22 of 22 SIEM Jobs in the City of London

processes Developing and maintains documentation for security systems and procedures Responding to and, where appropriate, resolving or escalating reported security incidents Monitoring system logs, SIEM tools and network traffic for unusual or suspicious activity. Investigating and resolving security violations by providing postmortem analysis to illuminate the issues and possible solutions More ❯

processes Developing and maintains documentation for security systems and procedures Responding to and, where appropriate, resolving or escalating reported security incidents Monitoring system logs, SIEM tools and network traffic for unusual or suspicious activity. Investigating and resolving security violations by providing postmortem analysis to illuminate the issues and possible solutions More ❯

response, ensuring the protection of BCG’s global network. You will work closely with the Security Operations Center (SOC), Security Information and Event Management (SIEM), and Managed Security Service Provider (MSSP) to enhance detection and response capabilities. Your expertise will contribute to strengthening our security posture and minimizing business risks … Tier 3 Incident Responder, supporting complex investigations into cyber security incidents. * Conduct proactive threat hunting to detect and neutralize emerging threats. * Monitor and analyze logs via SIEM, EDR, and network traffic analysis tools for potential attack indicators. * Investigate security incidents, including malware infections, phishing attacks, and unauthorized access attempts. * Develop … mindset to identify security threats. * Experience with malware analysis, including static and dynamic analysis techniques. * Ability to develop and refine threat-hunting methodologies and define SIEM use cases. * Familiarity with global cybersecurity regulations and compliance frameworks (GDPR, NIST, ISO 27001, etc.). * Ability to work under pressure in a fast More ❯

Develop & maintain documentation for systems, procedures, processes and more What skills do you need to be a Security Analyst? Rapid7 IDR (open to other SIEM tools) CrowdStrike Microsoft Defender Understanding of networking (Cisco Umbrella & Fortinet, IDS/IPS, etc) Experience with Vulnerability Management tools Experience with Password Management tools Experience More ❯

Develop & maintain documentation for systems, procedures, processes and more What skills do you need to be a Security Analyst? Rapid7 IDR (open to other SIEM tools) CrowdStrike Microsoft Defender Understanding of networking (Cisco Umbrella & Fortinet, IDS/IPS, etc) Experience with Vulnerability Management tools Experience with Password Management tools Experience More ❯

security principles, protocols, and standards. Proficiency with DevOps and DevSecOps tools (e.g. GitLab CI/CD, Ansible, Terraform). Experience with security tools like SIEM/SOAR (preferably Rapid7), IDS/IPS, vulnerability scanners, and code analysis tools (SonarCloud, Snyk, Chekov) Strong knowledge of network security, encryption, identity and access More ❯

network protocols, ports, and services * Understanding of encryption algorithms AES, RSA etc * Knowledge of Public Key Infrastructure (PKI), SSL/TLS certificates * Basics of SIEM * Basics of OS Patching Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the More ❯

conducting vulnerability assessments, supporting audits, and helping to strengthen third-party security compliance. Key Responsibilities: Monitor security systems and investigate incidents Operate firewalls, EDR, SIEM tools, and encryption software Support vulnerability testing and risk analysis Assist with third-party vendor assessments and internal audits Contribute to the ongoing improvement of More ❯

directory services (e.g. Active Directory, Azure AD), identity federation, and identity lifecycle orchestration Familiarity with logging and monitoring practices, including event correlation, identity-related SIEM alerts, or IAM health dashboards Understanding of identity governance within regulatory frameworks such as ISO 27001, NIST, GDPR, or SOX Experience in platform resilience, fault More ❯

Develop and implement strategies to ensure network and security infrastructure meets current and future needs. Monitor and respond to security incidents using tools like SIEM and Sophos MTR. Maintain system security by configuring firewalls, VPNs, and intrusion detection systems, and ensuring timely patching. Manage vulnerability remediation based on penetration test More ❯

StrongKnowledge of Windows Server security and Active Directory. Familiaritywith security frameworks and standards (e.g., NIST, ISO 27001). Experiencewith security tools and technologies (e.g., SIEM, EDR, DLP). What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date More ❯

StrongKnowledge of Windows Server security and Active Directory. Familiaritywith security frameworks and standards (e.g., NIST, ISO 27001). Experiencewith security tools and technologies (e.g., SIEM, EDR, DLP). What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date More ❯

staff. THE ROLE: Design and implement short and long-term strategic plans to ensure IT network Work closely with and monitor logs generated from SIEM & Sophos MTR Configuring, maintaining and implementing intrusion detection systems and firewalls, virtual private networks, web protocols, and email security Create and update all relevant Jira More ❯

SSO, and Privileged Access Management (PAM). • Lead threat monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. • Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). • Conduct regular security risk assessments, penetration tests, and … Single Sign-On (SSO), and Privileged Access Management (PAM). • Threat Management & Incident Response: Ability to detect, respond to, and mitigate cyber threats using SIEM, endpoint security, and vulnerability management tools. • Networking & Infrastructure Security: Understanding of firewalls, VPNs, SD-WAN, DNS security, endpoint protection, and cloud security controls. • IT Service More ❯

industry are looking for two new resources, one will provide general support to the security operations team. The second one will specifically support the SIEM migration from an on-prem solution to a next-gen cloud SIEM. Experience required : Strong cyber security with good understanding of Infrastructure environment. Skills needed … security and technology developments. Research and evaluate emerging cybersecurity trends and threats. Monitor for attacks, intrusions, and unusual, unauthorized, or illegal activities. Experienced with SIEM, SOAR and EDR technologies. Able to multi-task, along with strong problem-solving and analytical skills. Strong problem-solving and analytical skills to identify and More ❯

Strong documentation skills (Microsoft Word, Project, Visio) and a grasp of Enterprise Architecture methods like TOGAF (desirable). Familiarity with secure Internet solutions (firewalls, SIEM), LAN environments, and cloud architectures (public/private) is a plus. Knowledge of sector-specific networks such as HSCN, PSN, or JANET is highly advantageous. More ❯

a hands-on technical role focused on enhancing and maintaining the organisation's security capabilities, emphasising Azure infrastructure. This role supports the maturity of SIEM, SOC, and EDR capabilities while actively addressing emerging threats and vulnerabilities. The security engineer will also play a critical role in incident response, compliance, and … innovative security technologies to strengthen the organisation's defenses. Essential functions of the job: SOC operations: perform incident triaging, threat detection, and response activities. SIEM & EDR management: advance and configure SIEM and EDR systems to optimise threat detection and response in Azure environments. Incident response: investigate and mitigate security incidents … solutions. Experience required: Relevant certifications in public cloud security and experience managing Azure cloud infrastructure. Proven expertise in security testing, IAM, vulnerability management, and SIEM configuration. Strong grasp of networking fundamentals, including DNS, WAF, and ingress, paired with experience in CPSM. Familiarity with GIT/version control, SDLC pipelines and More ❯

/Open API specs for vulnerabilities Advise on secure API design patterns Familiar with fallback controls such as WAF's, API gateways Experience using SIEM/logging tools to track API threats Familiarity with NIST, OWASP SAMM, or internal security frameworks Experience producing risk dashboards/reports for API's More ❯

/Open API specs for vulnerabilities Advise on secure API design patterns Familiar with fallback controls such as WAF's, API gateways Experience using SIEM/logging tools to track API threats Familiarity with NIST, OWASP SAMM, or internal security frameworks Experience producing risk dashboards/reports for API's More ❯

reporting to the IT Security Officer, to implement and maintain robust security across their infrastructure. Key responsibilities include managing WAF/DDoS, security gateways, SIEM/SOAR/EDR, firewalls, MFA/SSO, MDM/MAM, vulnerability scans, and incident response. Key Responsibilities: Manage WAF/DDoS, web/email … security gateways, SIEM/SOAR/EDR (alert response), firewalls, MFA/SSO, MDM/MAM, vulnerability scans/remediation, security certificates, IDS/IPS, PAM, and deliver security awareness training. Remediate penetration test findings and contribute to ad-hoc projects. Essential Experience: Strong knowledge of CrowdStrike EDR, Mimecast, Duo More ❯

of onboarding CNI and all other systems. Configuration of all infrastructure including AWS - EC2, S3 buckets, SQS queues is also required. You must have SIEM Engineering and Architecture skills, specifically in Splunk SaaS. Full end to end experience of delivery lifecycle experience for improvements to Splunk SaaS is also essential. … You must have experience of defining improvements within Cyber departments, particularly, SIEM improvements within Cyber Security Operations Centre (CSOC) functions that result in an increase in SIEM Maturity Levels. More ❯

of onboarding CNI and all other systems. Configuration of all infrastructure including AWS - EC2, S3 buckets, SQS queues is also required. You must have SIEM Engineering and Architecture skills, specifically in Splunk SaaS. Full end to end experience of delivery lifecycle experience for improvements to Splunk SaaS is also essential. … You must have experience of defining improvements within Cyber departments, particularly, SIEM improvements within Cyber Security Operations Centre (CSOC) functions that result in an increase in SIEM Maturity Levels. Please apply ASAP to discuss further. More ❯