1 to 25 of 533 Remote SIEM Jobs

scenarios. Collate and distribute monthly Threat Vulnerability Management (TVM) reports to senior stakeholder Person Specification: 1-3 years of experience working in a SOC or similar role. Experience with SIEM tools and performing security investigations. Strong understanding of networking concepts, protocols, and security principles. Knowledge of security incident handling, malware analysis, and threat intelligence. Excellent problem-solving skills and attention … e.g., GDPR, FCA, PCI ) and compliance requirements. Strong communication skills with the ability to translate technical details to non-technical stakeholders. Technical Skills: Experience with SOC tools such as: SIEM (e.g., Splunk, IBM QRadar, ArcSight, Rapid7) Endpoint Detection and Response (EDR) (e.g., CrowdStrike, Carbon Black, SentinelOne, Rapid7) Vulnerability Management tools (e.g., Nessus, Qualys, Rapid7) Threat Intelligence Platforms (e.g., Recorded Future More ❯

auditing security measures, security response, and incident management. • Possess a working knowledge of Cisco network switches, routers, firewalls and VPN, network security, administration of DLP, antivirusantimalware, IDS/IPS, SIEM, SMTP, Email security, AD, Group Policy, DNS, DHCP, and VLANs. • Experience with identity access management solutions, such as SAMLOATH • Experience with HIDS and NIDS • The ideal candidate possesses relevant information More ❯

complex cyber incidents, including APTs, malware outbreaks, and data breaches. Take charge of escalated alerts from Tier 1 and 2 analysts and guide them through advanced response protocols. Utilize SIEM, EDR, and threat intelligence platforms to perform deep-dive analysis and response. Threat Hunting & Analysis Proactively identify emerging threats through behavioral analytics and threat intelligence. Analyze log data, network activity … a related field. 6–8+ years in cybersecurity with a focus on incident response and threat hunting. Proven experience investigating APTs, ransomware, and data exfiltration attempts. Deep knowledge of SIEM platforms (e.g., Splunk, LogRhythm, ArcSight) and EDR solutions. Hands-on experience in network/system forensics and malware analysis. Familiarity with operating systems (Windows, Linux) and cloud environments (e.g., AWS More ❯

complex cyber incidents, including APTs, malware outbreaks, and data breaches. Take charge of escalated alerts from Tier 1 and 2 analysts and guide them through advanced response protocols. Utilize SIEM, EDR, and threat intelligence platforms to perform deep-dive analysis and response. 🧠 Threat Hunting & Analysis Proactively identify emerging threats through behavioral analytics and threat intelligence. Analyze log data, network activity … a related field. 6–8+ years in cybersecurity with a focus on incident response and threat hunting. Proven experience investigating APTs, ransomware, and data exfiltration attempts. Deep knowledge of SIEM platforms (e.g., Splunk, LogRhythm, ArcSight) and EDR solutions. Hands-on experience in network/system forensics and malware analysis. Familiarity with operating systems (Windows, Linux) and cloud environments (e.g., AWS More ❯

Qualifications: Proven experience in a cyber security or information security engineering role. Strong knowledge of network and system security, encryption, and authentication protocols. Experience with security tools such as SIEM, vulnerability scanners, firewalls, antivirus, and endpoint protection platforms. Familiarity with cloud security (AWS, Azure, or GCP) and hybrid environments. Good understanding of regulatory frameworks and standards (ISO 27001, NIST, PCI More ❯

ll bring 18+ months of experience in a Cyber Security Analyst or SOC Level 1 role, and hands-on exposure to tools and technologies such as: 🛠️ SOC Tools across: SIEM: Splunk, IBM QRadar, ArcSight, Rapid7 EDR: CrowdStrike, Carbon Black, SentinelOne IDS/IPS: Snort, Suricata, Cisco/Checkpoint Vulnerability Management: Nessus, Qualys Threat Intelligence: Recorded Future, ThreatConnect Firewalls & Monitoring: Palo More ❯

ll bring 18+ months of experience in a Cyber Security Analyst or SOC Level 1 role, and hands-on exposure to tools and technologies such as: 🛠️ SOC Tools across: SIEM: Splunk, IBM QRadar, ArcSight, Rapid7 EDR: CrowdStrike, Carbon Black, SentinelOne IDS/IPS: Snort, Suricata, Cisco/Checkpoint Vulnerability Management: Nessus, Qualys Threat Intelligence: Recorded Future, ThreatConnect Firewalls & Monitoring: Palo More ❯

and applications. You’ll monitor security tools and alerts, respond to threats, and contribute to the development and implementation of controls across cloud and on-premise environments. Responsibilities: Analyse SIEM events and alerts, ensuring effective investigation and resolution. Respond to phishing incidents and manage malicious email reporting. Support incident response, escalation, and coordination. Monitor cloud and on-premises environments for … . Practical knowledge of cloud security across AWS, Azure, or GCP (e.g. CloudTrail, Sentinel). Experience with endpoint protection, DLP, IDS/IPS, MFA, and content filtering. Familiarity with SIEM platforms and vulnerability management tools. Exposure to SOAR platforms and scripting or development skills (e.g. Python, Bash). Understanding of frameworks such as ISO 27001/2, NIST, SOC, or More ❯

access management, data security and cloud security (Azure and/or AWS). Windows and/or Linux operation system administration and security. Experience with security tools such as SIEM, EDR, CASB, DLP, DSPM, VMDR, SOAR, NGFW. Proficiency in analyzing host, network, and application logs across diverse platforms. Scripting or automation experience with tools like PowerShell, Python, or Bash. Working More ❯

and modern frameworks (e.g., Django, Node.js , React). Expert-level scripting and automation skills (e.g., Python, Bash, PowerShell) for workflow automation, tooling, and log analysis. Proficient in log analysis, SIEM usage/configuration, threat hunting, and querying tools to support detection and response. Familiarity with static and dynamic analysis techniques and vulnerability mitigation. Strong understanding of modern cloud platforms-especially … OSCP, GCIH, GWAPT, or CISSP. Familiarity with security frameworks such as NIST CSF, MITRE ATT&CK, OWASP ASVS, or ISO 27001. Experience with commercial security tools such as EDR, SIEM, CSPM, CNAPP, vulnerability scanners, bug bounty platforms, WAFs, or compliance automation platforms. Prior experience driving security engineering for a SaaS-based company. Experience leveraging automation or AI/ML tools More ❯

knowledge of cybersecurity concepts and threat vectors. Proficiency in scripting (Python, PowerShell, etc.) for data analysis and automation. Experience with data normalization, correlation, and event analysis. Deep understanding of SIEM technologies, data pipelines, and event management processes. Knowledge of SIEM platforms and their integration with UEBA solutions. Experience with machine learning models for threat detection and behavioral analytics. Hands-on More ❯

knowledge of cybersecurity concepts and threat vectors. Proficiency in scripting (Python, PowerShell, etc.) for data analysis and automation. Experience with data normalization, correlation, and event analysis. Deep understanding of SIEM technologies, data pipelines, and event management processes. Knowledge of SIEM platforms and their integration with UEBA solutions. Experience with machine learning models for threat detection and behavioral analytics. Hands-on More ❯

knowledge of cybersecurity concepts and threat vectors. Proficiency in scripting (Python, PowerShell, etc.) for data analysis and automation. Experience with data normalization, correlation, and event analysis. Deep understanding of SIEM technologies, data pipelines, and event management processes. Knowledge of SIEM platforms and their integration with UEBA solutions. Experience with machine learning models for threat detection and behavioral analytics. Hands-on More ❯

knowledge of cybersecurity concepts and threat vectors. Proficiency in scripting (Python, PowerShell, etc.) for data analysis and automation. Experience with data normalization, correlation, and event analysis. Deep understanding of SIEM technologies, data pipelines, and event management processes. Knowledge of SIEM platforms and their integration with UEBA solutions. Experience with machine learning models for threat detection and behavioral analytics. Hands-on More ❯

knowledge of cybersecurity concepts and threat vectors. Proficiency in scripting (Python, PowerShell, etc.) for data analysis and automation. Experience with data normalization, correlation, and event analysis. Deep understanding of SIEM technologies, data pipelines, and event management processes. Knowledge of SIEM platforms and their integration with UEBA solutions. Experience with machine learning models for threat detection and behavioral analytics. Hands-on More ❯

knowledge of cybersecurity concepts and threat vectors. Proficiency in scripting (Python, PowerShell, etc.) for data analysis and automation. Experience with data normalization, correlation, and event analysis. Deep understanding of SIEM technologies, data pipelines, and event management processes. Knowledge of SIEM platforms and their integration with UEBA solutions. Experience with machine learning models for threat detection and behavioral analytics. Hands-on More ❯

security, including firewalls, WAF, anti-virus, and O365 compliance & security centre . Familiarity with NIST (CSF Framework 2.0), ISO 27001, PCI-DSS, and GDPR . Experience operating and managing SIEM solutions , vulnerability management tools, and secure configuration tooling. Ability to use PowerShell and Python scripting for security automation. Experience working in or with agile and/or SecOps oriented teams More ❯

and alerts associated with cyber threats, intrusions, and compromises alongside a team of global security analysts following documented SLOs and processes. Analyze events using security tooling and logging (e.g., SIEM, EDR) and assess potential risk/severity level of cyber threats; escalate higher-risk events to dedicated incident response and management teams in the CFC according to established processes. Collaborate … Cloud Infrastructure (AWS, Azure, GCP), and Security Technologies (Anti-Virus, Intrusion Prevention, Web Application Firewalls) Interest in developing knowledge across common Incident Response and Security Monitoring applications such as SIEM (e.g., Qradar, Splunk), EDR (e.g., FireEye HX, CrowdStrike Falcon, Microsoft Defender), and SOAR (Palo Alto XSOAR, Google Secops/Chronicle) Desire to build technical skills and hands-on knowledge in … and reverse engineering In-depth knowledge of network and host security technologies and products (such as firewalls, network IDS, scanners) and improve these skills Security monitoring technologies, such as SIEM, IPS/IDS, UEBA, DLP, among others Scripting and automation Additional Information Benefits package includes: Flexible work environment, working hybrid or in the office if you prefer. Great compensation package More ❯

and data breaches, ensuring swift, effective responses to minimize risk to the organization and its clients. Key Responsibilities: 1. Incident Detection and Response: o Utilize advanced SIEM (Security Information and Event Management) tools, threat intelligence platforms, and other security technologies to analyze and correlate security alerts. 2. Threat Hunting & Analysis: o Proactively search for threats across the environment using behavioural … PowerShell, etc.) to automate tasks or create custom detection methods. o Strong experience in handling complex cyber incidents (e.g., APTs, ransomware, data breaches). o Hands-on experience with SIEM platforms (e.g., Splunk, ArcSight, LogRhythm) and endpoint detection/response (EDR) tools. *Certifications (Preferred ): o Certified Information Systems Security Professional (CISSP) o Certified Incident Handler (GCIH, EC-Council) o Certified More ❯

and procedures to protect organizational assets and data. Conduct regular vulnerability assessments and penetration tests to identify and remediate security weaknesses. Monitor and analyze security alerts and reports using SIEM tools to proactively detect threats and anomalies. Investigate security incidents, coordinate with relevant stakeholders, and document findings for continuous improvement. Collaborate with cross-functional teams to integrate security best practices … information security or a closely related field. DOD 8570 IAT Level II Certification may be required (GSEC, GICSP, CND, CySA+, Security+ CE, SSCP or CCNA-Security). Proficiency with SIEM platforms (e.g., Splunk, QRadar) and vulnerability scanning tools (e.g., Nessus). Practical knowledge of security frameworks such as NIST, ISO 27001, and SOC 2. Hands-on experience with common security More ❯

desirable. Minimum 5 years experience in Information Security. Proficiency in security frameworks like NIST, implementing and auditing security measures. Knowledge of Cisco networking, firewalls, VPN, DLP, IDS/IPS, SIEM, and related technologies. Experience with identity access management solutions such as SAML, OAuth. Relevant security certifications (e.g., CISSP, CISM, CEH) are highly desirable. Ability to analyze and recommend security improvements. More ❯

Role Overview: Utilising knowledge of security operations, incident response, and detection engineering, you will be responsible for the delivery of SIEM detections and security automations. The successful candidate will be proficient in automation and orchestration tools (e.g., SOAR platforms, scripting languages like Python, PowerShell) and have experience with integrating security tools (e.g., SIEM, EDR, firewalls) APIs, and Case Management tools … for data enrichment. Responsibilities: Build security automations, logging, and SIEM detections to improve the CDO's efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline CDO operations, including incident response, threat hunting, cyber threat intelligence and vulnerability management. Collaborate with CDO analysts to identify repetitive tasks and automate them to improve operational efficiency. … Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions. Continuously evaluate automation solutions for performance, reliability, and scalability, making improvements, as necessary. Collaborate with third-party vendors and service providers to leverage automation opportunities and ensure successful integrations. Lead technical migration of log sources into More ❯

knowledge of networking protocols, operating systems, and cloud technologies. Strong understanding of security principles, practices, and frameworks (e.g., PCI, NIST, ISO 27001). Experience with security tools such as SIEM, IDS/IPS, endpoint protection, and penetration testing tools. Experience with public cloud security, specifically AWS, Azure, and Google Cloud Platform (GCP). You will have an advantage if you More ❯

maintain secure architectures for infrastructure, cloud, applications, and identity services. Provide high-level technical support and troubleshooting for complex security incidents and system issues. Advise on security technologies including SIEM, EDR, firewalls, IAM, PAM, and cloud-native security tools. Collaborate closely with engineering and operations teams to embed security into system designs and processes. Evaluate and recommend new security tools … ISO/IEC 27001/27002 and MITRE ATT&CK. Hands-on experience with cloud security (AWS, Azure, or GCP), IAM/PAM, network and endpoint protection. Proficiency with SIEM and monitoring tools (e.g., Microsoft Sentinel, Elastic Stack, Splunk, QRadar), and understanding of incident response. Strong knowledge of cybersecurity principles including threat modeling, zero trust, and defense-in-depth. Understanding More ❯

security as a primary requirement). Drive adoption and integration of the latest security technologies. Installing, configuring, updating, and monitoring security tools and software, such as antivirus, encryption, authentication, SIEM etc. Evaluate, research and manage emerging cyber security threats. Support the incident management process, through Root Cause Analysis. Responding to and resolving security incidents and events, such as malware infections More ❯