1 to 25 of 103 Remote SIEM Jobs

and operations teams to support strategic security objectives, improve detection coverage, and respond to evolving cyber threats. Key Responsibilities SIEM Solution Development Design and implement SIEM solutions in collaboration with security analysts and architects. Develop, optimise, and maintain detection rules, alerts, and dashboards to improve threat visibility. Support the full … incident response tooling. Stay current with emerging threats, attack techniques, and security best practices. Essential Skills & Experience SIEM & Detection Engineering Strong experience configuring and operating SIEM platforms (Elasticsearch-based solutions preferred). Ability to create, test, and optimise detection rules aligned to the MITRE ATT&CK framework. Experience improving detection ...

Security controls. Programming/scripting experience (PowerShell, ASP, .NET, Python, Perl). Log analysis and configuration reviews across infrastructure components including servers, firewalls, WAFs, SIEM, VMware, etc. Security Engineering or Architecture (SABSA an advantage). Knowledge of CI/CD is advantageous. Specifying and performing vulnerability analysis and review ...

modern cloud security ecosystems. Ability to interpret logs, security events, and SOC output to support investigations. Experience working with or managing third party SOC, SIEM, and security vendors. Background in overseeing penetration tests and managing remediation activity. Solid understanding of incident response, vulnerability management, and general cyber defence principles. Experience ...

continuous compliance. Develop automated remediation workflows for security findings. Monitoring & Incident Response: Implement monitoring and alerting for security events using AWS native tools and SIEM integrations. Support incident response and root cause analysis for security breaches or vulnerabilities. Maintain documentation and runbooks for security operations. Collaboration & Enablement: - Work closely with ...

continuous compliance. Develop automated remediation workflows for security findings. Monitoring & Incident Response: Implement monitoring and alerting for security events using AWS native tools and SIEM integrations. Support incident response and root cause analysis for security breaches or vulnerabilities. Maintain documentation and runbooks for security operations. Collaboration & Enablement: - Work closely with ...

Lead investigations and remediation of complex security incidents, including malware infections, data breaches, and advanced persistent threats (APTs). Utilize advanced SIEM (Security Information and Event Management) tools, threat intelligence platforms, and other security technologies to analyze and correlate security alerts. Take ownership of Tier 2-level escalations from Tier … Lead investigations and remediation of complex security incidents, including malware infections, data breaches, and advanced persistent threats (APTs). Utilize advanced SIEM (Security Information and Event Management) tools, threat intelligence platforms, and other security technologies to analyze and correlate security alerts. Take ownership of Tier 2-level escalations from Tier ...

Strong understanding of cloud security (IaaS, PaaS, SaaS, CASB, Zero Trust, micro-segmentation) Broad knowledge of security technologies (firewalls, IDS/IPS, endpoint protection, SIEM, SOAR, DLP, PKI, cryptography) Solid understanding of IAM concepts (RBAC, ABAC, PAM, SSO) Strong analytical skills with the ability to interpret complex technical information Good ...

service follows and complies with IT and Information Security policies and regulatory standards. Help configure and keep current the integration of IAM technologies with SIEM, SOAR, Service Desk and other tools. Work closely with relevant vendors to ensure optimised use of the supplied technologies and professional services. Serve ...

skills are essential for this position. Knowledge of information security standards (e.g., ISO 17799/27002/27001/PCI DSS/SIEM, etc.), rules and regulations related to information security and data confidentiality (e.g., FERPA, HIPAA, etc.) and key network security principles for risk identification and analysis. Knowledge ...

Knowledge of REST APIs and system integrations . Familiarity with cloud platforms (AWS, Azure or GCP) . Awareness of security tools, SOC operations or SIEM platforms . Containerisation knowledge ( Docker ). Cyber security certifications (e.g. CompTIA Security+ , equivalent). Benefits Competitive salary and benefits package. Structured training and career development. ...

need from you? Deep expertise in securing cloud platforms (AWS, Azure, GCP) with a focus on financial services Proven experience with tools like SIEM, SOAR, IDS/IPS, and cloud-native security solutions Strong understanding of encryption protocols, key management systems, and IAM best practices Hands-on experience with container ...

with day-to-day responsibilities. Essential Skills and Experience: SC clearance required to start; DV sponsorship available. Proven expertise with Splunk and Microsoft Sentinel SIEM platforms. Strong programming skills in Python , with experience developing automation and Detection as Code pipelines. Proficiency in KQL and SPL for creating efficient, high-fidelity ...

skills are essential for this position. Knowledge of information security standards (e.g., ISO 17799/27002/27001/PCI DSS/SIEM, etc.), rules and regulations related to information security and data confidentiality (e.g., FERPA, HIPAA, etc.) and key network security principles for risk identification and analysis. Associated Benefits ...

Cloud Platforms Experience with private & public cloud such as AWS & Azure Security Experience with MDM, MFA, Email filtering, Next generation firewalls & Anti-Virus solutions, SIEM Solutions such as Sentinel Skills An ability to work independently and perform their own research Ability to work under pressure Creative problem solving Ability ...

Implement least privilege access models and enforce secure credential management - Monitor and audit privileged access activities across systems and applications - Integrate PAM tools with SIEM, IAM, and other security platforms - Develop and maintain policies, procedures, and documentation for PAM operations - Conduct regular access reviews, privilege audits, and risk assessments - Collaborate ...

/Entra ID, AWS IAM, GCP IAM, MFA, SSO, Zero Trust. Network & Infrastructure Security * Cloud-native Firewalls, WAF solutions, VPN, ZTNA, API security. SIEM & Endpoint Security * Splunk, Microsoft Sentinel, Elastic Security, CrowdStrike, Defender XDR. Certifications * CCSP, CISSP, CISM, Security+, CySA+, CEH, ISO 27001 Lead Implementer/Lead Auditor, CISA ...

knowledge and experience, with AWS expertise and ideally also some GCP experience You have Python programming skills You have hands-on experience with firewalls, SIEM tools, vulnerability scanners and other security technologies that protect systems You enjoy problem solving, identifying vulnerabilities and evaluating threats You're a data driven decision ...

looking for a new start in the New Year, please reach out! The role: Monitor, triage, and investigate security alerts and incidents using SIEM tools Support SOC incident triage, assessing scope, urgency, and mitigation actions Assist with incident response activities, including investigation and remediation Manage and respond to security-related ...

with live incidents, real attackers, and industry-leading tools — not just alert watching. What you'll be doing Monitoring, triaging & investigating alerts across SIEM/EDR/XDR Analysing attacker behaviour & building incident timelines Escalating incidents with clear technical context Using tools such as Microsoft Sentinel, Google SecOps, Defender ...

with live incidents, real attackers, and industry-leading tools — not just alert watching. What you'll be doing Monitoring, triaging & investigating alerts across SIEM/EDR/XDR Analysing attacker behaviour & building incident timelines Escalating incidents with clear technical context Using tools such as Microsoft Sentinel, Google SecOps, Defender ...

with live incidents, real attackers, and industry-leading tools — not just alert watching. What you'll be doing Monitoring, triaging & investigating alerts across SIEM/EDR/XDR Analysing attacker behaviour & building incident timelines Escalating incidents with clear technical context Using tools such as Microsoft Sentinel, Google SecOps, Defender ...

with live incidents, real attackers, and industry-leading tools — not just alert watching. What you'll be doing Monitoring, triaging & investigating alerts across SIEM/EDR/XDR Analysing attacker behaviour & building incident timelines Escalating incidents with clear technical context Using tools such as Microsoft Sentinel, Google SecOps, Defender ...

with live incidents, real attackers, and industry-leading tools — not just alert watching. What you’ll be doing Monitoring, triaging & investigating alerts across SIEM/EDR/XDR Analysing attacker behaviour & building incident timelines Escalating incidents with clear technical context Using tools such as Microsoft Sentinel, Google SecOps, Defender ...

with live incidents, real attackers, and industry-leading tools — not just alert watching. What you'll be doing Monitoring, triaging & investigating alerts across SIEM/EDR/XDR Analysing attacker behaviour & building incident timelines Escalating incidents with clear technical context Using tools such as Microsoft Sentinel, Google SecOps, Defender ...

with live incidents, real attackers, and industry-leading tools — not just alert watching. What you'll be doing Monitoring, triaging & investigating alerts across SIEM/EDR/XDR Analysing attacker behaviour & building incident timelines Escalating incidents with clear technical context Using tools such as Microsoft Sentinel, Google SecOps, Defender ...