1 to 25 of 68 SIEM Jobs in the South East

points if you've dabbled in things like: Networking basics (TCP/IP, DNS, DHCP). Windows/Linux systems or firewalls. Security tools (SIEM, antivirus, vulnerability scanners). Scripting (PowerShell, Python). Cloud platforms (Azure, AWS). Entry requirements: an A-Level in ICT OR an International Baccalaureate ...

automating processes. Working knowledge of SecDevOps tools and methodologies. Excellent analytical and problem-solving skills. Strong communication and documentation abilities. Hands on experience with SIEM solutions i.e. Splunk, ArcSight, LogRhythm Communication and Soft Skills Experience speaking to and working with leadership as well as ability to write reports and present ...

/7 basis . Skills & Experience Required: Working knowledge of Various Operating systems including Windows and Linux. Experience of working with SIEM and IPS products within a SOC Environment. Good Analytical skills with the ability to manipulate, interrogate and analyse large data sets. Relevant cyber security analyst experience within ...

scripting such as Python, Perl, Bash, PowerShell, C++. CREST Practitioner Intrusion Analyst/Blue Teams Level 1 or other SOC related certifications. Experience with SIEM technologies, namely Sentinel and Splunk. If you are interested in this role but not sure if your skills and experience are exactly what were looking ...

role are summarised below: · Security monitoring and incident response · Detection engineering - Develop, maintain, and enhance security detection content primarily for the Splunk SIEM, to enable the detection of threats across diverse platforms (e.g. cloud, endpoints, and networks) · Use frameworks like MITRE ATT&CK to map detection rules and maximise threat ...

Counter Threat Unit, ensuring security controls are effectively implemented across infrastructure and cloud environments. Configure, maintain, and optimise security tools and solutions (e.g., SIEM, EDR )to protect enterprise systems. Monitor systems and networks for anomalies, gather and analyse threat intelligence, and contribute to situational awareness. Skills and experience: Minimum ...

office. Projects that need to be completed Security Awareness OpenSource Software scanning Automated Vulnerability Scanning Kubernetes Vulnerability Scanning Supply Chain monitoring (container images etc.) SIEM and Monitoring/Alerting service AntiVirus/AntiMalware for End User devices Antivirus/Malware/Ransomware etc for Product/Platform DDos Protection Access ...

policies, and standards Own vulnerability management, security monitoring, and incident response Ensure compliance with NCSC, PSN, PCI-DSS, GDPR and other national frameworks Manage SIEM, Microsoft security tooling (Sentinel/Defender/E5), identity & access, firewalls, and endpoint protection Advise on secure design for projects and change governance Prepare annual ...

Produce concise weekly/monthly threat reports and post-incident summaries. Detection Engineering & Threat Response Lead development and refinement of detection content across multiple SIEM and monitoring platforms. Design new queries, alerts, and automated workflows to improve visibility and reduce analyst workload. Tune existing detection rules, reduce false positives, and ...

Security Engineer - SIEM, KQL- sought by investment bank based in London. *Inside IR35 - 3 days a week on-site** Key Responsibilities SIEM Management & Optimization: Design, implement, and maintain Microsoft Sentinel workspaces, connectors, analytics rules, and playbooks Develop advanced KQL queries for threat hunting and reporting Optimize SIEM performance, cost, and ...

What You'll Bring Strong experience with Microsoft 365 security, Defender, Intune, and Azure AD/Entra ID . Working knowledge of Azure Sentinel (SIEM) and KQL. Solid understanding of patch management and endpoint security. Previous involvement in Cyber Essentials Plus or ISO27001 accreditation. Clear communication skills, able to engage ...

solutions (MSP environment highly desirable). Deep product expertise in at least one area: Microsoft 365/Azure, cloud migration, cyber security (firewalls, EDR, SIEM), backup/DR, network infrastructure, or managed services. Proven ability to translate technical capabilities into business value for non-technical audiences. Understanding of the competitive ...

management role in Security Operations. Location: Hybrid, London office 2x a week, 3 days from home. Key Responsibilities Monitor and analyse alerts from SIEM, EDR, firewalls, and other security platforms Lead and coordinate incident response activities Manage security projects including DPIAs, supplier assurance, penetration testing, and remediation Support evaluation and … Essential Experience & Knowledge Experience in Security Operations, Incident Response, or similar role Strong understanding of networking, Windows/Linux, and cybersecurity fundamentals Experience with SIEM (e.g., Sentinel, Splunk), EDR tools, and vulnerability platforms Understanding of security frameworks (ISO 27001, NIST, CIS) Working knowledge of Microsoft InTune Familiarity with GDPR and ...

management role in Security Operations. Location: Hybrid, London office 2x a week, 3 days from home. Key Responsibilities Monitor and analyse alerts from SIEM, EDR, firewalls, and other security platforms Lead and coordinate incident response activities Manage security projects including DPIAs, supplier assurance, penetration testing, and remediation Support evaluation and … Essential Experience & Knowledge Experience in Security Operations, Incident Response, or similar role Strong understanding of networking, Windows/Linux, and cybersecurity fundamentals Experience with SIEM (e.g., Sentinel, Splunk), EDR tools, and vulnerability platforms Understanding of security frameworks (ISO 27001, NIST, CIS) Working knowledge of Microsoft InTune Familiarity with GDPR and ...

such as Cyber Essentials Plus (CE+). Duties & Responsibilities Primary: Assist in monitoring, analysing, and responding to alerts from security tools such as firewalls, SIEM, EDR, and SWG systems under supervision. Identify, triage, and escalate potential security incidents in line with defined procedures, seeking guidance when necessary. Support the investigation ...

provisioning and compliance. Integration knowledge across Microsoft Exchange, M365, VMware and enterprise IT ecosystems. Understanding of Zero Trust architecture, identity threat detection, and SIEM integration. Strong stakeholder management, influencing, and communication skills. Ability to translate complex technical challenges into executive-level decisions and investment cases Our company: Peace ...

delivering Splunk data use-cases Experience building platforms delivering operational + security outcomes AWS experience, including cloud logging + Splunk integration patterns Exposure to SIEM/SOC environments (desirable) Client & Delivery Mindset Comfortable working directly with stakeholders, engineers and leadership Consultancy experience, ideally within government/public sector (desirable) Documentation ...

Title: SIEM Engineer Location: Wokingham/Hybrid (3 days per week on site) Duration: 3 months from the start Rate: £430 per day inside ir35 SC security clearance is required for this role We are looking for a highly skilled Security Engineer to support the deployment, configuration, and management … modern SIEM and EDR platforms. This role is ideal for someone with strong hands-on technical security expertise and a passion for threat detection, analysis, and automation. Key Responsibilities: Syslog experience and/or strong Linux skills SIEM Deployment & Management Configure, deploy, and maintain SIEM platforms such as Microsoft Sentinel ...

cloud-native (Azure/AWS), hybrid infra, SD-WAN and managed security solutions.? Design secure, compliant architectures with zero-trust, IAM, endpoint protection and SIEM integrations for SC-cleared environments.? Support pre-sales with TCO models, PoCs and RFI responses; collaborate with delivery teams on migrations, automation and NOC handovers. ...

and closure of security cases, ensuring timely implementation of corrective actions. Develop and maintain threat scenarios to validate detection and response across SOC, EDR, SIEM, and XDR platforms. Translate threat intelligence into testable hypotheses and simulation exercises in collaboration with Threat Intelligence teams. Utilise adversarial emulation tools (Caldera, Atomic ...

compensation provided for out-of-hours work. Key Responsibilities: Handle escalations from Level 1 analysts and validate complex alerts. Conduct in-depth analysis using SIEM, EDR, XDR and threat intelligence sources to establish root cause, scope and impact. Lead containment and remediation actions in coordination with senior engineers and incident … response leads. Develop and refine detection content, queries and automated workflows within SIEM/SOAR tooling. Provide customers with clear incident summaries, technical explanations and remediation guidance. Identify emerging threats and document relevant tactics, techniques, and procedures. Support structured threat hunting activities and contribute to improving detection coverage. Maintain accurate ...

guidance and approval on security solutions and approaches. Promote secure engineering best practices throughout the organization. Maintain InfoSec frameworks, policies, and awareness programs. Monitor SIEM systems and maintain actionable alerts and reports. Requirements Extensive experience in technical security roles (Security Engineering or Application Security). Strong ability to engage with ...

and driving continuous improvement. Key Responsibilities Lead the design and implementation of Azure security best practices, policies, and controls. Manage and optimise Microsoft Sentinel SIEM, including rule creation, use-case development, automation, and threat hunting. Oversee vulnerability management activities using Tenable, ensuring timely identification, prioritisation, and remediation of risks. Support … Experience Required Strong hands-on experience with Azure Security Centre, Azure AD, Defender for Cloud, and cloud security architecture. Proven expertise in Microsoft Sentinel SIEM administration, threat detection, and automation (KQL experience desirable). Solid understanding of vulnerability management with Tenable (Tenable.io/Tenable.sc). Knowledge of industry security frameworks ...

and driving continuous improvement. Key Responsibilities Lead the design and implementation of Azure security best practices, policies, and controls. Manage and optimise Microsoft Sentinel SIEM, including rule creation, use-case development, automation, and threat hunting. Oversee vulnerability management activities using Tenable, ensuring timely identification, prioritisation, and remediation of risks. Support … Experience Required Strong hands-on experience with Azure Security Centre, Azure AD, Defender for Cloud, and cloud security architecture. Proven expertise in Microsoft Sentinel SIEM administration, threat detection, and automation (KQL experience desirable). Solid understanding of vulnerability management with Tenable (Tenable.io/Tenable.sc). Knowledge of industry security frameworks ...

and driving continuous improvement. Key Responsibilities Lead the design and implementation of Azure security best practices, policies, and controls. Manage and optimise Microsoft Sentinel SIEM, including rule creation, use-case development, automation, and threat hunting. Oversee vulnerability management activities using Tenable, ensuring timely identification, prioritisation, and remediation of risks. Support … Experience Required Strong hands-on experience with Azure Security Centre, Azure AD, Defender for Cloud, and cloud security architecture. Proven expertise in Microsoft Sentinel SIEM administration, threat detection, and automation (KQL experience desirable). Solid understanding of vulnerability management with Tenable (Tenable.io/Tenable.sc). Knowledge of industry security frameworks ...