1 to 25 of 202 SIEM Jobs in the UK

Gather and analyse threat intelligence to inform detection strategies. Maintain detailed incident records and conduct post-incident reviews. Technical Skills Hands-on experience with SIEM, EDR, IDS/IPS, and SOAR platforms. Strong knowledge of operating systems (Windows, Linux), network protocols, and packet analysis tools. Familiarity with scripting languages (Python

networking, and databases. • Knowledge of compliance frameworks such as ISO 27001, SOC 2, NIST, Cyber Essentials, or PCI-DSS. • Experience with security tools including SIEM, vulnerability scanners, endpoint protection, and firewalls. Experience with the Microsoft security stack is an advantage. • Experience with compliance tools such a Microsoft Purview and practical

networking, and databases. • Knowledge of compliance frameworks such as ISO 27001, SOC 2, NIST, Cyber Essentials, or PCI-DSS. • Experience with security tools including SIEM, vulnerability scanners, endpoint protection, and firewalls. Experience with the Microsoft security stack is an advantage. • Experience with compliance tools such a Microsoft Purview and practical

testing. Security & Compliance Strong grasp of cybersecurity (firewalls, EPP, vulnerabilities, threat detection). Understanding of ISO 27001 and GDPR; audit support experience. Familiar with SIEM tools (Splunk, Sentinel). Operating Systems & Automation Working knowledge of Linux (Ubuntu, CentOS). Scripting with PowerShell, Bash, Python. Familiar with ITSM platforms (ServiceNow, Freshservice

Security Operations Centre) or NOC (Network Operations Centre). Strong understanding of incident response methodologies and the MITRE ATT&CK framework. Experience using SIEM, IDS/IPS, vulnerability scanners, and Azure security tools. Technical expertise in Microsoft Defender, EDR (Endpoint Detection and Response), and network architecture. Practical experience managing cyber

Security Operations Centre) or NOC (Network Operations Centre). Strong understanding of incident response methodologies and the MITRE ATT&CK framework. Experience using SIEM, IDS/IPS, vulnerability scanners, and Azure security tools. Technical expertise in Microsoft Defender, EDR (Endpoint Detection and Response), and network architecture. Practical experience managing cyber

also be of interest: Certifications in automation/cloud (Azure Solutions Architect, Terraform, GIAC), vulnerability management (Qualys, ISO 27001, NIST). Experience with SOAR, SIEM, XDR, and cloud-native security (especially Azure). Pre-sales or solution architecture exposure. What can we offer you? Through our one of a kind

OWASP, and willingness to work out of hours/travel when needed. Desirable: Experience in MxDR/SOC support, security technologies (IDS/IPS, SIEM, firewalls), and compliance frameworks (GDPR, Cyber Essentials+, SOC2, PCI-DSS). Strong understanding of data protection principles. If you're a proactive security professional looking

Understanding of Email Security platforms (e.g., Darktrace) and Security Awareness & Training platforms. Knowledge of security frameworks (ISO 27001, NIST, GDPR, etc.). Familiarity with SIEM, security system administration, and incident response. Understanding of SOC operations and monitoring. No formal qualifications required, although a security or IT-related certification (e.g., CompTIA

Contract SIEM Engineer Exciting contract opportunity to join a high-performing cybersecurity team Hybrid working model, three days onsite and two remote Contribute to cutting-edge SIEM and EDR deployments for a large-scale organisation Up to £410 per day (Inside IR35) Active SC clearance required ABOUT THE CLIENT … will join a dedicated security team working to enhance threat detection and response across complex environments. This is a crucial role for an experienced SIEM Engineer to make a measurable impact by improving resilience and operational security. THE BENEFITS: Up to £410 per day (Inside IR35) Hybrid working arrangement Collaborative

service follows and complies with IT and Information Security policies and regulatory standards. Help configure and keep current the integration of IAM technologies with SIEM, SOAR, Service Desk and other tools. Work closely with relevant vendors to ensure optimised use of the supplied technologies and professional services. Serve

including the use of Microsoft Purview and computer forensics an advantage. Experience of utilising and monitoring Information Security solutions e.g. email/web gateways, SIEM, Endpoint protection etc. Strong awareness of Cloud services and supporting security solutions & standards. Good understanding of cloud native and devops practices including pipelines and associated

Implement least privilege access models and enforce secure credential management - Monitor and audit privileged access activities across systems and applications - Integrate PAM tools with SIEM, IAM, and other security platforms - Develop and maintain policies, procedures, and documentation for PAM operations - Conduct regular access reviews, privilege audits, and risk assessments - Collaborate

need from you? Deep expertise in securing cloud platforms (AWS, Azure, GCP) with a focus on financial services Proven experience with tools like SIEM, SOAR, IDS/IPS, and cloud-native security solutions Strong understanding of encryption protocols, key management systems, and IAM best practices Hands-on experience with container

automating processes. Working knowledge of SecDevOps tools and methodologies. Excellent analytical and problem-solving skills. Strong communication and documentation abilities. Hands on experience with SIEM solutions i.e. Splunk, ArcSight, LogRhythm Communication and Soft Skills Experience speaking to and working with leadership as well as ability to write reports and present

ability to work across engineering, operations, and cyber security functions. What You'll Need (Essential) Strong working knowledge of core SOC tooling e.g. SIEM/Splunk, IDPS, Email/Web security, Firewalls Hands-on experience with Cisco ASR, Palo Alto or Fortinet firewalls Excellent understanding of network technologies (LAN/

detect threats, identify trends, and deliver actionable security insights. Strong track record in threat detection, incident management, and escalation handling. Hands-on experience managing SIEM and SOAR platforms such as Splunk, Microsoft Sentinel, or Elastic. Skilled in coaching analysts, building high-performing teams, and managing effective shift models. Confident communicator

/7 basis . Skills and Experience Working knowledge of Various Operating systems including Windows and Linux. Experience of working with SIEM and IPS products within a SOC Environment. Good Analytical skills with the ability to manipulate, interrogate and analyse large data sets. Relevant cyber security analyst experience within

deployment Desirable Skills Experience with cloud platforms (AWS, Azure) and Infrastructure as Code (CloudFormation, Terraform) Integration of enterprise services such as Active Directory, PKI, SIEM, and monitoring tools Hands-on with DevSecOps tools and CI/CD pipelines Relevant industry certifications (VMware VCP, AWS Solutions Architect, Microsoft, Kubernetes, etc.) Experience

executing cyber security strategies, threat detection, and incident response Overseeing IT systems including identity management, device control, and network architecture Managing enterprise security infrastructure (SIEM, EDR, MDM, etc.) Supporting compliance, risk assessments, and vendor onboarding Advising senior leadership on posture, risk, and investment priorities What You Bring 5+ years

tools such as EDR, XDR, firewalls, WAF, and email security; experience with CrowdStrike, Palo Alto, and Microsoft Defender is advantageous. Hands-on experience with SIEM platforms, including configuration and data integration. Familiarity with cloud security, network security, and endpoint security across Windows, Linux, and macOS environments. Package

tools such as EDR, XDR, firewalls, WAF, and email security; experience with CrowdStrike, Palo Alto, and Microsoft Defender is advantageous. Hands-on experience with SIEM platforms, including configuration and data integration. Familiarity with cloud security, network security, and endpoint security across Windows, Linux, and macOS environments. Package

/7 basis . Skills & Experience Required: Working knowledge of Various Operating systems including Windows and Linux. Experience of working with SIEM and IPS products within a SOC Environment. Good Analytical skills with the ability to manipulate, interrogate and analyse large data sets. Relevant cyber security analyst experience within

/7 basis . Skills & Experience Required: Working knowledge of Various Operating systems including Windows and Linux. Experience of working with SIEM and IPS products within a SOC Environment. Good Analytical skills with the ability to manipulate, interrogate and analyse large data sets. Relevant cyber security analyst experience within

implementing security controls, mitigating risk and contributing to the continuous improvement of the company's overall security posture. Responsibilities: * Monitor security tools including SIEM (QRadar) and respond to threat detection alerts * Triage, analyse and prioritise security (via ServiceNow) * Investigate root causes of security issues and design effective remediation solutions * Oversee