1 to 25 of 47 SIEM Jobs in the South East

standards for Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic investigations. Infrastructure Hardening: Enforce secure baselines across virtualized environments ...

standards for Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic investigations. Infrastructure Hardening: Enforce secure baselines across virtualized environments ...

Lead investigations and remediation of complex security incidents, including malware infections, data breaches, and advanced persistent threats (APTs). Utilize advanced SIEM (Security Information and Event Management) tools, threat intelligence platforms, and other security technologies to analyze and correlate security alerts. Take ownership of Tier 2-level escalations from Tier … Lead investigations and remediation of complex security incidents, including malware infections, data breaches, and advanced persistent threats (APTs). Utilize advanced SIEM (Security Information and Event Management) tools, threat intelligence platforms, and other security technologies to analyze and correlate security alerts. Take ownership of Tier 2-level escalations from Tier ...

points if you've dabbled in things like: Networking basics (TCP/IP, DNS, DHCP). Windows/Linux systems or firewalls. Security tools (SIEM, antivirus, vulnerability scanners). Scripting (PowerShell, Python). Cloud platforms (Azure, AWS). Entry requirements: an A-Level in ICT OR an International Baccalaureate ...

Implement least privilege access models and enforce secure credential management - Monitor and audit privileged access activities across systems and applications - Integrate PAM tools with SIEM, IAM, and other security platforms - Develop and maintain policies, procedures, and documentation for PAM operations - Conduct regular access reviews, privilege audits, and risk assessments - Collaborate ...

scripting such as Python, Perl, Bash, PowerShell, C++. CREST Practitioner Intrusion Analyst/Blue Teams Level 1 or other SOC related certifications. Experience with SIEM technologies, namely Sentinel and Splunk, with some experience with QRadar. If you are interested in this role but not sure if your skills and experience ...

Information Security related degree and/or relevant cyber security qualification(s). Working experience with cloud-based applications Desirable Knowledge Firewalls, Web Proxy, SIEM, Vulnerability Scanners, Data Security Analysis Intel plus Linux/UNIX knowledge/experience Azure & Active Directory Basic SQL knowledge Project management and risk management techniques ...

looking for a new start in the New Year, please reach out! The role: Monitor, triage, and investigate security alerts and incidents using SIEM tools Support SOC incident triage, assessing scope, urgency, and mitigation actions Assist with incident response activities, including investigation and remediation Manage and respond to security-related ...

through complex challenges with clarity and confidence. What you'll need to succeed You're a seasoned security professional with hands-on experience across SIEM, SOC, Azure, Microsoft 365 and enterprise network environments. You've led incident response, managed third-party suppliers and implemented threat detection strategies in hybrid organisations. ...

Team Lead Deep understanding of end-to-end SOC operations including alert triage, incident response, threat hunting, and case management Extensive experience with SIEM platforms, security orchestration tools, and the broader SOC technology stack Strong knowledge of threat detection methodologies, alert correlation, and incident prioritization frameworks Expert-level understanding ...

Security posture features. Skilled in Fleet/Agent deployment, data stream design, and performance tuning at scale. Strong client management and relationship building experience SIEM experience with Splunk/Elastic Excellent analytical and problem-solving skills coupled with ability to assess complex situations, identify risks, and recommend effective solutions Proven ...

Doing Architect and deploy Microsoft Purview (DLP, classification, compliance) Implement the Defender suite (Endpoint, Identity, Cloud Apps, Office 365) Build and tune Sentinel SIEM: analytics rules, playbooks, KQL, automation Design Zero Trust controls via Entra ID: Conditional Access, PIM, RBAC Lead client-facing workshops and contribute to presales and security ...

capability unit Keep up-to-date with the latest security threats and trends Research and develop understanding of security as a discipline Broad Experience: SIEM Cloud Computing Security Incident Management Networking Threat Intelligence Information Security Phishing, Ransomware and other key threats IDAM (Identity and Access Mgmt) JML (Joiners, Movers and ...

latest security threats, trends, and technologies Main Skills Needed: Strong experience in SOC operations (3+ years), preferably within secure or Defence environments Proficiency with SIEM tools such as Splunk, Elastik, or Defender Knowledge of cloud security and incident management processes Understanding of networking, threat intelligence, and key security threats like ...

advance thread detection and incident response Onboard new customers Manage the transition of services into BAU support Your background: Hands-on experience with customers SIEM and EDR and automation tooling Deep understanding of delivering cyber security services in an MSP setting SC100 Cyber Security Architect certification is highly desirable Additional ...

security policies, procedures, and guidelines.- Conduct regular security audits and assessments to identify vulnerabilities and ensure compliance with industry standards (e.g., ISO 27001).- SIEM & Vulnerability Management.- Monitor and respond to security incidents, conducting investigations and implementing corrective actions.- Collaborate with IT and other departments to ensure the security … and interpersonal skills.**Preferred Qualifications:**- Experience with regulatory compliance requirements such as GDPR, HIPAA, or SOX.- Familiarity with security tools and technologies such as SIEM, DLP, and endpoint protection. CISA/CISSP/CCSP MCSA-Microsoft Windows Server MCSE- Microsoft Certified Solution Expert; MCITP-Microsoft Certified IT Professional; VMware Certified ...

disaster recovery programs Skills and Experience Strong knowledge of IT infrastructure and security tools Proven understanding of desktop and server operating systems Experience with SIEM, endpoint protection, identity management and cloud security tools Understanding of cloud security and compliance (CISSP, CEH, CISM etc) On Offer Up to £65,000 Hybrid ...

requirements. Key Tools and Experience: McAfee EPO ForcePoint Zscaler Pulse VPN IPSEC/SSL Nagios Key Responsibilities: Administer and maintain security tools such as SIEM, endpoint protection, vulnerability scanners, and identity & access management platforms. Assist in the deployment and configuration of new security technologies and integrations. Monitor tool performance and ...

with a strong track record delivering security solutions in local and enterprise environments. You have deep technical knowledge across areas such as endpoint protection, SIEM/EDR platforms, vulnerability management, identity security and threat detection workflows. Strong troubleshooting and configuration skills are essential, along with the ability to work independently ...

Premises and Privilege Cloud Upgrade of CyberArk PAM including all components between both major and minor versions Integration of CyberArk with Active Directory, SMTP, SIEM systems Knowledge of integration with 2FA using SAML, Radius CyberArk scripting experience using PACLI, REST API Configuration of CyberArk PSM Connection Components including ...

activity • Lead real-time monitoring of cybersecurity alerts and events, including investigation and incident response • Manage and maintain security infrastructure including firewalls, IPS, WAF, SIEM, EDR and endpoint controls • Oversee vulnerability management, patching and security hardening across Windows, Linux and virtual environments • Maintain Active Directory security policies, identity controls and … frameworks including NIST 800, ISO 27001 and Cyber Essentials • Strong understanding of UK regulatory expectations, including PRA, FCA, ICO and GDPR • Proven experience with SIEM-led monitoring, threat detection and incident response • Hands-on experience managing firewalls, IPS, WAF, EDR and endpoint security tools • Strong network security knowledge including routing ...

Delivery Qualifications: CISMP, CompTIA Security+ or other technical certifications desired Experience: 3+ years experience in SOC, or related technical field Understanding of the following: SIEM Cloud Computing Security Incident Management Networking Threat Intelligence Information Security Phishing, Ransomware and other key threats IDAM (Identity and Access Mgmt) JML (Joiners, Movers and ...

responsible for monitoring systems, identifying potential threats, and ensuring rapid incident response to safeguard critical services. Responsibilities Keep a close watch on SIEM platforms and other monitoring tools to spot unusual activity. Evaluate and triage alerts to separate genuine incidents from false positives. Take immediate containment steps and escalate confirmed ...

edge cyber technologies, this role will suit you perfectly.??? Key ResponsibilitiesDesign, implement, and maintain security controls across Azure, AWS, and hybrid environments.Develop and enhance SIEM/detection capabilities using Splunk, Elastic, or cloud-native logging platforms.Lead vulnerability management activities - scanning, prioritisation, reporting, and remediation support.Manage and optimise security tooling including … Looking ForEssential:Previous experience in a cyber security engineering or operational security role.Hands-on experience with Azure or AWS security services (preferably both).Strong SIEM knowledge (Splunk, Elastic, Sentinel, etc.).Solid understanding of vulnerability management tooling and processes.Strong grounding in cloud security principles, networking, and enterprise-grade security controls.Desirable:Experience ...

across all client environments. What will you need? * Strong hands-on experience in cyber security or security-focused engineering roles* Experience with firewalls, EDR, SIEM, and security monitoring tools* Strong knowledge of network security (VLANs, VPNs, DNS, TCP/IP)* Experience securing cloud environments (Azure and/or AWS)* Hands … being processed and submitted to the client for this vacancy only. KEY SKILLS - Solutions Engineer, Cyber Security Engineer, Security Engineer, Managed Services, Firewalls, EDR, SIEM, Incident Response, Cloud Security, Azure, AWS, Endpoint Security, Cyber Essentials, Vulnerability Management, Network Security, Client-Facing Security ...