1 to 25 of 230 SIEM Jobs in the UK excluding London

truly matter—this is the place for you.

Examples of tasks that would be undertaken include:

Monitor and analyse security events using SIEM tools (e.g., Splunk, QRadar) Investigate and respond to security incidents and alerts Perform vulnerability assessments … interview.

Incident readiness and handling as part of the Computer Security Incident Response team (CSIRT). Monitor and analyse security logs from various systems (including SIEM) and network devices to identify potential threats and vulnerabilities. Knowledge, Skills & Experience Required: Essential: Bachelor’s degree in computer science, Information Technology, Cyber Security, or More ❯

key and secrets management, data loss prevention, and protective marking and classification capabilities. Cyber Security Operations: Proficient in incident response, vulnerability management, SIEM, SOAR, threat modeling, threat hunting, intelligence, data analytics, and anti-phishing methodologies. Infrastructure and Endpoint Security: Experience with endpoint security control technologies (EDR More ❯

cloud environments (AWS, Azure, GCP) and understanding of cloud security risks. Awareness of Agile environments and practices. Familiarity with advanced cybersecurity technologies such as SIEM, IDS/IPS, and endpoint detection solutions. Key Skills The job holder is expected to possess the following skill set: Ability to extract clarity from More ❯

protection tools, key and secrets management, data loss prevention, and protective marking and classification capabilities. Cyber Security Operations: Proficient in incident response, vulnerability management, SIEM, SOAR, threat modeling, threat hunting, intelligence, data analytics, and anti-phishing methodologies. Infrastructure and Endpoint Security: Experience with endpoint security control technologies (EDR, EPP, UEBA More ❯

protection tools, key and secrets management, data loss prevention, and protective marking and classification capabilities. Cyber Security Operations: Proficient in incident response, vulnerability management, SIEM, SOAR, threat modeling, threat hunting, intelligence, data analytics, and anti-phishing methodologies. Infrastructure and Endpoint Security: Experience with endpoint security control technologies (EDR, EPP, UEBA More ❯

protection tools, key and secrets management, data loss prevention, and protective marking and classification capabilities. Cyber Security Operations: Proficient in incident response, vulnerability management, SIEM, SOAR, threat modeling, threat hunting, intelligence, data analytics, and anti-phishing methodologies. Infrastructure and Endpoint Security: Experience with endpoint security control technologies (EDR, EPP, UEBA More ❯

cyber security or information security engineering role. Strong knowledge of network and system security, encryption, and authentication protocols. Experience with security tools such as SIEM, vulnerability scanners, firewalls, antivirus, and endpoint protection platforms. Familiarity with cloud security (AWS, Azure, or GCP) and hybrid environments. Good understanding of regulatory frameworks and More ❯

cyber security or information security engineering role. Strong knowledge of network and system security, encryption, and authentication protocols. Experience with security tools such as SIEM, vulnerability scanners, firewalls, antivirus, and endpoint protection platforms. Familiarity with cloud security (AWS, Azure, or GCP) and hybrid environments. Good understanding of regulatory frameworks and More ❯

Burp Suite, Kali Linux, Metasploit, Wireshark, Nessus, or equivalent . Good knowledge of network security, firewalls, managed switches, and server configurations . Familiarity with SIEM tools, vulnerability scanning, and incident response . Strong analytical and problem-solving skills. Excellent communication and documentation abilities. Preferred Qualifications Relevant certifications such as OSCP More ❯

their needs are met and any issues are addressed, assisting the service delivery manager with technical issues. Triage and analysis of alerts from multiple SIEM’s and Platforms (Microsoft Sentinel, Microsoft Defender, SentinelOne and AppGuard) and intelligence monitoring capabilities, prior to escalation to the Shift Leader in accordance with the More ❯

Incident Response Monitor cloud environments for security threats, vulnerabilities, and misconfigurations . Lead incident response efforts related to cloud security breaches and misconfigurations. Implement SIEM and security monitoring tools for real-time threat detection. Cloud Security Assessments & Compliance Conduct cloud security assessments, penetration testing, and risk analysis . Ensure compliance More ❯

operation with four shift teams working in a standard rotation. They are responsible for utilising the SOC's Security Incident and Event Management (SIEM) toolsets to detect and investigate potential Security and Service Incidents occurring within the monitored networks. These roles require a minimum of SC clearance and be prepared More ❯

equivalent experience Good knowledge covering several of the following examples (this list is not exhaustive): AD, Cryptography, End User Computing, IAM, PKI, Server hardening, SIEM, SOAR, virtualisation (VMware) Participate in pre-sales tasks and perform ongoing support of delivery collateral. Familiarity with MITRE ATT&CK Familiarity with ITIL Who we More ❯

security, cloud security, and secure system architecture. Experience in penetration testing, vulnerability management, and cyber threat intelligence. Solid knowledge of security technologies such as SIEM, IDS/IPS, firewalls, and endpoint detection and response (EDR). Strong understanding of risk assessment methodologies and security governance frameworks. Excellent stakeholder engagement and More ❯

artifacts in support of incident investigations Experience with vulnerability scanning solutions In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform (e.g. Sentinel, Nitro/McAfee Enterprise Security Manager, ArcSight, QRadar, LogLogic, Splunk) Understanding of mobile technology and OS (i.e. Android, iOS, Windows), Experienced in More ❯

with 2+ years in a senior cybersecurity role. Hands-on experience with security tools such as firewalls, endpoint protection, VPNs, IDS/IPS, and SIEM platforms. Deep knowledge of network security, encryption, authentication, and secure configurations including CUI/CDI. Advanced understanding of IT infrastructure, including servers, storage, and virtualization. More ❯

critical role supporting defence infrastructure through proactive monitoring, analysis and improvement of cybersecurity. Responsibilities: Experience in a security operations centre (SOC) environment Experience with SIEM tools such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP, VPNs, firewalls) Skilled in incident response and More ❯

also acting as a key advocate for cyber awareness across the wider organisation Key Requirements Essential: 3+ years experience in cyber security Proficiency in SIEM , antivirus , and vulnerability management tools Understanding of AD , Office 365 , Windows Server , and infrastructure security Strong IT skills with experience across networks, OS, and security More ❯

potential cyber risks, assess their impact and develop technical mitigation strategies. Working with Security Architecture to advise focused security solution design for SOC/SIEM solutions. Formulate security strategy, creatively applying a wide range of technical and/or management principles. What youll bring: ? Proficiency in Splunk is a key More ❯

Key Requirements: Technical Skills: Deep understanding of security frameworks (e.g., NIST, ISO 27001, CIS Controls, etc.). Practical experience with security tools such as SIEM, firewalls, IDS/IPS, endpoint protection, and vulnerability scanners. Proficiency in risk management practices and tools. Knowledge of cloud security, network security, and data protection More ❯

paths, and workflows. Define and report on KPIs, SLAs, and performance metrics to measure operational effectiveness and support strategic decision-making. Oversee threat management, SIEM optimisation, and vulnerability management activities, ensuring tools and workflows are continually tuned for impact. Serve as the main point of contact for outsourced SOC services More ❯

strategies What You’ll Bring 5+ years in cybersecurity operations, with at least 2 years in a leadership role Strong hands-on knowledge of SIEM, EDR, SOAR, IDS/IPS, firewalls, and cloud security Deep understanding of MITRE ATT&CK, NIST, ISO 27001, CIS frameworks Proven experience in incident response More ❯

IEC 62443, etc). An understanding of cloud-native infrastructure (e.g. microservices, containerisation, Kubernetes, serverless computing). An understanding and/or experience with SIEM, SOAR and EDR. Knowledge and/or understanding of data and analytics in terms of cybersecurity implications. Missing skills? Let us be the judge! BMT More ❯

members. Essential skills: Strong grasp of networking concepts, IP addressing, and traffic flow, with advanced knowledge of Windows and Linux systems. Proficient in using SIEM tools like ArcSight and Azure Sentinel; experienced with KQL and basic XDR platforms. Familiar with OSINT techniques for threat intelligence and incident investigation. Holds or More ❯