1 to 25 of 31 Contract SIEM Jobs in the UK

using SOAR tooling and its application Application of data science against large datasets involving unstructured data and designing data models Knowledge of using SIEM platforms to identify suspected security events and creating content to enhance the platform Knowledge of custom API's to leverage the SOAR's functionality Ability ...

ability to work across engineering, operations, and cyber security functions. What You'll Need (Essential) Strong working knowledge of core SOC tooling e.g. SIEM/Splunk, IDPS, Email/Web security, Firewalls Hands-on experience with Cisco ASR, Palo Alto or Fortinet firewalls Excellent understanding of network technologies (LAN/ ...

/7 basis . Skills & Experience Required: Working knowledge of Various Operating systems including Windows and Linux. Experience of working with SIEM and IPS products within a SOC Environment. Good Analytical skills with the ability to manipulate, interrogate and analyse large data sets. Relevant cyber security analyst experience within ...

Centre (SOC) team, you'll monitor systems, detect potential incidents, and initiate the incident response process. Your key responsibilities will include: Continuous Monitoring: Use SIEM tools (including Splunk) to identify suspicious activity and respond efficiently. Incident Triage: Analyse alerts and logs to determine genuine incidents and prioritise accordingly. Initial Incident ...

Centre (SOC) team, you'll monitor systems, detect potential incidents, and initiate the incident response process. Your key responsibilities will include: Continuous Monitoring: Use SIEM tools (including Splunk) to identify suspicious activity and respond efficiently. Incident Triage: Analyse alerts and logs to determine genuine incidents and prioritise accordingly. Initial Incident ...

9.1 or similar enterprise applications. Knowledge of hybrid cloud connectivity (VPN, ExpressRoute).Familiarity with ITIL/TOGAF-aligned practices. Understanding of SOC/SIEM integration for security operations. QualificationsMicrosoft Certified: Azure Administrator Associate (AZ-104) or higher. Microsoft Certified: Azure Solutions Architect Expert (preferred). Kubernetes (CKA/CKAD ...

9.1 or similar enterprise applications. Knowledge of hybrid cloud connectivity (VPN, ExpressRoute).Familiarity with ITIL/TOGAF-aligned practices. Understanding of SOC/SIEM integration for security operations. QualificationsMicrosoft Certified: Azure Administrator Associate (AZ-104) or higher. Microsoft Certified: Azure Solutions Architect Expert (preferred). Kubernetes (CKA/CKAD ...

performance engineering (capacity planning, QoS, traffic engineering). Security Expertise Firewalls, VPNs, IDS/IPS, secure segmentation, Zero Trust architecture. Threat detection/response, SIEM integration, incident response. Compliance frameworks (ISO 27001, NIST, GDPR). Cloud & Hybrid Networking AWS/Azure/GCP networking (VPC/VNet, Transit Gateway, cloud ...

only monitor and respond to incidents but also provide guidance and support to junior team members. Your responsibilities will include: Continuous Monitoring: Oversee SIEM tools (including Splunk) to detect suspicious activity and ensure timely response. Incident Triage: Analyse alerts and logs to confirm genuine incidents and prioritise effectively. Initial Incident ...

only monitor and respond to incidents but also provide guidance and support to junior team members. Your responsibilities will include: Continuous Monitoring: Oversee SIEM tools (including Splunk) to detect suspicious activity and ensure timely response. Incident Triage: Analyse alerts and logs to confirm genuine incidents and prioritise effectively. Initial Incident ...

migrating Firewall rules, designing segmentation at multiple layers (macro/meso/micro), and integrating identity based controls. Strong background in logging/monitoring, SIEM/SOAR integration, and building operational metrics. Proficiency with capacity planning, performance tuning, and platform visibility tooling. Excellent documentation skills; able to produce architecture artefacts ...

frameworks. What you will bring • Strong experience in cyber security architecture within Defence, Government or similarly complex environments. • Broad knowledge of identity, PKI, SIEM, vulnerability management, cryptography, firewalls, and protective monitoring. • A background working in consulting environments with proven ability to influence, challenge, and advise. • Clear written communication skills and ...

within IT and play a key role in monitoring security events, developing strategic security vision, and preparing for the implementation of a full Security SIEM implementation next year. This is an exciting opportunity to join a rapidly expanding company with a dynamic security team. The client value a growth mindset ...

Security Engineer - SIEM, KQL- sought by investment bank based in London. *Inside IR35 - 3 days a week on-site** Key Responsibilities SIEM Management & Optimization: Design, implement, and maintain Microsoft Sentinel workspaces, connectors, analytics rules, and playbooks Develop advanced KQL queries for threat hunting and reporting Optimize SIEM performance, cost, and ...

practices Engagement with R&D for Cyber Solutions/Products Essential Candidate Experience Good knowledge of multiple SOC tooling including IDPS/Firewalls/SIEM/Splunk/Email & Web Protection etc. Experience of implementing and fault finding Firewall technologies including Cisco ASR/Palo Alto/Fortinet Excellent understanding ...

Title: SIEM Engineer Location: Wokingham/Hybrid (3 days per week on site) Duration: 3 months from the start Rate: £430 per day inside ir35 SC security clearance is required for this role We are looking for a highly skilled Security Engineer to support the deployment, configuration, and management … modern SIEM and EDR platforms. This role is ideal for someone with strong hands-on technical security expertise and a passion for threat detection, analysis, and automation. Key Responsibilities: Syslog experience and/or strong Linux skills SIEM Deployment & Management Configure, deploy, and maintain SIEM platforms such as Microsoft Sentinel ...

impactful Required Technical Experience Proven experience as a Security SME/Security Architect in complex enterprise environments Deep hands-on expertise with: Microsoft Sentinel (SIEM/SOAR) Microsoft Defender for Endpoint & Servers Microsoft Defender for Identity Microsoft Defender for Cloud Apps (CASB) Microsoft Defender for Office 365 Strong understanding ...

responsible for monitoring systems, identifying potential threats, and ensuring rapid incident response to safeguard critical services. Responsibilities Keep a close watch on SIEM platforms and other monitoring tools to spot unusual activity. Evaluate and triage alerts to separate genuine incidents from false positives. Take immediate containment steps and escalate confirmed ...

.It will cover analysis, monitoring, reporting, alerting and investigation activity utilising a wide variety of security platforms including AI/ML and behavioural analytics, SIEM (Security Information Event Management), Network Packet Capture platform, Anti Malicious Code, Threat Detection technologies and platforms across the UK Network Perimeter working with the best … cause analysis and leading T2 incident investigations Process/Playbook/Runbook development Working knowledge of detection engineering, false positive improvements Capability to tune SIEM rules or create custom detections Scripted automation experience e.g. Python, SOAR, PowerShell Threat modelling and Hunting methodologies ...

will cover analysis, monitoring, reporting, alerting and investigation activity utilising a wide variety of security platforms including AI/ML and behavioural analytics, SIEM (Security Information Event Management), Network Packet Capture platform, Anti Malicious Code, Threat Detection technologies and platforms across the UK Network Perimeter working with the best standard … cause analysis and leading T2 incident investigations Process/Playbook/Runbook development Working knowledge of detection engineering, false positive improvements Capability to tune SIEM rules or create custom detections Scripted automation experience e.g. Python, SOAR, PowerShell Threat modelling and Hunting methodologies ...

Financial services or other highly regulated industries Certificate-based authentication/PKI Integration with directory services (e.g. AD/Azure AD) Logging, alerting, and SIEM integration Previous NAC redesign or cleanup engagements Working Arrangements 34 days per week on-site in the City of London Initial 3-month contract with ...

/AWS security configuration. Experience of security automation. Knowledge of information security concepts and technologies such as IDS, email gateways and desktop security products, SIEM and SOAR platforms, web application firewalls and vulnerability management tools. Experience of SIEM toolsets including the ELK stack essential. Software development abilities at a senior ...

Centres working within a high-threat government environment: Experience in SOC operations, incident response, and forensic analysis. Proficiency in Security Information and Event Management (SIEM), including tools such as Sentinel, Splunk, Defender, Qualys, Tenable, Huntsman & LogRhyth Ability to perform triage of security events to determine their scope, priority, and impact ...

Security (SIEM) Architect Location: Warwick, Hybrid IR Status: TBC Rate: £600 - £800 Length : 6-12 months, TBC Clearance: Must have active SC clearance. An exciting opportunity has emerged with an organisaiton supplying complex architectural, technical and delivery solutions across the UK Secure Government and Public Sectors. They are looking … bring in a specialist security archietct, with demonstrable experience of having architected a SIEM capability ustiling the Elasticsearch toolset. There has been an initial scoping, you will come in and provide a full-scale holistic solution and will have the support of the architetural team that provided the initial scope. ...

Assessment Papers, Risk Treatment Plans, Risk Business Cases, and Security Management Plans. Knowledge and experience in security architecture and Security Information and Event Management (SIEM) tools, including Splunk, Defender, Sentinel, ELK, and Tenable Threat Modeling System solutions. Demonstrable knowledge of cybersecurity frameworks and standards, including the NCSC Cyber Assessment Framework ...