to MITRE ATT&CK Implement automation, CI/CD, and Infrastructure as Code for SIEM platforms Ensure platform performance, scalability, and resilience (HA/DR, clustering) Collaborate with stakeholders to assess risk and deliver security improvements Essential Skills & Experience Proven ...

looking for Strong experience with: Juniper (LAN switching, SRX) Palo Alto firewalls Enterprise networking environments Managing engineers/leading teams Working with EDR & SIEM tools Engaging technical & non-technical stakeholders Exposure to cloud networking Tech environment Cisco (current) → migrating to Juniper Meraki wireless Windows + Ubuntu (Nutanix/AHV) SIEM ...

rapidly expanding team investing in new capabilities and empowering analysts to develop and progress Key Responsibilities Deliver high‐quality security analysis by reviewing SIEM outputs and taking appropriate investigative and response actions Drive improvements across monitoring capability, processes, and tooling Engage confidently with a wide range of stakeholders, from technical … security challenges Act as an escalation point for junior analysts and manage incidents through investigation to response Essential Skills & Experience Strong experience working with SIEM technologies such as Splunk, ArcSight, LogRhythm, or AlienVault Solid understanding of how to maximise the value of security tooling Exposure to building SOC capability and ...

growing, well‐funded team investing in new capability, and in you 🔍 What you’ll be doing Deliver high‐quality, in‐depth security analysis from SIEM alerts through to investigation and response Actively drive improvements in monitoring coverage, detection quality, and SOC effectiveness Engage confidently with stakeholders at all technical levels … leadership to complex security challenges Serve as a point of escalation, supporting and guiding junior analysts 🧠 What you’ll bring Hands‐on experience with SIEM platforms such as Splunk, ArcSight, LogRhythm, or AlienVault A strong understanding of how to get real value from security tooling Experience building capability and consulting ...

and prospective clients. Acting as the final escalation point for on-call incidents (rota-based, paid on-call). Supporting service improvement initiatives across SIEM, EDR, email security and associated detection and response tooling. Developing and maintaining customer relationships to promote a partnership between Littlefish and the end client. What … Operations. Previous experience leading or mentoring a technical security team. Strong exposure to customer facing security services and contractual delivery. Hands on experience with SIEM, IDP, ITDR, EDR and email security platforms. Proven ability to mentor analysts at varying levels of experience. Strong understanding of modern cyber threats, attack techniques ...

leading banking organisation based in the City of London is seeking an experienced Cyber Project Manager to lead strategic cybersecurity transformation initiatives focused on SIEM modernisation, Splunk SaaS migration, and UEBA implementation. This is a highly visible role within the Cyber Security Transformation team, requiring strong stakeholder engagement across security … stakeholders across the bank. Requirements Required Experience Proven experience delivering enterprise-scale cyber security projects within banking or financial services environments. Strong experience managing SIEM transformation or migration programmes. Previous experience delivering Splunk Cloud/SaaS migration projects. Understanding of SOC operations, detection engineering, and security monitoring concepts. Experience delivering ...

support issues Supporting and mentoring Tier 1 Engineers Troubleshooting Microsoft 365, Azure and infrastructure issues Investigating and responding to security alerts from SOC/SIEM platforms Supporting Cisco Meraki networking environments Managing issues through to resolution with clear customer communication throughout Identifying recurring technical or service trends and helping improve … teams where required Technical Environment Microsoft 365 Azure Windows Server/Active Directory Cisco Meraki Endpoint Manager/Intune MFA/Security tooling SIEM/EDR platforms Hyper-V Windows, Mac, iPhone and Android device support What They're Looking For Previous experience in a 2nd Line Support or Escalation ...

support issues Supporting and mentoring Tier 1 Engineers Troubleshooting Microsoft 365, Azure and infrastructure issues Investigating and responding to security alerts from SOC/SIEM platforms Supporting Cisco Meraki networking environments Managing issues through to resolution with clear customer communication throughout Identifying recurring technical or service trends and helping improve … teams where required Technical Environment Microsoft 365 Azure Windows Server/Active Directory Cisco Meraki Endpoint Manager/Intune MFA/Security tooling SIEM/EDR platforms Hyper-V Windows, Mac, iPhone and Android device support What They're Looking For Previous experience in a 2nd Line Support or Escalation ...

proven skills working with the following – • Monitoring security alerts and events across enterprise environments • Investigating potential cyber security incidents and responding appropriately • Working with SIEM platforms such as Splunk, Sentinel or QRadar • Conducting threat analysis and triaging security alerts • Supporting incident response and remediation activities • Working with security engineering teams … Experience within financial services, fintech or other regulated environments would be beneficial. Interested? Please apply below SOC Analyst, Security Operations Analyst, Cyber Security Analyst, SIEM Analyst, Splunk, Microsoft Sentinel, Incident Response, Outside IR35 Contract ...

QRadar SME/Consultant Role: QRadar Subject-Matter-Expert/QRadar Consultant Specialism(s) : IBM QRadar, SIEM, Log Source Analysis, Detection/Security Engineering, Upgrading & Patching, Tuning, Security Frameworks Type: Contract, Daily Rate Pay Rate: DoE Start: Mid-End May 2026 Location: Remote/Midlands Duration: 3 Months QRadar … Consultant Overview CPS Group UK are delighted to be seeking an experienced IBM QRadar SME/Consultant to support, optimize, and enhance our clients SIEM environment. This role will focus on reviewing the current QRadar deployment, improving log source coverage, strengthening detection capabilities, and ensuring the platform is maintained and ...

QRadar SME/Consultant Role: QRadar Subject-Matter-Expert/QRadar Consultant Specialism(s) : IBM QRadar, SIEM, Log Source Analysis, Detection/Security Engineering, Upgrading & Patching, Tuning, Security Frameworks Type: Contract, Daily Rate Pay Rate: DoE Start: Mid-End May 2026 Location: Remote/Midlands Duration: 3 Months QRadar … Consultant Overview CPS Group UK are delighted to be seeking an experienced IBM QRadar SME/Consultant to support, optimize, and enhance our clients SIEM environment. This role will focus on reviewing the current QRadar deployment, improving log source coverage, strengthening detection capabilities, and ensuring the platform is maintained and ...

QRadar SME/Consultant Role: QRadar Subject-Matter-Expert/QRadar Consultant Specialism(s) : IBM QRadar, SIEM, Log Source Analysis, Detection/Security Engineering, Upgrading & Patching, Tuning, Security Frameworks Type: Contract, Daily Rate Pay Rate: DoE Start: Mid-End May 2026 Location: Remote/Midlands Duration: 3 Months QRadar … Consultant Overview CPS Group UK are delighted to be seeking an experienced IBM QRadar SME/Consultant to support, optimize, and enhance our clients SIEM environment. This role will focus on reviewing the current QRadar deployment, improving log source coverage, strengthening detection capabilities, and ensuring the platform is maintained and ...

Responsibilities: • Perform triage of security events and incidents • Determine scope, impact and remediation priorities • Real-time incident management from detection to resolution • Support SIEM engineering and tool configuration within an enterprise SOC • Develop use cases, analytics and playbooks • Work within a fast-paced, highly secure operational environment Essential Experience: ✔ Proven … Tier 2/3 SOC Analyst experience (2+ years) ✔ Hands-on SIEM experience (ArcSight preferred) ✔ SOC certifications such as SANS, ISC2 or equivalent ✔ Strong incident response and threat analysis capability ✔ Understanding of cloud technologies. Desirable: ➕ Defence/MOD experience ➕ Team lead exposure ➕ Degree in Computing, Engineering or related discipline. Please ...

What You'll Be Doing Lead day-to-day cyber security operations , ensuring systems remain protected and resilient Monitor and respond to threats via SIEM tools , investigating incidents and implementing fixes Manage and optimise next-generation firewalls (Palo Alto) and endpoint security platforms Oversee vulnerability management and patching (e.g. Qualys … security + networking expertise, including: Proven experience in cyber security operations and engineering Strong hands-on experience with: Palo Alto Firewalls (essential) SIEM tools Endpoint Detection & Response (EDR) Vulnerability management tools (e.g. Qualys) Solid networking knowledge: L2/L3 switching (Cisco Nexus) LAN/WAN, Wi-Fi (Aruba), load balancing ...