401 to 425 of 471 SIEM Jobs

and improve operational efficiency Investigate security incidents and drive root cause analysis and remediation Implement and manage tools such as Microsoft Defender, Nessus, and SIEM/SOAR platforms Develop secure cloud templates and baseline configurations Partner with engineering teams to embed secure coding and DevSecOps practices Stay up to date … prem environments Deep understanding of Azure security, DevOps, and automation Hands-on experience with EDR/DLP tools (e.g. Microsoft Defender) Experience with SIEM/SOAR platforms Knowledge of frameworks such as ISO 27001, NIST, and CIS Strong troubleshooting and problem-solving skills Ability to manage multiple priorities ...

support when required. This is a hands-on technical role where youll investigate complex alerts, support threat-hunting activities, contribute to the tuning of SIEM detections, and help improve SOC processes and response playbooks. Youll also play an important role in mentoring analysts and supporting the continued development … automation, and response capabilities are introduced. You will: Investigate, triage, and respond to security alerts across customer environments Support the tuning and maintenance of SIEM detection rules alongside senior analysts Carry out proactive threat analysis and support threat-hunting activities Act as an escalation point for Tier 1 analysts, providing ...

Engineer Milton Keynes We are seeking a hands-on SOC Engineer with strong SIEM and security monitoring experience to join a fast-paced Cyber Security Operations Centre. This role requires both soft and technical skills, focused on the engineering, optimisation, and support of SOC tooling, telemetry, and detection capabilities … improve threat visibility and incident response across hybrid environments. Key Responsibilities Operate, support, and tune SIEM and security monitoring platforms, including Graylog and Splunk. Maintain and optimise log ingestion pipelines across multiple data sources. Develop and refine detection rules, alerts, dashboards, and SOC playbooks. Support incident response, investigation, and containment ...

detect and respond to threats quickly and efficiently. Install, configure and maintain security monitoring tools Ensure SOC tooling is optimised and operating effectively Support SIEM platforms and threat intelligence tooling Work with teams to assess risk and design security controls Apply updates, patches and follow change processes Stay current with … emerging threats and recommend improvements SOC ENGINEER ESSENTIAL SKILLS Strong understanding of information security fundamentals Experience with SIEM tools such as Sentinel or Splunk Familiarity with security monitoring technologies Analytical mindset with strong problem solving skills Ability to manage multiple priorities and meet deadlines Strong communication and collaboration skills ...

future business needs. • Own the full network and security lifecycle, maintaining uptime close to 99.99%. • Monitor, investigate, and respond to security incidents using SIEM tools, Sophos MDR, and threat-hunting techniques. • Configure and manage firewalls, VPNs, IDS/IPS, web and email security solutions. • Maintain high patching and vulnerability … Expert knowledge of Checkpoint firewalls, Cisco routers and switches, and Cisco ISE. • Strong experience with Zscaler Internet Access, Zscaler Private Access, Splunk, and enterprise SIEM tooling. • Proven background in network security, threat prevention, and incident response. • Cisco CCNA and CCNP certifications. • Experience with data centre colocation and vendor/carrier ...

using Flow Designer, Script Includes, and Business Rules Create and maintain REST/SOAP API integrations and IntegrationHub spokes to connect ServiceNow with IAM, SIEM, ERP, and HR platforms Design intuitive Workspaces, Portals, and Dashboards, applying Performance Analytics to provide stakeholders with clear visibility into enterprise risk Design automated workflows ...

using Flow Designer, Script Includes, and Business Rules Create and maintain REST/SOAP API integrations and IntegrationHub spokes to connect ServiceNow with IAM, SIEM, ERP, and HR platforms Design intuitive Workspaces, Portals, and Dashboards, applying Performance Analytics to provide stakeholders with clear visibility into enterprise risk Design automated workflows ...

using Flow Designer, Script Includes, and Business Rules Create and maintain REST/SOAP API integrations and IntegrationHub spokes to connect ServiceNow with IAM, SIEM, ERP, and HR platforms Design intuitive Workspaces, Portals, and Dashboards, applying Performance Analytics to provide stakeholders with clear visibility into enterprise risk Design automated workflows ...

field CND Analyst I junior-level Certifications: 511-Basic Required certification beyond CSWF: none Required experience: 1+ years INFOSEC/Cyber experience; 1+ years SIEM/vulnerability scanner operation. Desired certifications or training: Any associate-level or higher cybersecurity certification. Any vendor training or certification (e.g., Splunk Core Certified Power … scanner) Desired experience: 4+ years experience working in an operational Security Operations Center (SOC). Hands-on experience with industry-standard solutions such as SIEM, Vulnerability Assessment, Penetration Testing, and Malware Detection. Senior CND Engineer senior-level with significant Splunk experience Certifications: 521-Intermediate Desired certifications: Associate to Intermediate level ...

Cyber Security Analyst (SOC) Role: Cyber Security Analyst (SOC) Specialism(s): Security Operations, Security Alerts, Security Incident Management, SIEM, Defender, Cofense, Azure, Email Security, Conditional Access Policies, User Authentication, EDR, Playbooks Security Assessment, Vulnerability Analysis, Risk Analysis, SOAR Type: Contract, Daily Rate Pay Rate: £300 - £400 per day (Inside IR35 … . *Candidates must be eligible for UK Security Clearance* Role Requirements * Play an active role in the CSOC Operations team by: o Monitor active SIEM solutions and platforms o Investigate and triage to security alerts and incidents o Be the escalation point for junior analysts, offering knowledge and mentorship where ...

technical work and mentoring others. Senior SOC Analyst essential skills Proven experience working within a SOC environment, ideally 3+ years Strong knowledge of SIEM, incident management and threat intelligence Experience with cloud security, networking and information security principles Understanding of IDAM, RBAC and joiners, movers and leavers processes Ability … consent for your application to be processed and submitted to the client in conjunction with this vacancy only. Key skills: Senior SOC Analyst, SOC, SIEM, Incident Response, Cloud Security, Threat Intelligence, IDAM, ISO 27001, Team Leadership ...

technical work and mentoring others. Senior SOC Analyst essential skills Proven experience working within a SOC environment, ideally 2+ years Strong knowledge of SIEM, incident management and threat intelligence Experience with cloud security, networking and information security principles Understanding of IDAM, RBAC and joiners, movers and leavers processes Ability … consent for your application to be processed and submitted to the client in conjunction with this vacancy only. Key skills: Senior SOC Analyst, SOC, SIEM, Incident Response, Cloud Security, Threat Intelligence, IDAM, ISO 27001, Team Leadership ...

guardrails, and policies in AWS Implement and maintain IaC security scanning for Terraform Manage IAM policies, network segmentation, and secrets management Configure and tune SIEM (or similar) for cloud-focused detection Establish logging, monitoring, and alerting requirements based on threat modelling Investigate and respond to cloud security events Risk & Compliance … read and write IAC (Terraform) code, comfortable with IAC lifecycles Familiarity with container security and Kubernetes Understanding of secure coding, penetration testing techniques, SIEM, and vulnerability management Strong technical skills relevant to Information Security such as secure coding standards, ethical hacking techniques, network security and risk analysis Understanding of managing ...

detection and response capabilities. This role is client-aligned with ~3 days onsite in London . Key Responsibilities Maintain and configure security platforms including SIEM, XDR/EDR, vulnerability and cloud security tooling Perform lifecycle activities including patching, upgrades, and configuration changes Ensure security platforms are fully integrated across … data quality, alerting, and detection gaps impacting operational effectiveness Support automation and SOAR initiatives (e.g. Sentinel, Logic Apps) Collaborate with SOC providers to maintain SIEM configuration and log ingestion Maintain accurate engineering documentation, runbooks, and platform records Ensure all platforms meet regulatory, audit, and compliance requirements Contribute to governance, reporting ...

responsibilities: This is an interesting opportunity where you will work with the cyber resilience team and assist with the Security Operations function, including EDR, SIEM, gathering security control framework evidence and general day-to-day assistance with security tasks. You will help deliver a strategy which will enhance the organisations … campaigns. Stay informed about emerging cyber threats and vulnerabilities. You will need: Good knowledge and understanding of SOC processes and procedures. Basic experience using SIEM systems such as MS Sentinel, LogRhythm, AlienVault, Splunk Good understanding of incident response stages and handling. Basic knowledge and experience using leading endpoint detection and ...

prem infrastructure, while supporting both BAU operations and ongoing transformation projects. Key Responsibilities of the Cyber Security Engineer: Deploy, configure, and maintain security tooling (SIEM, EDR, DLP, vulnerability management, PAM) across cloud and on-prem environments Monitor, investigate, and respond to security incidents, including root cause analysis and forensic support … Cyber Security Engineer: Experience in a Cyber Security Engineer, SecOps, or similar hands-on security role Strong experience with enterprise security tooling including SIEM, EDR, DLP, and vulnerability management platforms Familiarity with tools such as CrowdStrike, Absolute, Sumo Logic, and Rapid7 (or similar technologies) Experience supporting cloud environments, ideally Azure ...

with cloud security across AWS, Azure or Google Cloud Understanding of network security, encryption, authentication and access control Experience with security tooling such as SIEM, IDS, firewalls and vulnerability assessment tools Knowledge of threat modelling and risk assessment TO BE CONSIDERED: Please either apply through this advert or emailing … client in conjunction with this vacancy only. KEY SKILLS Security Architect, Cyber Security, ISO 27001, NIST, Cloud Security, AWS, Azure, Risk Assessment, Threat Modelling, SIEM, Defence ...

enjoys working across a broad technology estate and keeping up to date with emerging threats and security technologies. Key Responsibilities: * Monitor and develop SIEM and threat detection platforms * Investigate and respond to security incidents and alerts * Support vulnerability scanning, remediation, and reporting activities * Assist with development of security policies, procedures … cyber threats and recommend improvements where appropriate Key Skills & Experience: * 2-4 years' experience within a cybersecurity or infrastructure security role * Experience working with SIEM tools and vulnerability management platforms * Strong understanding of EDR, XDR, MDR, IDS/IPS technologies * Good knowledge of Microsoft security technologies and infrastructure environments * Understanding ...

and Security Architecture frameworks ISO 27001, NIST 800-53, CIS Controls, and OWASP Identity & Access Management (IAM) and Privileged Access Management (PAM) Security Monitoring, SIEM, Threat Detection, and Response Risk Management and Governance frameworks SaaS platforms including Salesforce, SAP, Oracle, and Workday What You Can Expect Work closely with clients … NIST 800-53, and OWASP. Understanding of cloud security controls including identity, network security, encryption, and key management. Experience with logging, monitoring, SIEM technologies, threat detection, and security operations concepts. Knowledge of cyber risk management, threat intelligence, governance, and compliance requirements. Experience supporting large-scale technology or security transformation programmes. ...

Responsibilities Endpoint Strategy: Lead the deployment, policy configuration, and maintenance of the CrowdStrike Falcon platform, playing a crucial role in strengthening our security posture. SIEM Mastery: Collaborate with our SOC partner to design and optimise Splunk dashboards, alerts, and data models to identify sophisticated threats. Incident Response … technical escalation point for high-priority security incidents, utilising EDR and SIEM tools to enable rapid containment. Automation: Develop Security Orchestration, Automation, and Response (SOAR) workflows to minimise manual intervention and enhance response times. Threat Hunting: Proactively search for undetected malicious activity using specialised queries. Training: Enhance the CrowdStrike, Splunk ...

Senior Cyber Security Engineer, you will: Lead Endpoint Strategy: Oversee the deployment and configuration of the CrowdStrike Falcon platform, ensuring robust endpoint protection. Master SIEM: Collaborate with our SOC partner to design and optimise Splunk dashboards and alerts, turning raw data into actionable intelligence to combat sophisticated threats. Incident Response … technical escalation point for high-priority security incidents, employing EDR and SIEM tools for swift containment. Automate Security Processes: Develop Security Orchestration, Automation, and Response (SOAR) workflows to minimise manual intervention and enhance response efficiency. Conduct Threat Hunting: Utilise specialised queries to proactively identify undetected malicious activities within the environment. ...

service accounts. Onboard Windows, Linux/Unix, and network devices into PAM platforms. Manage privileged account controls within Active Directory. Integrate PAM solutions with SIEM tools for event ingestion, correlation, and alerting. Troubleshoot connector, policy, and session issues. Produce high-quality technical documentation and runbooks. Essential experience: Proven hands … discovery and automated governance. Experience onboarding multi-platform systems (Windows/Linux/network devices). Understanding of AD privileged identity management. Experience with SIEM integrations for PAM audit logging. Working knowledge of ISO 27001 and NIST CSF. Strong troubleshooting and analytical skills. Excellent documentation capability. Eligible for SC clearance. ...

systems, infrastructure and sensitive client data. The successful individual will: Lead and develop a high-performing Information Security team Oversee security operations including SIEM, endpoint protection, vulnerability management and incident response Manage cyber resilience across both cloud and on-premise environments Act as the senior escalation point for security incidents … financial services environments Strong understanding of cyber security operations, governance and risk management Experience managing and developing technical security teams Strong knowledge of SIEM technologies, cloud security and incident response processes Ability to communicate effectively with both technical teams and senior leadership Experience operating within regulated environments Desirable experience includes ...

/month at their office. Requirements: • Hands-on with AWS and/or Azure (cloud infra, IaC with Terraform/CloudFormation) • Cybersecurity experience: SIEM (Sentinel/Splunk), EDR/XDR, DLP, vulnerability scanning, pen testing • IAM: Azure AD (Entra ID) or Okta, SSO, MFA, PAM, RBAC/ABAC • Windows Server … comprehensive cybersecurity strategy aligned with business objectives. Design and implement security controls, systems, and protocols to protect company assets from cyber threats. Experience with SIEM platforms and security event monitoring (Microsoft Sentinel, Splunk, or equivalent) Familiarity with EDR/XDR solutions for endpoint threat detection Knowledge of DLP tools Conduct ...

experience (2 years+) Perform triage of security events ; determine scope, priority and impact, and make recommendations that enable expeditious remediation. Demonstratable experience working with SIEM technology and SIEM engineering (including tool configuration) i.e. ArcSight within an enterprise SOC. Experience in creation of use-cases, analytics and playbooks . An understanding ...