1 to 25 of 99 Remote SIEM Jobs

governance, assurance frameworks, and audit processes (ISO 27001, NIST, GDPR, Cyber Essentials Plus). Experience with modern security tooling such as:o Cortex XDR/Palo Alto Networkso Splunk (SIEM and dashboarding)o Abnormal Security (email security)o Prisma Cloud (cloud security posture management)o Airlock (application and API security)o Nucleus (vulnerability management and reporting) Deep knowledge of incident More ❯

experience. Proven experience within a SOC (Security Operations Centre) or NOC (Network Operations Centre). Strong understanding of incident response methodologies and the MITRE ATT&CK framework. Experience using SIEM, IDS/IPS, vulnerability scanners, and Azure security tools. Technical expertise in Microsoft Defender, EDR (Endpoint Detection and Response), and network architecture. Practical experience managing cyber incidents and implementing secure More ❯

experience. Proven experience within a SOC (Security Operations Centre) or NOC (Network Operations Centre). Strong understanding of incident response methodologies and the MITRE ATT&CK framework. Experience using SIEM, IDS/IPS, vulnerability scanners, and Azure security tools. Technical expertise in Microsoft Defender, EDR (Endpoint Detection and Response), and network architecture. Practical experience managing cyber incidents and implementing secure More ❯

apps with a focus on AWS and Azure Cloud. Design and develop automation to build cloud security accelerators and IP. Experience with Security Operations teams to build and maintain SIEM, SOAR and XDR technology. Analyze and resolve configuration issues in development, test, and production environments. Familiar with major security compliance frameworks and building effective monitoring, logging, and auditing of production More ❯

apps with a focus on AWS and Azure Cloud. Design and develop automation to build cloud security accelerators and IP. Experience with Security Operations teams to build and maintain SIEM, SOAR and XDR technology. Analyze and resolve configuration issues in development, test, and production environments. Familiar with major security compliance frameworks and building effective monitoring, logging, and auditing of production More ❯

apps with a focus on AWS and Azure Cloud. Design and develop automation to build cloud security accelerators and IP. Experience with Security Operations teams to build and maintain SIEM, SOAR and XDR technology. Analyze and resolve configuration issues in development, test, and production environments. Familiar with major security compliance frameworks and building effective monitoring, logging, and auditing of production More ❯

emerging tech. The following would also be of interest: Certifications in automation/cloud (Azure Solutions Architect, Terraform, GIAC), vulnerability management (Qualys, ISO 27001, NIST). Experience with SOAR, SIEM, XDR, and cloud-native security (especially Azure). Pre-sales or solution architecture exposure. What can we offer you? Through our one of a kind training programme, the Littlefish Academy More ❯

the following: Minimum 2 years' experience of 1st-3rd level technical support of IT infrastructure or security, both in person and remote. Demonstrate detailed knowledge of: oIT system monitoring (SIEM). oSecurity Incident Management. Demonstrate detailed knowledge of Information Security in several of the following areas: oIntrusion detection and prevention systems. oVulnerability Management. oNetwork technology and operations. oWindows 10 and More ❯

Contract SIEM Engineer Exciting contract opportunity to join a high-performing cybersecurity team Hybrid working model, three days onsite and two remote Contribute to cutting-edge SIEM and EDR deployments for a large-scale organisation Up to £410 per day (Inside IR35) Active SC clearance required ABOUT THE CLIENT: Our client is a well-established technology-driven organisation with a … advancing its cybersecurity capabilities. You will join a dedicated security team working to enhance threat detection and response across complex environments. This is a crucial role for an experienced SIEM Engineer to make a measurable impact by improving resilience and operational security. THE BENEFITS: Up to £410 per day (Inside IR35) Hybrid working arrangement Collaborative and innovative security culture Opportunity … to work with leading SIEM and EDR technologies THE SIEM ENGINEER ROLE: As a SIEM Engineer, you will design, deploy, and maintain SIEM and EDR solutions that strengthen the organisation's security posture. You will work closely with IT and security teams to manage log ingestion, implement integrations, and monitor system activity for potential threats. SIEM ENGINEER ESSENTIAL SKILLS: Proven More ❯

Conduct regular security audits and assessments to identify and remediate risks. Apply industry frameworks such as NIST Cybersecurity Framework, ISO 27001, CIS Controls . Oversee and enhance security technologies: SIEM, vulnerability management, cloud security (OCI/Azure/AWS), PKI, cryptography, web/email security, logging and monitoring . Monitor network traffic for anomalies and potential breaches. Collaborate with IT More ❯

are met. Ensure the IAM service follows and complies with IT and Information Security policies and regulatory standards. Help configure and keep current the integration of IAM technologies with SIEM, SOAR, Service Desk and other tools. Work closely with relevant vendors to ensure optimised use of the supplied technologies and professional services. Serve as an escalation point for issues of More ❯

of security goals. What do we need from you? Deep expertise in securing cloud platforms (AWS, Azure, GCP) with a focus on financial services Proven experience with tools like SIEM, SOAR, IDS/IPS, and cloud-native security solutions Strong understanding of encryption protocols, key management systems, and IAM best practices Hands-on experience with container security tools for Kubernetes More ❯

attack chain details of detected attacks (successful and failed) and feeding them back into detection capability. · Responsible for ensuring monitoring effectiveness and efficiency via the creation and updating of SIEM/SOAR playbooks, in line with changing attacker techniques tactics and procedures (TTP's) · Use Intrusion Analysis skills and experience to provide input to new detection techniques and research new More ❯

and solution-level security architectures in hybrid and cloud (AWS/Azure) environments. Strong hands-on expertise with enterprise security platforms – including Endpoint Protection, Cloud Security, Network Security, DevSecOps, SIEM/SOAR, and vulnerability management. Deep understanding of secure design principles, IAM, encryption, API security, and application security. Experience performing threat modelling, security risk assessments, and control design validation. In More ❯

and solution-level security architectures in hybrid and cloud (AWS/Azure) environments. Strong hands-on expertise with enterprise security platforms – including Endpoint Protection, Cloud Security, Network Security, DevSecOps, SIEM/SOAR, and vulnerability management. Deep understanding of secure design principles, IAM, encryption, API security, and application security. Experience performing threat modelling, security risk assessments, and control design validation. In More ❯

and solution-level security architectures in hybrid and cloud (AWS/Azure) environments. Strong hands-on expertise with enterprise security platforms – including Endpoint Protection, Cloud Security, Network Security, DevSecOps, SIEM/SOAR, and vulnerability management. Deep understanding of secure design principles, IAM, encryption, API security, and application security. Experience performing threat modelling, security risk assessments, and control design validation. In More ❯

and solution-level security architectures in hybrid and cloud (AWS/Azure) environments. Strong hands-on expertise with enterprise security platforms – including Endpoint Protection, Cloud Security, Network Security, DevSecOps, SIEM/SOAR, and vulnerability management. Deep understanding of secure design principles, IAM, encryption, API security, and application security. Experience performing threat modelling, security risk assessments, and control design validation. In More ❯

information security, risk, or compliance roles. Strong understanding of ISMS principles (ISO 27001) and audit support for SOC 2 Type II. Hands-on experience with security tools and controls - SIEM, IAM/PAM, endpoint protection, vulnerability management. Working knowledge of data-protection and privacy standards (GDPR, HIPAA). Excellent communication skills - able to collaborate across technical and non-technical teams. More ❯

day-to-day operations of the Counter Threat Unit, ensuring security controls are effectively implemented across infrastructure and cloud environments. Configure, maintain, and optimise security tools and solutions (e.g., SIEM, EDR )to protect enterprise systems. Monitor systems and networks for anomalies, gather and analyse threat intelligence, and contribute to situational awareness. Investigate and resolve security incidents in line with organisational More ❯

and automation. Consulting experience across IT and digital teams. Flexibility for occasional travel and out-of-hours support. Desirable: Exposure to MxDR/SOC environments and advanced security protocols (SIEM, IDS/IPS, firewalls). Knowledge of GDPR, Cyber Essentials+, PCI-DSS, and other compliance standards. Strong grasp of data protection legislation (e.g., GDPR, Data Protection Act). Why Join More ❯

effectiveness, and support compliance with ISO 27001, GDPR, and Cyber Essentials Plus Technology NIST, CIS, NCSC, Mitre Att&ck, Security Scorecard, M365/Azure Security Center Azure Security Center, SIEM, Defender ATP, M365 Security, Data Compliance and Governance, PIM & PAM Zscaler (ZTNA), Darktrace, Firewalls, NAC, Network segregation, remote access & wireless technologies Windows & KQL (MS Sentinel) scripting Cloud computing (IaaS, PaaS More ❯

3+ years in threat intelligence, SOC operations, malware analysis, or cybersecurity research. Certifications (Preferred): CTIA, GCTI, CISSP, CEH, OSCP, or equivalent. Technical Proficiency: Experience with Threat Intelligence Platforms (TIPs), SIEM (Splunk, QRadar), and EDR solutions. Proficiency in OSINT tools (Shodan, VirusTotal, Threat Intelligence Feeds, MISP, Maltego). Strong understanding of MITRE ATT&CK, cyber kill chain, and adversary tactics. Familiarity More ❯

of Security Operations working within or alongside Security Operations Centre(s). Experience working in all hyperscaler environments, preferably holding Professional Cloud Architect or equivalent Certification. Experience with multiple SIEM & SOAR Tooling, preferably Google SecOps (formerly Chronicle/Simplify). Strong written, verbal and presentation skills. Excellent communication and interpersonal skills, with the ability to build strong relationships with clients More ❯

requirements • Participating in the execution of daily checks raising any findings or anomalies to the CDC specialist for further investigation • Identifying and reporting inconsistencies or repetitive false positives in SIEM alerts to support alert tuning and reduce unnecessary noise • Escalating cases to the threat intelligence team when deeper intelligence correlation is required • Working with the operational technology cyber team to More ❯

IOT/Mobile technologies and related security best practices Cloud technologies (Amazon Web Services ("AWS"), Azure, etc.) and their operation and security best practices Identity and access management solutions SIEM CASB SOC design, build and operation Strong analytical mind and problem-solving skills. Excellent project management and interpersonal skills. Consulting experience (beneficial). Understanding of modern security concepts and principles More ❯