1 to 25 of 31 Contract SIEM Jobs in England

supporting SOC functions . Understanding of network and host-based telemetry relevant for threat detection Desirable . Azure certifications (SC-200, AZ-500, MS-500) . Experience with LogRhythm SIEM Platform . Knowledge of SOAR tools and automation (Logic Apps, Sentinel Playbooks) Please be aware that this role can only be worked within the UK and not Overseas. Sellafield Ltd More ❯

Skills & Experience: Proven experience in networking and cybersecurity consulting. Strong knowledge of Microsoft 365 security and compliance features. Hands-on experience with Azure networking and security services. Familiarity with SIEM tools, especially Microsoft Sentinel. Understanding of identity and access management (IAM), MFA, and conditional access. Experience with PowerShell, KQL, and automation tools. Excellent communication and stakeholder management skills. Preferred Certifications More ❯

Skills & Experience: Proven experience in networking and cybersecurity consulting. Strong knowledge of Microsoft 365 security and compliance features. Hands-on experience with Azure networking and security services. Familiarity with SIEM tools, especially Microsoft Sentinel. Understanding of identity and access management (IAM), MFA, and conditional access. Experience with PowerShell, KQL, and automation tools. Excellent communication and stakeholder management skills. Preferred Certifications More ❯

cybersecurity operations, with at least 2 years in a leadership or management role. Strong knowledge of SOC operations, incident response, and vulnerability management best practices. Hands-on experience with SIEM tools (e.g., Splunk, QRadar, Sentinel), vulnerability scanners (e.g., Nessus, Qualys), and other security platforms. Relevant certifications such as CISSP, CISM, CEH, GIAC, or GCIA are highly desirable. Excellent problem-solving More ❯

compliance requirements and frameworks (e.g., NIST CSF, ISO 27001, CSA CCM, PCI DSS). Expert-level knowledge of IAM, network security, encryption, API and application security, container security, and SIEM strategies. Proven leadership in DevSecOps practices and securing modern development pipelines. Certifications such as CISSP, CCSP, AWS Security Specialty, TOGAF, or equivalents are highly desirable. Esther Urtecho Senior Delivery Consultant More ❯

Proven ability in designing cyber security systems and governance. Familiar with tools and frameworks (e.g. NCSC, NIST, MITRE, GDPR, PCI DSS). Deep understanding of security controls (e.g. firewalls, SIEM, SOC, DLP). Proficient in leading and coordinating incident response. Effective at managing multiple priorities under pressure. Excellent communicator, able to engage stakeholders at all levels. Skilled in tailoring technical More ❯

access to cloud environments. Non-Human Identity (NHI) Management: Managing access for automated systems and applications. Integration with other security tools: Integrating PAM with other security solutions, such as SIEM and SOAR platforms. Compliance: Understanding and adherence to relevant security and compliance regulations. Teamwork and Collaboration: PAM engineers often work as part of a larger security team. More ❯

and their logging ecosystems. Proven experience in leading complex Splunk projects and client engagements. Preferred Skills: Experience with automation/configuration tools (eg, Ansible, Terraform). Knowledge of other SIEM platforms for comparative insight. Familiarity with DevOps/CI-CD tools and monitoring integrations More ❯

Security Services Strong background in IT network security concepts. Strong knowledge of data and information flows, information governance, network protocols. Knowledge of system hardening techniques. Knowledge and experience in SIEM technologies. Knowledge and experience in vulnerability and risk management processes. Knowledge and experience of applying cybersecurity controls within SAAS environments. Project Engagement Strong stakeholder management skills Knowledge and experience in More ❯

cyber security strategy, risk management, and compliance in alignment with security policies (e.g. RMADS, JSP604, JSP440, SbD). Expertise in Public Key Infrastructure (PKI), identity management and federation, firewalls, SIEM, vulnerability scanning, and cryptography. Experience overseeing incident response, vulnerability management, and security service delivery, ideally within ITIL-aligned environments. Ability to translate complex security concepts into clear, actionable guidance for More ❯

of the UKRI network environment by providing early detection and alerting of potential security breaches. . Implementation of Microsoft Sentinel and migration of data feeds to the existing LogRhythm SIEM to enhance our organisation's security monitoring and incident response capabilities. . Implementation & configuration of security tools across the M365 E5 suite, as well as additional toolsets, with particular emphasis More ❯

Desirable Skills Experience with Azure DevOps and pipelines. Comfortable presenting technical solutions to stakeholders. Exposure to Scaled Agile Framework (SAFe) . Familiarity with or open to learning the ArcSight SIEM toolset (ESM, SmartConnectors, Logger, ArcMC). Tech Stack : Operating Systems : Windows, Linux Tools : VMware, PowerShell, VBScript, Python, Azure DevOps, ArcSight More ❯

You’ll collaborate with IT and business teams to embed security into workflows, manage risks, and respond to incidents—all while driving continuous improvement in our systems. Key Responsibilities SIEM Management: Monitor and optimize Security Information and Event Management (SIEM) tools like Splunk. Firewall & Proxy Audits: Review configurations and coordinate changes with infrastructure teams. Incident Response: Act as part of … penetration tests and security audits. Policy Development: Keep security policies and staff training programs up to date. Requirements Essential: Degree in Computing or related field. Proven experience in cybersecurity, SIEM tools (e.g., Splunk), and ISO 27001 compliance. Knowledge of Microsoft OS, cloud security (Azure/AWS), and risk management. Strong communication skills to engage stakeholders at all levels. Desirable: Certifications More ❯

Security Engineer - SIEM, KQL- sought by investment bank based in London. *Inside IR35 - 3 days a week on-site** Key Responsibilities SIEM Management & Optimization: Design, implement, and maintain Microsoft Sentinel workspaces, connectors, analytics rules, and playbooks Develop advanced KQL queries for threat hunting and reporting Optimize SIEM performance, cost, and data retention policies Troubleshoot log ingestion and parsing issues Log More ❯

for SC Clearance Rate: £650 per day - PAYE via Umbrella Only Role: Lead the development and delivery of a high-level design for a SOC, including associated tooling (e.g. SIEM solution) to support a multi-vendor cloud based back office implementation. Experience with: Industry best practice for SOC service and solution design. Working with organisations with heightened threat response requirements More ❯

Role Title: SIEM Engineer Duration: contract to run until 26/12/2025 Location: Wokingham, Hybrid 2 days onsite Rate: £460 p/d Via Umbrella inside IR35 Clearance required: Active SC is essential Role purpose/summary SIEM Deployment & Management - Set up, configure, and maintain SIEM tools like ArcSight, Splunk, or QRadar. Threat Detection & Analysis - Monitor security logs … Generate reports on security events, trends, and system performance. Collaboration - Work with IT and security teams to improve overall cybersecurity posture. Required Skills & Qualifications Technical Expertise - Strong knowledge of SIEM platforms, network security, and cybersecurity frameworks. Certifications - CISSP, CEH, GIAC, or vendor-specific SIEM certifications. Programming & Scripting - Familiarity with Python, PowerShell, or other scripting languages. Analytical Thinking - Ability to analyze More ❯

security posture to meet baseline compliance and operational requirements Partner with engineering teams, customers, and government agencies to develop security policies, operational processes, technical designs, and ensure integration with SIEM and monitoring systems. Demonstrated proficiency in network/system security (Firewalls, IDS/IPS, micro-segmentation), IAM (RBAC, ABAC, JWT), secure coding practices (OWASP, SANS), and hands-on experience with More ❯

security posture to meet baseline compliance and operational requirements Partner with engineering teams, customers, and government agencies to develop security policies, operational processes, technical designs, and ensure integration with SIEM and monitoring systems. Demonstrated proficiency in network/system security (firewalls, IDS/IPS, micro-segmentation), IAM (RBAC, ABAC, JWT), secure coding practices (OWASP, SANS), and hands-on experience with More ❯

Engineer (SC Cleared) - Contract Location: United Kingdom 100% Remote? Duration: 6 Months Clearance: Active SC Clearance is required Are you a hands-on Security Engineer with deep expertise in SIEM , Azure Sentinel , and incident response Join a dynamic cyber security team to support a critical national infrastructure (CNI) project involving the deployment of Windows Hello for a major UK utility … company. What You'll Be Doing: Supporting and tuning Microsoft Sentinel and other SIEM platforms (KQL scripting) Managing escalated incidents from L1 analysts and leading full incident response lifecycle (MIM) Conducting in-depth data analysis , threat hunting, and forensic investigations Maintaining and enhancing SOC documentation, SOPs, and playbooks Collaborating with cross-functional teams and contributing to security strategy Ensuring security … policies align with standards like NIST, ISO 27001, MITRE ATT&CK We're Looking for Someone With: Expert-level SIEM experience (Azure Sentinel highly preferred) Strong knowledge of Kusto Query Language (KQL) Demonstrated experience in cybersecurity incident response & breach handling Familiarity with threat intelligence, vulnerability management , and cloud security tools Proactive mindset with ability to work independently in high-pressure More ❯

candidates will possess an active DV Security clearance and have a solid background in Cyber Security, with the following skills and experience: Proficiency in Security Information and Event Management (SIEM), including tools such as Splunk, Defender, and Tenable Threat Modelling System solutions, as well as with IDS/IPS and vulnerability scanners. Experience in SOC operations, incident response, and forensic More ❯

Centre (ISOC); ability to detect, response and utilise related platform and applications to perform cyber security initiatives. Knowledge of concept, procedures and processes of Security Information and Event Management (SIEM); ability to utilise related applications to protect organisational networks from cyber risks. Knowledge of technologies and technology-based solutions dealing with information security issues; ability to apply these in protecting More ❯

My client, a leading IT Security focused Managed Services Provider is looking to hire a new SIEM focused SOC Engineer for a 6 month project based in Birmingham. The primary function of the Senior SOC Engineer is to enhance our security operations capabilities. This role requires deep expertise in SIEM platforms, including Splunk, IBM QRadar, Microsoft Defender, Microsoft Sentinel, and … Chronicle, with a strong focus on playbook development, analytical rule creation, and threat modelling. You will be instrumental in building and optimizing our detection and response strategies. Job Duties SIEM Engineering & Management Deploy, configure, and maintain SIEM platforms (Splunk, QRadar, Sentinel, Defender, Chronicle). Onboard and normalize log sources across cloud and on-prem environments. Develop and optimize analytical rules … for threat detection, anomaly detection, and behavioural analysis. Skills Must be able to obtain SC Clearance or already hold SC clearance. SIEM Expertise: Hands-on experience with at least two of the following: Splunk IBM QRadar Microsoft Defender for Endpoint Microsoft Sentinel Google Chronicle Technical Skills: Strong knowledge of log formats, parsing, and normalization. Experience with KQL, SPL, AQL, or More ❯

have to close our posts early. Don't miss out! Person Specification Knowledge and Experience Essential Extensive knowledge of concept, procedures and processes of Security Information and Event Management (SIEM); ability to utilize related applications to protect organizational networks from cyber risks. In-depth knowledge of modules, processes and technologies of Information Security Operation Centre (ISOC); ability to detect, response More ❯

and responding to security incidents. Your responsibilities will include: Controlling communications at external and internal system boundaries using firewalls, Intrusion Protection Systems (IPS), and Security Information and Event Management (SIEM) tools. Updating and maintaining network access control (NAC) and antivirus solutions. Monitoring and reviewing logs to detect unauthorized access attempts and ensure compliance with security policies. Maintaining accurate records of More ❯

and responding to security incidents. Your responsibilities will include: Controlling communications at external and internal system boundaries using firewalls, Intrusion Protection Systems (IPS), and Security Information and Event Management (SIEM) tools. Updating and maintaining network access control (NAC) and antivirus solutions. Monitoring and reviewing logs to detect unauthorized access attempts and ensure compliance with security policies. Maintaining accurate records of More ❯