17 of 17 SIEM Jobs in the Thames Valley

solutions (e.g., CyberArk, BeyondTrust, Delinea) Implement least privilege access models and enforce secure credential management Monitor and audit privileged access activities across systems and applications Integrate PAM tools with SIEM, IAM, and other security platforms Develop and maintain policies, procedures, and documentation for PAM operations Conduct regular access reviews, privilege audits, and risk assessments Collaborate with IT, DevOps, and Security More ❯

language. Proven ability to run client-facing reviews or presentations. Desirable CISSP, CISM, or equivalent certifications. Experience delivering or auditing compliance frameworks. Familiarity with RMM/XDR/EDR, SIEM, and vulnerability scanning platforms. Experience leading small teams (mentoring, guiding). Exposure to incident response and tabletop exercises. What Success Looks Like: Success means the Security Lead is recognised by More ❯

Microsoft certifications (relating to Azure-AZ, Security-SC, Power Platform-PL, Modern Work-MS and Copilot/AI). Excellent consulting, design and delivery of Microsoft Defender suite and SIEM/XDR. Effective technical hands-on experience configuring/implementing products such as Microsoft Azure, Entra & Purview. Accomplished in designing and implementing M365 security technologies, based on above, with little More ❯

and packet (PCAP) analysis Familiarity with Windows and/or Linux investigations Clear and structured documentation of technical findings Desired Skills Basic scripting (e.g., Python, Bash, PowerShell) Experience creating SIEM rules or detection logic Exposure to cloud environments and related attack vectors Knowledge of threat hunting methods and MITRE ATT&CK Interest or experience in cross-functional collaboration (e.g., Threat More ❯

for clients, as they work to address the challenges associated with today’s cyber threat landscape. Your Impact SOC Advisory: 4+ years of consulting experience in SOC, security engineering, SIEM administration, and incident management and demonstrated success with serving large, multinational organisations in designing and implementing an organisation’s security operations program, organisational structures, and capabilities Possess a deep technical … knowledge in Security Incident and Event Management (SIEM) platforms, Security Orchestration and Response (SOAR) technologies, Endpoint Protection and Response/Next Gen Protection and Response (EDR/XDR) tools, Next GenFirewalls, Threat Intelligence and Hunting platforms Defensive Security Skills (desired) : Experience in security operations design, engineering and/or analysis and investigations, ideally in complex environments, with security event correlations More ❯

would be the main focus of the role. Strong expertise with Microsoft Defender and Sentinel is needed. Key Skills & Experience from the Security Analyst: Strong experience with Microsoft Sentinel (SIEM) and Microsoft Defender suite (Defender for Endpoint, Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within More ❯

technical audiences. Proven experience leading client-facing security reviews . Desirable CISSP, CISM , or equivalent certifications. Experience auditing or delivering compliance frameworks. Familiarity with RMM/XDR/EDR , SIEM, and vulnerability scanning platforms. Background in mentoring or managing small teams. Exposure to incident response and tabletop exercises. Reasonable Adjustments: Respect and equality are core values to us. We are More ❯

and securing platforms such as Entra ID (Azure AD), Microsoft 365 E5, Azure IaaS/PaaS, Windows/Linux/Unix. o Strong knowledge of security tooling such as SIEM, endpoint detection (EDR/XDR), and vulnerability management platforms. o Hands-on experience with policy development, access control models (RBAC, ABAC), and logging standards. o Experience supporting assurance activities or … security vetting to SC level. Desirable o Experience working in a regulated or government environment, particularly within research, energy, or national infrastructure. o Knowledge of Incident Management, Vulnerability Assessments, SIEM & SOC Systems. o Knowledge of OT/ICS/SCADA security principles and industrial control environments. o Experience designing or reviewing secure software supply chain and CI/CD security. More ❯

experience focusing on key customer accounts and delivering value to strategic accounts in the cybersecurity industry Extensive platform selling experience in complex sales with multiple buying centers Experience selling SIEM, EDR, or CNAPP (DevSecOps, CloudOps) solutions is highly preferred Established trusted relationships with CIOs and CISOs with the ability to influence and drive strategic conversations Expertise in applying complex solution More ❯

New Zealand, and the Philippines, Orro is known for delivering future-ready solutions, backed by deep expertise, genuine human insight and lasting partnerships. What You’ll Be Doing Perform SIEM-based event analysis and triage potential threats, including recognising successful and unsuccessful intrusion attempts. Investigate phishing emails, suspicious domains, and IP addresses using OSINT and threat intelligence sources. Proactively monitor … great team spirit and a growing passion for cyber security. Ideally, your toolkit includes: 1–2 years of experience in a SOC or related cyber role. Exposure to AI SIEM, XDR or EDR platforms such as Splunk, Microsoft Sentinel or SentinelOne Experience with Microsoft Security platforms and Windows security fundamentals. Familiarity with Linux/Unix-based systems and basic scripting More ❯

of greenfield Identity and Access Management and Privileged Access Management solutions. You'll provide hands-on technical leadership, ensure secure-by-design implementation, and contribute to the development of SIEM/SOC capabilities. Key Responsibilities Lead end-to-end IAM/PAM design and delivery. Integrate IAM/PAM telemetry into SIEM tooling. Provide technical oversight for MSPs and vendors. … OpenID Connect . Familiarity with ISO 27001, NIST CSF, CAF & GDPR . Experience leading or overseeing MSPs. Current SC clearance . Desirable: Knowledge of Microsoft Sentinel, Splunk, or Elastic SIEM . Experience in SOC build or cyber transformation projects. Degree/HND in a relevant STEM field. More ❯

for security solutions, ensuring alignment with enterprise architecture and security policies. Design and architect solutions across various security domains including: Data Loss Prevention (DLP) Security Information and Event Management (SIEM) Identity and Access Management (IAM) Endpoint Detection and Response (EDR), MDM, and Endpoint Management tools Cloud and On-Prem Security Solutions Collaborate with stakeholders such as IT operations, application teams … documentation. Maintain up-to-date knowledge of emerging security threats and best practices to continuously enhance solution designs. Qualifications - Proven experience designing security solutions across multiple domains including DLP, SIEM, IAM, and Endpoint Security. Bachelor’s degree in computer science, Cybersecurity, Information Systems, or related field (master’s preferred). Experience in cybersecurity with 3+ years in a security architect More ❯

the Cyber Engineer aligned to IT To be part of a team operating systems to support Vodafone's secure SOC. Provide technical support to SOC analysts and management of SIEM systems, databases and log/event collection systems. Other duties include: Manage Big Data SIEM Platforms, based on Elastic/Cloudera technologies Implement Log/Event Collection systems and agents … for AWS, Azure, GCP and on-premise platforms Support customer deployments, user acceptance testing Maintain SOC infrastructure – Analyst systems, SIEM, databases (event, threat, IOC...) Provide in-depth IT/Cloud support to SOC Analysts Who you are Experience of working as an IT System Administrator/Engineer, ideally in an telecoms/ISP environment Knowledge of a wide range of … security technologies, including SIEM platforms Database/Big Data Experience, e.g. MySQL, Postgres, ElasticSearch, Solr, Hadoop IT Systems – Windows, Linux, VMWare, AWS/Azure Scripting – Python, Powershell Worried that you don't meet all the desired criteria exactly? We know that everyone is unique, with multiple aspects to their identity and different experiences behind them. We are passionate about Inclusion More ❯

work with the largest companies in the world, to conceptualize and implement new and inventive ways to integrate our products as well as our data within their systems (i.e. SIEM, TIP, SOAR technologies). As a Solutions Engineer, you will have a dual focus, developing net new relationships by supporting the Regional Sales Director as well as championing adoption with … industry. Understanding of common OS, Browser, OSI Stack, DNS, Domain Registration, TCP/IP and networking technologies. Good understanding of various firewall and web proxy technologies. Working knowledge of SIEM/TIP/SOAR platforms. Familiarity with JSON/RESTful API endpoints. Familiarity with Big Data concepts and the management of large on-premise datasets. More ❯

assisting a client who operate in a regulated industry, financial services, who are currently embarking a programme of work focused on maturity/designing and implementing security posture utilising SIEM tools such as Google Chronicle & implementing UEBA/SOAR (Security Orchestration, Automation, and Response/User and Entity Behaviour Analytics) built on GCP/Google Cloud so Google SecOps/… Security Operations experience is highly desirable. Key Responsibilities; - Enable and validate UEBA alerting within Chronicle SIEM, based on log sources - Deliver a minimum viable UEBA capability with tested detection logic - Provide engineering support to accelerate onboarding of log sources required for UEBA enrichment and detection fidelity - Demonstrate the ability to work with Google Chronicle and SecOps APIs, specifically for the … Design and implement detection use cases aligned to MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs - BindPlane - MITRE ATT&CK - Strong SOC background - SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December, possibly longer - Hybrid More ❯

global managed service provider, assisting them with searching for a Technical Delivery Manager on a contract basis. The successful candidate will be leading the delivery of a large-scale SIEM migration and Elastic Agent rollout across multiple telecom estates. This role is critical to the success of the project and requires someone who is not only an effective coordinator but … also technically capable of driving delivery execution. Key Responsibilities: Lead end-to-end delivery of the SIEM migration and Elastic Agent rollout across complex, multi-environment telecom estates. Coordinate technical delivery plans and ensure alignment across all participating organisations and workstreams. Manage cross-functional teams, ensuring technical tasks are executed to scope, quality, and schedule. Drive progress proactively identifying risks … delivery status, risks, and dependencies to senior leadership. Key Skills: Proven background in the telecommunications industry, ideally having delivered large-scale infrastructure or platform projects. (Essential) Deep understanding of SIEM platforms such as Splunk and Elastic. (Essential) Strong hands-on technical delivery experience, not just governance or coordination. Familiarity with telecom-specific delivery processes, governance, and operational models. Excellent stakeholder More ❯

global managed service provider, assisting them with searching for a Technical Delivery Manager on a contract basis. The successful candidate will be leading the delivery of a large-scale SIEM migration and Elastic Agent rollout across multiple telecom estates. This role is critical to the success of the project and requires someone who is not only an effective coordinator but … also technically capable of driving delivery execution. Key Responsibilities: Lead end-to-end delivery of the SIEM migration and Elastic Agent rollout across complex, multi-environment telecom estates. Coordinate technical delivery plans and ensure alignment across all participating organisations and workstreams. Manage cross-functional teams, ensuring technical tasks are executed to scope, quality, and schedule. Drive progress proactively identifying risks … delivery status, risks, and dependencies to senior leadership. Key Skills: Proven background in the telecommunications industry, ideally having delivered large-scale infrastructure or platform projects. (Essential) Deep understanding of SIEM platforms such as Splunk and Elastic. (Essential) Strong hands-on technical delivery experience, not just governance or coordination. Familiarity with telecom-specific delivery processes, governance, and operational models. Excellent stakeholder More ❯