1 to 25 of 48 Contract SIEM Jobs in the UK

and on-premise troubleshooting environments * Relevant Azure security certifications (e.g. AZ-500, Azure Security Engineer Associate), IS(phone number removed) Auditor * Familiarity with security automation and monitoring tools (e.g. SIEM/SOAR) * Proficiency with Cisco and/or Meraki network admin (LAN, VPN, Firewalls) For more information or immediate consideration for this opportunity, please contact Charlie Grant at CPS Group More ❯

programming language - Demonstrable experience in using SOAR tooling and its application - Application of data science against large datasets involving unstructured data and designing data models - Knowledge of using SIEM platforms to identify suspected security events and creating content to enhance the platform - Knowledge of custom API's to leverage the SOAR's functionality - Ability to communicate to other stakeholders across More ❯

programming language - Demonstrable experience in using SOAR tooling and its application - Application of data science against large datasets involving unstructured data and designing data models - Knowledge of using SIEM platforms to identify suspected security events and creating content to enhance the platform - Knowledge of custom API's to leverage the SOAR's functionality - Ability to communicate to other stakeholders across More ❯

AD) Microsoft Purview Microsoft Intune Azure Security Center Information Security (On-Premise): Firewalls (e.g. Palo Alto, Fortinet) Intrusion Detection/Prevention Systems (IDS/IPS) Endpoint Protection Platforms (EPP) SIEM tools (on-prem or hybrid) Identity & Access Management (IAM) Patch management and vulnerability scanning Data Loss Prevention (DLP) Candidate Profile Proven experience delivering large-scale cyber and information security programmes More ❯

for apprentice security analysts, providing coaching, mentoring, and line management. What We’re Looking For 2-3 years’ experience investigating and responding to cyber incidents. Hands-on use of SIEM tools (Splunk preferred, Microsoft Sentinel or equivalent acceptable). Experience with EDR solutions to support incident investigation. Understanding of threat actor tools, techniques, and procedures (TTPs). Strong analytical and More ❯

AD) Microsoft Purview Microsoft Intune Azure Security Center Information Security (On-Premise): Firewalls (e.g. Palo Alto, Fortinet) Intrusion Detection/Prevention Systems (IDS/IPS) Endpoint Protection Platforms (EPP) SIEM tools (on-prem or hybrid) Identity & Access Management (IAM) Patch management and vulnerability scanning tools Data Loss Prevention (DLP) solutions Candidate Profile: Strong hands-on experience in cyber and information More ❯

onboarding 67 critical services and 72+ services proactively monitored by our in-house SOC (Security Operations Centre). Essential Criteria for the Role 2+ years in security platforms management (SIEM, SOAR). Expertise in enterprise-level monitoring and supporting large user bases (10,000+ users). Experience in creating/managing security playbooks and knowledge of public sector standards. Experience More ❯

our in-house SOC (Security Operations Centre). Please note that this role requires a current SC Clearance Essential Criteria for the Role 2+ years in security platforms management (SIEM, SOAR). Expertise in enterprise-level monitoring and supporting large user bases (10,000+ users). Experience in creating/managing security playbooks and knowledge of public sector standards. Experience More ❯

understanding of Azure identity, network security, encryption, and data protection . Experience with security frameworks (SABSA, TOGAF) and enterprise architecture governance. Hands-on familiarity with security tooling such as SIEM, Defender for Cloud, Key Vault, Sentinel, etc. Strong stakeholder engagement and communication skills across business, risk, and technical domains. Experience working within consulting or global programmes is highly advantageous. Full More ❯

UAGs, Zero/Thin client environments. Desirable Skills EVPN/VXLAN, Fortigate, Panorama, VMware SSP (vDefend). IaC (Terraform, Ansible), CI/CD (GitLab), Python orchestration. Observability (Prometheus, Grafana), SIEM (Splunk, Aria Logs). Advanced VMware: SRM, Avi Load Balancer, Workspace ONE. Application/data platforms: Kubernetes, Vault, Redis, RabbitMQ, Elastic Stack. Dell Powerscale & NVIDIA GPU passthrough experience. Professional Skills More ❯

Strong communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams and stakeholders. Experience with integrating SailPoint solution with other security tools and technologies, including SIEM and PAM solutions is a plus. Experience working with Scrum/Agile Methodologies. Experience working on multi-cultural environment. Office presence according to policies is expected.Demonstrated ability to work independently More ❯

Strong communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams and stakeholders. Experience with integrating SailPoint solution with other security tools and technologies, including SIEM and PAM solutions is a plus. Experience working with Scrum/Agile Methodologies. Experience working on multi-cultural environment. Office presence according to policies is expected. Demonstrated ability to work More ❯

well as support Senior Analysts in closing incidents when called upon. Qualifications and Experience At least 5 years' experience in Incident Management, SecOps or IT Security Experience of reviewing SIEM alerts and responding to them appropriately Experience working through cyber investigations independently Proven experience of Splunk or Sentinel Worked with EDR systems such as Defender or Symantec Knowledge of KQL More ❯

designing and delivering UKAEA's greenfield Identity and Access Management (IAM) and Privileged Access Management (PAM) solutions, while contributing to the development of the Security Information and Event Management (SIEM) and Security Operations Centre (SOC) capabilities. You will lead the IAM/PAM workstreams and provide specialist input into SIEM/SOC implementation, ensuring all solutions align with secure-by … PAM telemetry into SIEM tooling for enhanced visibility and detection. Provide technical oversight and assurance when engaging Managed Service Providers (MSPs) or third-party vendors. Support the development and implementation of SIEM/SOC capabilities, assisting in log source onboarding, alert tuning, and incident response improvements. Mentor and train junior team members, building internal capability in identity and access management. … SC-level national security clearance Desirable o At least a HND in Information Security, Computer Science, or a related STEM field, or equivalent experience. Degree Preferred o Understanding of SIEM/SOC integration and the relationship between IAM telemetry and security monitoring. o Familiarity with ITSM workflows and change control procedures. o Experience conducting security risk assessments for third-party More ❯

designing and delivering UKAEA's greenfield Identity and Access Management (IAM) and Privileged Access Management (PAM) solutions, while contributing to the development of the Security Information and Event Management (SIEM) and Security Operations Centre (SOC) capabilities. You will lead the IAM/PAM workstreams and provide specialist input into SIEM/SOC implementation, ensuring all solutions align with secure-by … PAM telemetry into SIEM tooling for enhanced visibility and detection. Provide technical oversight and assurance when engaging Managed Service Providers (MSPs) or third-party vendors. Support the development and implementation of SIEM/SOC capabilities, assisting in log source onboarding, alert tuning, and incident response improvements. Mentor and train junior team members, building internal capability in identity and access management. … SC-level national security clearance Desirable o At least a HND in Information Security, Computer Science, or a related STEM field, or equivalent experience. Degree Preferred o Understanding of SIEM/SOC integration and the relationship between IAM telemetry and security monitoring. o Familiarity with ITSM workflows and change control procedures. o Experience conducting security risk assessments for third-party More ❯

Sector. Key Requirements: Proven experience working within SOC management, within Energy/Construction/Utilities Hands on leadership and team management skills. Proven experience with Enterprise Technologies (SOC/SIEM/XDR). Strong working knowledge of M365 security features. Familiarity with cloud platforms, in particular Azure and/or AWS. Ability to effectively communicate SOC value to stakeholders through More ❯

Sector. Key Requirements: Proven experience working within SOC management, within Energy/Construction/Utilities Hands on leadership and team management skills. Proven experience with Enterprise Technologies (SOC/SIEM/XDR). Strong working knowledge of M365 security features. Familiarity with cloud platforms, in particular Azure and/or AWS. Ability to effectively communicate SOC value to stakeholders through More ❯

Fi, internet, and unified communications. Administer and monitor systems including Windows Server, Azure, Entra ID, Intune, VMWare, VXRail, Rubrik, Commvault , and more. Conduct vulnerability analysis and manage patching using SIEM tools (eg, Rapid7). Collaborate with the security team to ensure proper infrastructure security controls are deployed and maintained. Lead technical troubleshooting and respond to incidents in line with change More ❯

would be the main focus of the role. Strong expertise with Microsoft Defender and Sentinel is needed. Key Skills & Experience from the Security Engineer Strong experience with Microsoft Sentinel (SIEM) and Microsoft Defender suite (Defender for Endpoint, Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within More ❯

be expected to join. Essential skills and experience: SPLUNK EDR (Endpoint Detection and Response) Significant experience investigating and responding to cyber incidents Significant experience using security tools (e.g., EDR, SIEM) to support the investigation and response to cyber incidents Experience managing and coordinating the response to cyber incidents Experience coaching and mentoring junior staff An in-depth understanding of the More ❯

research or technical projects. Deep expertise in high-performance computing (HPC) security, including cluster management, secure architectures, and research applications. Proficiency in security tools and frameworks (e.g., IAM, encryption, SIEM, zero-trust principles). Professional certifications (e.g., CISSP, CISM, CCSP, ISO27001 Lead Auditor, or HPC-specific like CompTIA Security+) highly desirable. Excellent communication skills, with experience advising technical teams and More ❯

would be the main focus of the role. Strong expertise with Microsoft Defender and Sentinel is needed. Key Skills & Experience from the SOC Analyst Strong experience with Microsoft Sentinel (SIEM) and Microsoft Defender suite (Defender for Endpoint, Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within More ❯

will update you accordingly. Location: 10 South Colonnade, Canary Wharf, E14 4PU - On site negotiable as short term. Essential Criteria for the Role 2+ years in security platforms management (SIEM, SOAR).Expertise in enterprise-level monitoring and supporting large user bases (10,000+ users).Experience in creating/managing security playbooks and knowledge of public sector standards.Experience in Xsiam correlation More ❯

attacker techniques and capabilities models; and the various Cyber Kill Chain frameworks; ; Experience in securing cloud platform; Encryption; Knowledge in threat modelling and ethical hacking; Extensive experience working with SIEM solutions; Basic experience in some scripting languages Networking, SOC, Infrastructure background is good. Security Analyst apply due diligence to triaging issues, up to date with modern threats. Splunk, M365, Cloud More ❯

intelligence, cybersecurity operations, or penetration testing Proven ability to work collaboratively with Red/Blue teams and Security Operations Centres (SOC) Hands-on experience with TIPs (Threat Intelligence Platforms), SIEM tools, and threat data enrichment solutions Practical exposure to Breach & Attack Simulation (BAS) tools for threat scenario development Strong knowledge of adversary TTPs, MITRE ATT&CK, and modern threat modelling More ❯