1 to 25 of 147 Remote SIEM Jobs

IoT, Cloud, Infrastructure and Network Security controls; Programming/scripting experience (Powershell, ASP, .NET, Python, Perl); Log analysis and configuration reviews across infrastructure components including- Servers, Firewalls, WAF's, SIEM, VMware, etc Security Engineering or Architecture (SABSA an advantage) Knowledge of CI/CD would be an advantage Specifying and performing vulnerability analysis and review pen test and scan results More ❯

digital forensics, malware analysis, threat intelligence, and cyber security Experience with incident response frameworks, such as NIST or MITRE ATT&CK Knowledge of cyber kill chain methodologies Knowledge of SIEM, such as Elastic, QRadar, or Sentinel, EDR, such as CrowdStrike or Microsoft Defender, IDS, and IPS Ability to work under pressure, prioritize, and deliver results Secret clearance Bachelor's degree More ❯

of proven experience in information security management, covering risk management, incident response, threat intelligence, and cyber security solutions. Strong knowledge of security technologies and controls (e.g., firewalls/WAF, SIEM, anti-malware, mobile application security, IAM/PAM) with exposure to cloud security (AWS). Experience conducting vulnerability assessments, penetration testing, and security evaluations, with the ability to analyse events More ❯

with Microsoft Cloud technologies ESSENTIAL Other requirements: Proven experience with Microsoft Sentinel, Microsoft Defender for Cloud, and Microsoft Purview in real-world environments. Strong understanding of cloud security architecture, SIEM/SOAR, compliance frameworks (e.g., ISO 27001, NIST, GDPR), and data protection. Familiarity with Azure, Microsoft 365, and hybrid cloud environments. Understanding of security operations, incident response, and threat intelligence. More ❯

repetition) 1.Incident Detection and Response: oLead investigations and remediation of complex security incidents, including malware infections, data breaches, and advanced persistent threats (APTs). oUtilize advanced SIEM (Security Information and Event Management) tools, threat intelligence platforms, and other security technologies to analyze and correlate security alerts. oTake ownership of Tier 2-level escalations from Tier 1 analysts and guide them … incidents 4.Incident Detection and Response: oLead investigations and remediation of complex security incidents, including malware infections, data breaches, and advanced persistent threats (APTs). oUtilize advanced SIEM (Security Information and Event Management) tools, threat intelligence platforms, and other security technologies to analyze and correlate security alerts. oTake ownership of Tier 2-level escalations from Tier 1 analysts and guide them … of experience in cybersecurity, with incident response, digital forensics, or threat hunting. oStrong experience in handling complex cyber incidents (e.g., APTs, ransomware, data breaches). oHands-on experience with SIEM platforms (e.g., Splunk, ArcSight, LogRhythm) and endpoint detection/response (EDR) tools. Technical Skills: oProficient in incident response tools and techniques, including network and system forensics, malware analysis, and memory More ❯

Essentials Plus). Experience aligning infrastructure builds with cyber security standards such as NCSC guidance, CIS benchmarks, or Microsoft Security Baselines. Experience implementing monitoring, logging, and alerting toolsets including SIEM and threat detection platforms. Understanding of data classification, encryption, and secure storage/access principles. Familiarity with endpoint protection platforms and vulnerability management tools. Experience securing hybrid identity solutions and More ❯

in: Monitoring and Responding to Threats : Assist in identifying suspicious activity and responding to security incidents in real time Security Tools and Technologies : Gain hands-on experience with firewalls, SIEM tools (e.g., Splunk, Microsoft Sentinel), endpoint protection, and vulnerability scanners Vulnerability Assessments : Help run scans to identify weaknesses in systems and recommend remediation actions Policy and Compliance Support : Assist in More ❯

in: Monitoring and Responding to Threats : Assist in identifying suspicious activity and responding to security incidents in real time Security Tools and Technologies : Gain hands-on experience with firewalls, SIEM tools (e.g., Splunk, Microsoft Sentinel), endpoint protection, and vulnerability scanners Vulnerability Assessments : Help run scans to identify weaknesses in systems and recommend remediation actions Policy and Compliance Support : Assist in More ❯

in: Monitoring and Responding to Threats : Assist in identifying suspicious activity and responding to security incidents in real time Security Tools and Technologies : Gain hands-on experience with firewalls, SIEM tools (e.g., Splunk, Microsoft Sentinel), endpoint protection, and vulnerability scanners Vulnerability Assessments : Help run scans to identify weaknesses in systems and recommend remediation actions Policy and Compliance Support : Assist in More ❯

in: Monitoring and Responding to Threats : Assist in identifying suspicious activity and responding to security incidents in real time Security Tools and Technologies : Gain hands-on experience with firewalls, SIEM tools (e.g., Splunk, Microsoft Sentinel), endpoint protection, and vulnerability scanners Vulnerability Assessments : Help run scans to identify weaknesses in systems and recommend remediation actions Policy and Compliance Support : Assist in More ❯

in: Monitoring and Responding to Threats : Assist in identifying suspicious activity and responding to security incidents in real time Security Tools and Technologies : Gain hands-on experience with firewalls, SIEM tools (e.g., Splunk, Microsoft Sentinel), endpoint protection, and vulnerability scanners Vulnerability Assessments : Help run scans to identify weaknesses in systems and recommend remediation actions Policy and Compliance Support : Assist in More ❯

in: Monitoring and Responding to Threats : Assist in identifying suspicious activity and responding to security incidents in real time Security Tools and Technologies : Gain hands-on experience with firewalls, SIEM tools (e.g., Splunk, Microsoft Sentinel), endpoint protection, and vulnerability scanners Vulnerability Assessments : Help run scans to identify weaknesses in systems and recommend remediation actions Policy and Compliance Support : Assist in More ❯

or solutions architecture role. Background working with or for a VAR, Systems Integrator, or Security Vendor highly desirable . Technical Expertise Strong understanding of enterprise security technologies, including firewalls, SIEM/SOAR, IAM, DLP, SASE, Zero Trust, and cloud security. Working knowledge of AWS, Azure, and GCP security services. Broad understanding of networking, virtualisation, and enterprise infrastructure. CISSP, CCSP, or More ❯

and on-premise troubleshooting environments * Relevant Azure security certifications (e.g. AZ-500, Azure Security Engineer Associate), IS(phone number removed) Auditor * Familiarity with security automation and monitoring tools (e.g. SIEM/SOAR) * Proficiency with Cisco and/or Meraki network admin (LAN, VPN, Firewalls) For more information or immediate consideration for this opportunity, please contact Charlie Grant at CPS Group More ❯

programming language - Demonstrable experience in using SOAR tooling and its application - Application of data science against large datasets involving unstructured data and designing data models - Knowledge of using SIEM platforms to identify suspected security events and creating content to enhance the platform - Knowledge of custom API's to leverage the SOAR's functionality - Ability to communicate to other stakeholders across More ❯

programming language - Demonstrable experience in using SOAR tooling and its application - Application of data science against large datasets involving unstructured data and designing data models - Knowledge of using SIEM platforms to identify suspected security events and creating content to enhance the platform - Knowledge of custom API's to leverage the SOAR's functionality - Ability to communicate to other stakeholders across More ❯

Security+, CISSP, etc) required. Experience operating in classified environments. Bachelor's degree in a related area or at least 8 years of related work experience. Robust understanding of identity, SIEM, cybersecurity, and infrastructure concepts. Strong Linux and scripting (Python, Ansible, Teraform, JSON, others.) experience. Ability to troubleshoot Splunk instances. Create custom Splunk reports, dashboards, and content per customer requirements. Strong More ❯

Computer Science, Information Systems, or similar field 4 years of experience in Cyber Security Proficient with programming in Python, Rust, C/C++, or other relevant language Experience using SIEM tools, SOAR/Orchestration tools, EDR tools, Penetration Test or Vulnerability Assessment tools, or Incident Response procedures and tools Understanding of cybersecurity threats and countermeasures Advanced knowledge and understanding of More ❯

of Security Operations working within or alongside Security Operations Centre(s). Experience working in all hyperscaler environments, preferably holding Professional Cloud Architect or equivalent Certification. Experience with multiple SIEM & SOAR Tooling, preferably Google SecOps (formerly Chronicle/Simplify). Strong written, verbal and presentation skills. Excellent communication and interpersonal skills, with the ability to build strong relationships with clients More ❯

organisational procedures and business continuity plans. Operate tools and processes to identify vulnerabilities and support timely patching across systems and infrastructure. Configure and maintain security tools and systems (eg SIEM, Firewalls) in accordance with defined policies and procedures. Support the production of security metrics and documentation; share knowledge and best practice with colleagues to promote security awareness. Skills and experience More ❯

logs from a variety of enterprise and security systems. Familiarity with regular expressions (regex), SPL (Search Processing Language), and custom log ingestion. Knowledge of cybersecurity operations, incident response, and SIEM use cases. Strong scripting skills (Python, PowerShell, Bash) for automation and customization. Preferred Qualifications: Splunk Core Certified Admin or Architect; Splunk ES experience strongly preferred. Experience working in highly secure More ❯

and automation. Consulting experience across IT and digital teams. Flexibility for occasional travel and out-of-hours support. Desirable: Exposure to MxDR/SOC environments and advanced security protocols (SIEM, IDS/IPS, firewalls). Knowledge of GDPR, Cyber Essentials+, PCI-DSS, and other compliance standards. Strong grasp of data protection legislation (e.g., GDPR, Data Protection Act). Why Join More ❯

creation, and threat modelling. The Senior SOC Engineer will play a key role in building and optimising detection and response strategies, ensuring robust protection against evolving threats. Key Responsibilities SIEM Engineering & Management Deploy, configure, and maintain the QRadar SIEM platform. Onboard and normalise log sources across on-premises and cloud environments. Develop and optimise analytical rules for threat detection, anomaly … Modelling & Use Case Development Lead threat modelling exercises using frameworks such as MITRE ATT&CK, STRIDE, and Cyber Kill Chain. Translate threat models into actionable detection use cases and SIEM rules. Prioritise detection engineering based on business risk and impact. Reporting & Collaboration Produce reports and dashboards to communicate security posture and incident trends. Partner with IT, DevOps, and compliance teams … to clients. Participate in continual service improvement initiatives, recommending changes to address recurring incidents. Skills & Qualifications Eligible for, or already holding, SC Clearance. Proven expertise in IBM QRadar and SIEM engineering. Strong knowledge of log formats, parsing, and normalisation. Proficiency in SIEM query languages such as KQL, SPL, AQL. Scripting experience with Python or PowerShell for automation. Deep understanding of More ❯

may introduce new service areas (i.e., Cloud Computing, DevSecOps, etc.). • Planning, implementing, monitoring, and upgrading security measures for the protection of the program data, systems, and networks (i.e., SIEM, DLP, etc). • Ensuring that the organization's data and infrastructure are protected by enabling the appropriate security controls. • Troubleshooting technical security and network problems. • Leads system and/or More ❯

Regulatory requirement expertise - Cyber Essentials Plus, ISO 27001 and GDPR Microsoft security tools - Defender, Entra ID, Purview Cloud platform exposure - Azure preferred Broad experience of configuring and management of SIEM tooling Certifications CISSP, CISM are a non-negotiable Hands-on expertise with identity and access management, endpoint protection, vulnerability and patch management and cloud security. Ability to explain complex technical More ❯