1 to 25 of 258 SIEM Jobs in the UK

standards for Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic investigations. Infrastructure Hardening: Enforce secure baselines across virtualized environments ...

collaborative and high performing team. Skills & Experience We're Seeking * Experience working in a SOC, cyber defence, or threat detection environment * Experience with SIEM platforms including Elastic Security, Microsoft Sentinel, and Splunk, using KQL, ES|QL, and Kibana Query Language to analyse and interpret security data * Familiarity with incident response ...

also contribute to strategic security projects and ensure secure, scalable and resilient solutions across the business. Key Responsibilities: Deploy and manage enterprise security tools (SIEM, XDR, DLP, Email Security, Endpoint Protection). Build automation using Python, PowerShell, Bash. Implement IaC using Terraform and Ansible. Maintain secure baselines for Windows, Linux ...

Controls, or DORA. Strong understanding of cloud and hybrid security environments, including Microsoft 365 and Azure. Strong operational expertise across EDR/XDR, SIEM (e.g., Microsoft Sentinel, Splunk), identity protection, and vulnerability management. Experience with security audits, compliance programmes, and regulated industry requirements. Excellent communication and influencing skills, with confidence ...

relocate to Belfast please About you * Solid understanding of networking concepts, operating systems and common attack techniques * Practical experience using security tooling such as SIEM, EDR, IDS/IPS and Firewall technologies * Hands-on knowledge of forensic methods across Windows, Linux and cloud platforms * Good understanding of common attack types ...

driving continuous improvements, and optimising security tools and technologies to enhance operational efficiency. • Hands-on experience in threat detection and prevention, including expertise in SIEM, EDR, firewall management, or similar security technologies. • Ability to build relationships and engage with all levels of management, communicating complex technical issues to a range ...

Technical Breadth: Demonstrable experience with IP-based networks, WAN technologies, Windows/Linux environments, and virtual server technologies. Modern Solutions: First-hand experience with SIEM solutions, SOAR workflows, and EDR technologies like Microsoft Defender. ...

Technical Breadth: Demonstrable experience with IP-based networks, WAN technologies, Windows/Linux environments, and virtual server technologies. Modern Solutions: First-hand experience with SIEM solutions, SOAR workflows, and EDR technologies like Microsoft Defender. ...

e.g. Security+, CEH, CPSA) or similar. It would be great if you had: Scripting or programming skills (Python, PowerShell, Bash, Perl, C++). Broader SIEM experience (e.g. QRadar). Additional SOC or CREST certifications. If you're interested in this role but not sure if your skills and experience ...

and wants to contribute to a mission-driven cyber defence team. Key Responsibilities You will: Develop, maintain and enhance detection content (primarily for Splunk SIEM ) across cloud, endpoint and network platforms Identify detection gaps, log ingestion issues and alert improvements Review and uplift existing SecOps standards, logging maturity, BAU monitoring ...

Security+, CISM, AWS Security Specialty or ISO 27001 Lead Implementer. Experience with WAF and bot management in a production e-commerce context. Familiarity with SIEM, SOAR or security automation tooling. Exposure to ISO 27001 implementation or SOC 2 readiness programmes. Experience with multi-cloud security across Azure and GCP. Background ...

Experience in IT operations with exposure to cybersecurity or governance * Knowledge of ISO 27001, GDPR and risk management frameworks * Familiarity with vulnerability management, SIEM or EDR tools * Strong understanding of Windows Server, Active Directory and Microsoft 365 security * Strong analytical and communication skills What is on offer: * Salary ...

depth technical knowledge of deploying, maintaining, and configuring a wide range of security technologies within a large and complex environment (anti-malware/EDR, SIEM solutions, vulnerability scanners, patch management, CASB, DLP, penetration testing tools, etc.) Knowledge of TCP/IP and related network protocols: knowledge of standard network protocols ...

security frameworks such as ISO 27001, NIST, Cyber Essentials Expertise in risk management, vulnerability assessment, and incident response Experience with enterprise security tools (e.g. SIEM, IDS, firewalls, encryption technologies) Knowledge of cloud and hybrid security environments Ability to communicate complex technical risks to non-technical stakeholders Experience influencing senior leadership ...

implementing security controls, mitigating risk and contributing to the continuous improvement of the company's overall security posture. Responsibilities: Monitor security tools including SIEM (QRadar) and respond to threat detection alerts Triage, analyse and prioritise security (via ServiceNow) Investigate root causes of security issues and design effective remediation solutions Oversee ...

this vacancy only. KEY SKILLS Cyber Security, Security Operations, SOC, Microsoft Defender, Sentinel, Incident Response, Vulnerability Management, Threat Intelligence, Threat Hunting, SOAR, Azure, AWS, SIEM, KPIs, Risk Reporting ...

Business and an Employment Agency as defined within The Conduct of Employment Agencies & Employment Businesses Regulations 2003. Keywords: Cyber Threat Engineer,Detection & Response Engineer,SIEM Engineer,Security Detection Engineer,Threat Hunting Engineer,Security Automation Engineer,SOC Engineer,Incident Response Engineer,Cloud Security Engineer,Network Security Engineer,Cybersecurity Analyst (Threat Focus ...

configuring and working directly with security tooling in live environments Cloud security (Microsoft 365, Azure, AWS) Strong technical exposure to security tooling, such as: SIEM/SOAR, EDR/XDR, vulnerability scanners, patch management, CASB, DLP Desirable experience: Microsoft Defender, Purview and M365 E5 security capabilities Privileged Access Management ...

systems remain at the required security posture against baseline requirements Work with the Security Monitoring engineering team to ensure logs are forward to the SIEM capability Work with the customer and appropriate agencies to develop new policies, design processes, and procedures, and develop technical designs Assess system vulnerabilities, implement risk ...

Assisting with Zero Trust Client configuration and rollout, including secure network and data access. Integrate Zero Trust solutions with identity providers (Entra AD, Okta), SIEM/SOAR systems, endpoint platforms, and data repositories. Assisting infrastructure teams in migrating legacy VPN, proxy, and firewall solutions to cloud native Zero Trust models ...

Experience working in a SOC, NOC, or equivalent security operations environment, with well-developed investigation, triage, and incident handling skills. Demonstrable practical knowledge of SIEM, EDR, firewalls, and major security technologies (Splunk, Sentinel, QRadar, CrowdStrike, etc.). Strong grasp of networking concepts (TCP/IP, DNS, protocols), Windows and Linux ...

workflows Configure session recording, monitoring, and auditing Onboard servers, network devices, and platforms into PAM Manage service account discovery and lifecycle Integrate PAM with SIEM tools for logging and alerting Support Active Directory privileged account controls Troubleshoot PAM connectors, sessions, and access issues Produce clear technical documentation and runbooks Essential ...

incident documentation Required Experience Previous experience in a SOC or security operations role Strong knowledge of cyber attack techniques and defence strategies Experience with SIEM, EDR, XDR, and SOAR platforms Networking fundamentals including firewalls and protocols Strong analytical and problem-solving ability Certifications (Desirable) Microsoft SC-200 CompTIA Security+ Blue ...

incident documentation Required Experience Previous experience in a SOC or security operations role Strong knowledge of cyber attack techniques and defence strategies Experience with SIEM, EDR, XDR, and SOAR platforms Networking fundamentals including firewalls and protocols Strong analytical and problem-solving ability Certifications (Desirable) Microsoft SC-200 CompTIA Security+ Blue ...

information security role within a UK-based organisation, ideally supporting public sector or critical services. Practical experience with security monitoring and incident response tooling (SIEM/XDR) Strong working knowledge of ISO/IEC 27001 and experience maintaining an ISMS. Practical experience with Cyber Essentials/Cyber Essentials Plus certification. ...