1 to 25 of 43 Contract SIEM Jobs

Perimeter security, secure remote/admin access, privileged access controls Firewalls, IDS/IPS, WAF (where applicable), NAC, secure DNS, network monitoring Logging/SIEM alignment and operational monitoring requirements Oversee incident response planning, readiness, exercises, and major incident leadership. Partner with infrastructure/engineering teams to ensure secure ...

identification, and continuous improvement Lead security engagement within client Design Authority and Enterprise Architecture forums Manage integration with the client SOC, including security reporting, SIEM alignment, and incident response coordination Oversee security incident management in line with the client Cyber Security Incident Response Plan Own joiner/mover/leaver ...

audits, risk assessments and maturity reviews. Engineer and embed technical controls supporting NIST CSF and ISO/IEC 27001 objectives. Support security tooling integration (SIEM log sources, EDR/XDR dependencies, vulnerability tooling). Enable and validate security telemetry coverage audit policy configuration, log forwarding/collection, event quality (normalisation ...

Cyber Security Manager/Lead/Security Consultant role. Strong understanding of security operations, threat detection, and incident response practices. Experience working with SIEM, EDR, and monitoring technologies in enterprise environments. Demonstrable knowledge of security frameworks, controls, and governance models. Experience managing third-party vendors or managed security services. Relevant ...

following audits or gap assessments Knowledge of NIST and/or ISO27001 Experience with: Conditional Access, Identity & Access Management (IAM), Privileged Access, Management (PAM), SIEM, monitoring, Endpoint security Key Responsibilities of the Cloud Security Engineer: Implement and remediate recommendations identified through recent security audits and assessments Support the organisation ...

threat modelling, SAST, DAST, SCA, SBOM review, software composition analysis, vulnerability assessment, exploitability assessment, secure coding and remediation planning. This is not a SOC, SIEM, network security, cloud security or general infrastructure security operations role. Key responsibilities include: Support product security and application security across regulated software-based medical products. ...

tracking remediation, validating fixes, and assisting with reporting. * Develop and maintain playbooks, runbooks, and procedural documentation. Required Skills: * Microsoft Defender XDR * Microsoft Sentinel (SIEM/SOAR) * Privacy Management Solutions (e.g. Purview, OneTrust) * Understanding of key cybersecurity and privacy concepts, such as Threat detection and analysis, Incident response lifecycle, Vulnerability and ...

environments. Preferred Skills Endpoint compliance and posture assessment within Cisco ISE. Device profiling and policy enforcement. Integration with third-party security solutions such as: SIEM platforms Mobile Device Management (MDM) solutions Other security tooling Soft Skills Strong analytical and troubleshooting capabilities. Excellent communication and stakeholder engagement skills. Strong documentation and ...

and influencing skills at senior levels. Experience in high value works procurement, including facilities management, construction, design, and cost management Essential Skills : Experience with SIEM tools (ArcSight) including engineering/configuration Creation of use cases, analytics, and playbooks Cloud technology knowledge Incident management from detection to resolution Desirable: Technical/ ...

security standards. Desirable Active SC Clearance CISSP, CCSP, CISM, CISA, or equivalent security qualifications. Experience working with NCSC CAF. Knowledge of identity management, PKI, SIEM platforms, vulnerability management, cryptography, and wider enterprise security technologies. This is an opportunity to play a key role in shaping and assuring security delivery across ...

crisis management structures and frameworks. Technical Understanding (Desirable): Solid grounding in cyber security concepts and threats. Experience with Endpoint Detection & Response (e.g., CrowdStrike), SIEM platforms (e.g., Microsoft Sentinel), and ServiceNow (Security Operations). Ability to engage with technical teams and interpret technical data. To apply for this Senior Cyber Incident ...

configuration management and automation. Exposure to SailPoint Identity Security Cloud or other Identity Governance and Administration (IGA) platforms. Experience integrating identity solutions with SIEM, PAM, and other security technologies. Working knowledge of Power BI for dashboard development and data visualisation. Exposure to Microsoft Power Apps. Ability to read and interpret ...

+DV cleared role - current active DV clearance is essential +Inside IR35 +£575 - £630 a day +Corsham/Portsmouth Key Skills: ISO27001 DV Cleareance SIEM/SOAR - Elastic, Trend Micro, Tripwire, Tanium, Clearswift and SolarWinds . We are seeking an experienced Senior SOC Analyst to join a high-performing Cyber … scripts and response playbooks. Manage vulnerability scanning platforms and contribute to wider SOC strategy. Integrate and onboard standard and non-standard log sources into SIEM platforms. Monitor, investigate and respond to security incidents and emerging threats. Conduct forensic investigations and malware analysis, producing actionable intelligence and Indicators of Compromise (IoCs ...

scripts and response playbooks. Manage vulnerability scanning platforms and contribute to wider SOC strategy. Integrate and onboard standard and non-standard log sources into SIEM platforms. Monitor, investigate and respond to security incidents and emerging threats. Conduct forensic investigations and malware analysis, producing actionable intelligence and Indicators of Compromise (IoCs … . Tune and enhance SIEM, SOAR, EDR, DLP, email security and intrusion detection technologies. Analyse attacker tactics, techniques and procedures (TTPs) using frameworks such as MITRE ATT&CK. Produce dashboards, reports and recommendations to improve security posture. Ensure adherence to operational processes, SLAs, KPIs and security policies. Drive continuous improvement ...

detail to safeguard sensitive data and systems effectively Key responsibilities of the role include: Deploy, configure, and maintain, troubleshoot security tools such as SIEM, EDR, DLP, VM, Threat Intel,PAM etc extending to Cloud toolsets Perform assessments to understand the current and potential security gaps Use monitoring tools to detect ...

analysts in hunting methodologies and investigative techniques Review and improve alert fidelity, detection coverage, and response effectiveness Provide technical oversight for tooling such as SIEM, EDR/XDR, NDR, SOAR, and cloud-native security platforms Detection Engineering & Improvement Collaborate with detection engineers to convert hunt findings into new or improved … Operations, Threat Hunting, or Incident Response Proven experience leading investigations involving advanced persistent threats, insider threats, or targeted attacks Strong hands-on expertise with: SIEM platforms (e.g. Sentinel, Splunk, Elastic) EDR/XDR solutions (e.g. Defender, CrowdStrike, SentinelOne) Network and cloud security telemetry Strong understanding of: MITRE ATT&CK Windows ...

across enterprise environments. This role will work closely with Cyber Security, SOC, Infrastructure, Cloud, Data Engineering, and Application teams to improve data visibility, reduce SIEM costs, and enhance security monitoring capabilities. Key Responsibilities Design, deploy, and manage Cribl data pipelines across enterprise environments. Configure and support Cribl Stream , including data … collection, transformation, filtering, enrichment, masking, and routing. Optimise telemetry ingestion into SIEM and observability platforms. Implement data reduction strategies to improve platform efficiency and reduce licensing costs. Develop and maintain data parsing, normalisation, and enrichment processes. Support integration with security and monitoring platforms such as Splunk, Microsoft Sentinel, Elastic, and ...

infrastructure-as-code and automation tools (Terraform, ARM, CloudFormation) for WAF deployment and policy management Ability to analyse logs and security telemetry (WAF logs, SIEM integration) to identify threats and drive remediation Exposure to firewalls, DDoS protection, and broader network security controls in cloud environments Strong collaboration skills, working with ...

security controls aligned with the NIST Cyber Security Framework. What you'll be doing: * Maintain and optimise SOC PROTECT, DETECT, and RESPOND toolsets, including SIEM, SOAR, and vulnerability scanning tools. * Support the development, configuration, and automation of security tooling to enhance threat detection and incident response. * Conduct forensic analysis, malware … operational effectiveness and continuous process improvement. * Maintain knowledge of current cyber threats and emerging trends. What you'll bring: * Proven hands-on experience with SIEM and SOAR platforms such as Trend, Elastic, or SolarWinds. * Strong understanding of Windows and Linux OS, log collection, and threat detection techniques. * Ability to create ...

events, alerts and incidents across cloud, platform, and application layers. Execute vulnerability scanning, patch assurance and configuration compliance checks. Maintain security tooling such as SIEM, EDR, vulnerability scanners, and cloud-native controls. Support ISO 27001 control operation and evidence collection. Ensure compliance with MoD security standards including JSP 440 and … Support improvement of SecOps processes, SOPs and monitoring automation. Essential Skills Experience operating within a Security Operations or SecOps function Hands-on experience with SIEM (e.g. ELK), EDR and vulnerability tooling Experience securing Linux and Windows environments Understanding of ISO 27001 and secure configuration principles Experience supporting cloud or virtualised ...

profession standards with HR/L&D.Timely access to SL stakeholders, systems, repositories, and tooling (e.g., policy library, LMS, phishing platform, service management/SIEM, PMO data). Availability of policy owners and project managers for reviews and attestations. SL will provide required clearances, facilities, and collaboration tools. Core experience ...

pipelines. Production Build: Build and configure production instances of your tools, ensuring integration with an Identity Provider (IdP) and establishing log feeds to a SIEM system. Fleet Management & Support: Take ownership of the end-to-end device lifecycle (inventory, provisioning, onboarding, and offboarding) while providing high-quality technical support ...

security policy deployment FortiAnalyzer Centralised logging and reporting strategy SOC integration and event correlation Incident and event handling workflows Compliance reporting and audit outputs SIEM interoperability and operational analytics Secure SD-WAN SLA rule creation and traffic steering Link health checks and performance optimisation ADVPN architecture and dynamic overlay networking ...

NIST, ISO/IEC 27001, and CIS Evaluate, select, and integrate security technologies including: Identity and Access Management (IAM) Security Information and Event Management (SIEM) Endpoint Detection and Response (EDR) Data Loss Prevention (DLP) Web Application Firewalls (WAF) Encryption and key management solutions Collaborate with engineering, DevOps, and IT teams ...

recovery governance, and secure operational restoration. IT/OT Integration Assurance: Collaborate with cross-functional architecture and engineering teams to govern system onboarding (e.g., SIEM/SOC infrastructure monitoring) across both corporate enterprise and industrial Operational Technology (OT/SCADA) environments. Requirements Governance: Create procurement-grade business analysis artifacts, including ...