1 to 25 of 51 SIEM Jobs in the West Midlands

and liaise with the custiomer and the Service Delivery Manager as well and ensuring the actions of the SOC Analysts follow best practice. Job Duties Security Monitoring: & Investigation: Monitoring SIEM tools to assure high a level of security operations delivery function Oversee and enhance security monitoring systems to detect and analyse potential security incidents. Conduct real-time analysis of security … vulnerabilities, integrating threat intelligence into security monitoring processes. Contribute to the development of threat intelligence feeds to enhance proactive threat detection. Proactively hunt for threats within enterprise environments using SIEM and EDR solutions. Fine-tune SIEM detection rules, correlation alerts, and log sources to reduce false positives. Analyse threat intelligence feeds, map findings to MITRE ATT&CK framework, and provide … mechanisms. Conduct adversary simulation exercises to test and improve detection capabilities. Generate detailed reports on emerging threats, attack trends, and security posture improvements. Monitored and analysed security logs from SIEM platforms to identify suspicious activity. Security Tool Management: Manage and optimise SIEM tools, ensuring they are properly configured and updated to maximize effectiveness. Own the development and implementation of SOC More ❯

hands-on' shift-based roles, working as part of a 24/7 operation working in a standard rotation shift pattern. They are responsible for utilising the SOC's SIEM and SOAR toolsets to detect and investigate potential Security and Service Incidents occurring within the monitored networks. Main Duties Monitor, triage, analyse and investigate alerts, log data and network traffic … skills. Strong analytical skills Must have expertise on TCP/IP network traffic and event log analysis. Must have knowledge and hands-on experience of Microsoft Sentinel (or any SIEM tool). Must have administrative skills in several operating systems, such as Windows, OS X, and Linux Must be proficient in basic shell scripting, creating Snort rules, or other log More ❯

L2) will determine whether a security event qualifies as an incident and coordinate with the customer's IT and Security teams for resolution. Main Duties Security Monitoring & Investigation: Monitor SIEM tools to ensure high-level security operations. Oversee and enhance security monitoring systems to detect and analyze potential security incidents. Conduct real-time analysis of security events and escalate as … Threat Intelligence: Stay updated on cybersecurity threats and vulnerabilities, integrating threat intelligence into monitoring processes. Contribute to threat intelligence feeds for proactive detection. Security Tool Management: Manage and optimize SIEM tools, ensuring proper configuration and updates. Develop and implement SOC Use Cases. Evaluate new security technologies and recommend improvements. Collaboration: Work with IT, legal, and management teams on security incidents … patterns of 4 days on, 4 days off. Ability to obtain or hold SC Clearance. Good understanding of Incident Response approaches. Hands-on knowledge of Microsoft Sentinel or similar SIEM tools. Strong verbal and written English communication skills. Interpersonal and presentation skills. Strong analytical skills. Understanding network traffic flows, normal vs. suspicious activities. Knowledge of Vulnerability Scanning, Management, and Ethical More ❯

a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response via SOC and MSSPs. Manage security tools like SIEM and endpoint protection. Lead incident response and post-incident analysis. Enforce policies for data privacy (GDPR & NIST). Conduct regular security audits. Manage vendor relationships and negotiate contracts. Report service More ❯

a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response via SOC and MSSPs. Manage security tools like SIEM and endpoint protection. Lead incident response and post-incident analysis. Enforce policies for data privacy (GDPR & NIST). Conduct regular security audits. Manage vendor relationships and negotiate contracts. Report service More ❯

years in IT support, with 2+ years in a senior cybersecurity role. Hands-on experience with security tools such as firewalls, endpoint protection, VPNs, IDS/IPS, and SIEM platforms. Deep knowledge of network security, encryption, authentication, and secure configurations including CUI/CDI. Advanced understanding of IT infrastructure, including servers, storage, and virtualization. Familiarity with cloud security (Azure, AWS More ❯

communication skills. Excellent interpersonal and presentation skills. Strong analytical skills. Expertise in TCP/IP network traffic and event log analysis. Hands-on experience with Microsoft Sentinel or similar SIEM tools. Administrative skills across multiple operating systems (Windows, OS X, Linux). Proficiency in shell scripting, creating Snort rules, or other log-searching query languages. Confidence in handling common security More ❯

in security technologies and solutions, including firewalls, intrusion detection/prevention systems (IDS/IPS), endpoint protection, encryption, identity and access management (IAM), and security information and event management (SIEM) systems. Strong understanding of security frameworks, standards, and regulations, including ISO 27001, NIST Cybersecurity Framework, GDPR , NCSC Cyber Essentials Plus, with experience in implementing and maintaining compliance with these requirements. More ❯

role: This is a dynamic and impactful role that offers technical depth, cross-functional collaboration, and the chance to shape Cadent's cyber resilience. Technical Challenge - Work with advanced SIEM, SOAR, and threat detection tools across IT and OT environments. Strategic Contribution - Influence the development of new controls and support the delivery of Cadent's cyber security strategy. Cross-Team … Cyber Security, IT, or related field, with certifications such as CEH, CompTIA Sec+, or equivalent. Experience in cyber security engineering across IT and OT environments. Technical Expertise - Proficiency with SIEM and SOAR platforms, log analysis, threat modelling, and integration of security tools. Problem-Solving Skills - Ability to engineer solutions for complex security challenges, including unpatchable vulnerabilities. Communication & Collaboration - Strong interpersonal More ❯

the Role A degree level education and/or Microsoft or other relevant certifications Azure & Office 365 certifications Desirable for the Role ISO 27001 Knowledge/Awareness Experienced with SIEM API usage Scripting – PowerShell, Python etc. Microsoft Volume Licensing SFTP Systems SharePoint PHD can offer flexible working hours, WFH, Hybrid working option, to be discussed upon application. Supports The Bike More ❯

takes security seriously and offers room to grow your career as the function evolves. Key Responsibilities Support and maintain group-wide security tooling — including Tenable, EDR, access controls, and SIEM Assist in managing security incidents and work with stakeholders on resolution and reporting Contribute to third-party security assessments and vendor risk reviews Coordinate technical testing such as penetration tests More ❯

training, and exercising of SOC staff based on industry best practice. Experience in business growth and bid development is desirable. What We’re Looking for: Essential Experience in operating SIEM tools and vulnerability management software and being able to interpret and prioritise alerts, incidents and threat intelligence. Desirable Security Blue Team 1 or higher CompTIA Cyber Security Analyst SC More ❯

training, and exercising of SOC staff based on industry best practice. Experience in business growth and bid development is desirable. What We’re Looking for: Essential Experience in operating SIEM tools and vulnerability management software and being able to interpret and prioritise alerts, incidents and threat intelligence. Desirable Security Blue Team 1 or higher CompTIA Cyber Security Analyst SC More ❯

training, and exercising of SOC staff based on industry best practice. Experience in business growth and bid development is desirable. What We’re Looking for: Essential Experience in operating SIEM tools and vulnerability management software and being able to interpret and prioritise alerts, incidents and threat intelligence. Desirable Security Blue Team 1 or higher CompTIA Cyber Security Analyst SC More ❯

training, and exercising of SOC staff based on industry best practice. Experience in business growth and bid development is desirable. What We’re Looking for: Essential Experience in operating SIEM tools and vulnerability management software and being able to interpret and prioritise alerts, incidents and threat intelligence. Desirable Security Blue Team 1 or higher CompTIA Cyber Security Analyst SC More ❯

training, and exercising of SOC staff based on industry best practice. Experience in business growth and bid development is desirable. What We’re Looking for: Essential Experience in operating SIEM tools and vulnerability management software and being able to interpret and prioritise alerts, incidents and threat intelligence. Desirable Security Blue Team 1 or higher CompTIA Cyber Security Analyst SC More ❯

training, and exercising of SOC staff based on industry best practice. Experience in business growth and bid development is desirable. What We’re Looking for: Essential Experience in operating SIEM tools and vulnerability management software and being able to interpret and prioritise alerts, incidents and threat intelligence. Desirable Security Blue Team 1 or higher CompTIA Cyber Security Analyst SC More ❯

cloud) is essential. Proven experience with implementing secure core foundational services in a cloud infrastructure for AD, SecDevOps, Networking Services, at an enterprise level is essential. Proven experience in SIEM & SOAR (security information and event management (SIEM) and security orchestration, automation, and response (SOAR). Experience with Rapid7 SIEM tooling is desirable. Proven experience with the core foundational security services More ❯

Press Tab to Move to Skip to Content Link Select how often (in days) to receive an alert: SIEM Application Engineer Function: Cyber Security Unit: Networks Location: Snowhill, Birmingham, United Kingdom Salary: Competitive with Great Benefits The new Network SIEM is essential to BT's network security, meeting TSA requirements and improving our CAF level. Your role as a SIEM … following offices: Birmingham, Manchester, Ipswich (Ipswich only applicable to existing BT employees) What you'll be doing SIEM Solution Development: Collaborate with security analysts and architects to design and implement SIEM solutions using Elasticsearch. Optimize SIEM rules, alerts, and dashboards for efficient threat detection. Collaborate effectively with others to drive forward key security objectives Presentation and documentation writing (to both … Experience in key cyber technologies such as SIEM technologies (Elastic preferred), vulnerability management, access management and other commonly used Enterprise security controls. Ideally from both a development and operational perspective Advantageous: SIEM implementation and usage Experience of Elastic Stack (ELK) Knowledge of Offensive testing frameworks Knowledge of Linux, Windows and Network Administration Knowledge and experience of cloud services (public or More ❯

Ideal Candidate Profile: Expert in Azure cloud security services (Defender for Cloud, Azure Sentinel, Key Vault, APIM) Strong advocate of Zero Trust models and secure development practices Experienced in SIEM & SOAR, ideally with tools like Rapid7 Excellent communicator with the ability to influence at all levels Passionate about cloud innovation and continuous security improvement Microsoft Azure Security Engineer Associate or More ❯

integrity. Candidate Profile Strong experience in endpoint security, especially within critical infrastructure. Proficiency with platforms such as Microsoft Defender for Endpoint, SentinelOne, Trellix, or other EDR solutions. Familiarity with SIEM tools and frameworks like NIST and MITRE ATT&CK. Knowledge of standards such as NERC CIP, CIS Benchmarks, NIST SP 800-82. Scripting and automation skills (PowerShell, Python, Bash More ❯

occasionally lend a hand across IT when needed - so a generalist IT background is helpful too. The environment is Microsoft-focused (Azure, M365, Defender), with Exabeam as the primary SIEM, and you'll play a key part in their journey toward Cyber Essentials Plus certification. The Role Investigate, respond to, and resolve security incidents Shape and improve SIEM monitoring and … in IT Security Engineering or a related technical field Proven hands-on experience with: Microsoft 365 & Azure Security (Defender, Entra ID, Conditional Access) Networking fundamentals (Cisco Meraki, VPNs, segmentation) SIEM (ideally Exabeam) Endpoint security and EDR/XDR Background in general IT or infrastructure support Excellent communication skills, patient and clear with non-IT users Proactive and self-starting mindset More ❯

occasionally lend a hand across IT when needed - so a generalist IT background is helpful too. The environment is Microsoft-focused (Azure, M365, Defender), with Exabeam as the primary SIEM, and you'll play a key part in their journey toward Cyber Essentials Plus certification. The Role Investigate, respond to, and resolve security incidents Shape and improve SIEM monitoring and … in IT Security Engineering or a related technical field Proven hands-on experience with: Microsoft 365 & Azure Security (Defender, Entra ID, Conditional Access) Networking fundamentals (Cisco Meraki, VPNs, segmentation) SIEM (ideally Exabeam) Endpoint security and EDR/XDR Background in general IT or infrastructure support Excellent communication skills, patient and clear with non-IT users Proactive and self-starting mindset More ❯

occasionally lend a hand across IT when needed - so a generalist IT background is helpful too. The environment is Microsoft-focused (Azure, M365, Defender), with Exabeam as the primary SIEM, and you'll play a key part in their journey toward Cyber Essentials Plus certification. The Role Investigate, respond to, and resolve security incidents Shape and improve SIEM monitoring and … in IT Security Engineering or a related technical field Proven hands-on experience with: Microsoft 365 & Azure Security (Defender, Entra ID, Conditional Access) Networking fundamentals (Cisco Meraki, VPNs, segmentation) SIEM (ideally Exabeam) Endpoint security and EDR/XDR Background in general IT or infrastructure support Excellent communication skills, patient and clear with non-IT users Proactive and self-starting mindset More ❯

occasionally lend a hand across IT when needed - so a generalist IT background is helpful too. The environment is Microsoft-focused (Azure, M365, Defender), with Exabeam as the primary SIEM, and you'll play a key part in their journey toward Cyber Essentials Plus certification. The Role Investigate, respond to, and resolve security incidents Shape and improve SIEM monitoring and … in IT Security Engineering or a related technical field Proven hands-on experience with: Microsoft 365 & Azure Security (Defender, Entra ID, Conditional Access) Networking fundamentals (Cisco Meraki, VPNs, segmentation) SIEM (ideally Exabeam) Endpoint security and EDR/XDR Background in general IT or infrastructure support Excellent communication skills, patient and clear with non-IT users Proactive and self-starting mindset More ❯