16 of 16 Permanent SIEM Jobs in the City of London

processes Developing and maintains documentation for security systems and procedures Responding to and, where appropriate, resolving or escalating reported security incidents Monitoring system logs, SIEM tools and network traffic for unusual or suspicious activity. Investigating and resolving security violations by providing postmortem analysis to illuminate the issues and possible solutions More ❯

response, ensuring the protection of BCG’s global network. You will work closely with the Security Operations Center (SOC), Security Information and Event Management (SIEM), and Managed Security Service Provider (MSSP) to enhance detection and response capabilities. Your expertise will contribute to strengthening our security posture and minimizing business risks … Tier 3 Incident Responder, supporting complex investigations into cyber security incidents. * Conduct proactive threat hunting to detect and neutralize emerging threats. * Monitor and analyze logs via SIEM, EDR, and network traffic analysis tools for potential attack indicators. * Investigate security incidents, including malware infections, phishing attacks, and unauthorized access attempts. * Develop … mindset to identify security threats. * Experience with malware analysis, including static and dynamic analysis techniques. * Ability to develop and refine threat-hunting methodologies and define SIEM use cases. * Familiarity with global cybersecurity regulations and compliance frameworks (GDPR, NIST, ISO 27001, etc.). * Ability to work under pressure in a fast More ❯

Develop & maintain documentation for systems, procedures, processes and more What skills do you need to be a Security Analyst? Rapid7 IDR (open to other SIEM tools) CrowdStrike Microsoft Defender Understanding of networking (Cisco Umbrella & Fortinet, IDS/IPS, etc) Experience with Vulnerability Management tools Experience with Password Management tools Experience More ❯

security principles, protocols, and standards. Proficiency with DevOps and DevSecOps tools (e.g. GitLab CI/CD, Ansible, Terraform). Experience with security tools like SIEM/SOAR (preferably Rapid7), IDS/IPS, vulnerability scanners, and code analysis tools (SonarCloud, Snyk, Chekov) Strong knowledge of network security, encryption, identity and access More ❯

conducting vulnerability assessments, supporting audits, and helping to strengthen third-party security compliance. Key Responsibilities: Monitor security systems and investigate incidents Operate firewalls, EDR, SIEM tools, and encryption software Support vulnerability testing and risk analysis Assist with third-party vendor assessments and internal audits Contribute to the ongoing improvement of More ❯

directory services (e.g. Active Directory, Azure AD), identity federation, and identity lifecycle orchestration Familiarity with logging and monitoring practices, including event correlation, identity-related SIEM alerts, or IAM health dashboards Understanding of identity governance within regulatory frameworks such as ISO 27001, NIST, GDPR, or SOX Experience in platform resilience, fault More ❯

Develop and implement strategies to ensure network and security infrastructure meets current and future needs. Monitor and respond to security incidents using tools like SIEM and Sophos MTR. Maintain system security by configuring firewalls, VPNs, and intrusion detection systems, and ensuring timely patching. Manage vulnerability remediation based on penetration test More ❯

StrongKnowledge of Windows Server security and Active Directory. Familiaritywith security frameworks and standards (e.g., NIST, ISO 27001). Experiencewith security tools and technologies (e.g., SIEM, EDR, DLP). What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date More ❯

staff. THE ROLE: Design and implement short and long-term strategic plans to ensure IT network Work closely with and monitor logs generated from SIEM & Sophos MTR Configuring, maintaining and implementing intrusion detection systems and firewalls, virtual private networks, web protocols, and email security Create and update all relevant Jira More ❯

SSO, and Privileged Access Management (PAM). • Lead threat monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. • Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). • Conduct regular security risk assessments, penetration tests, and … Single Sign-On (SSO), and Privileged Access Management (PAM). • Threat Management & Incident Response: Ability to detect, respond to, and mitigate cyber threats using SIEM, endpoint security, and vulnerability management tools. • Networking & Infrastructure Security: Understanding of firewalls, VPNs, SD-WAN, DNS security, endpoint protection, and cloud security controls. • IT Service More ❯

and tailor solutions to customer needs. Strong background in technologies including: Network: VPLS, MPLS, BGP, VRRP, SD-WAN, IP Routing Security: Layer 7 firewalls, SIEM, SASE Cloud: Public/Private Cloud architecture, Cloud-hosted IP Telephony Wireless & LAN: HPE Aruba Central, Cisco DNA Unified Comms: Cisco, Microsoft Exceptional presentation and More ❯

Strong documentation skills (Microsoft Word, Project, Visio) and a grasp of Enterprise Architecture methods like TOGAF (desirable). Familiarity with secure Internet solutions (firewalls, SIEM), LAN environments, and cloud architectures (public/private) is a plus. Knowledge of sector-specific networks such as HSCN, PSN, or JANET is highly advantageous. More ❯

a hands-on technical role focused on enhancing and maintaining the organisation's security capabilities, emphasising Azure infrastructure. This role supports the maturity of SIEM, SOC, and EDR capabilities while actively addressing emerging threats and vulnerabilities. The security engineer will also play a critical role in incident response, compliance, and … innovative security technologies to strengthen the organisation's defenses. Essential functions of the job: SOC operations: perform incident triaging, threat detection, and response activities. SIEM & EDR management: advance and configure SIEM and EDR systems to optimise threat detection and response in Azure environments. Incident response: investigate and mitigate security incidents … solutions. Experience required: Relevant certifications in public cloud security and experience managing Azure cloud infrastructure. Proven expertise in security testing, IAM, vulnerability management, and SIEM configuration. Strong grasp of networking fundamentals, including DNS, WAF, and ingress, paired with experience in CPSM. Familiarity with GIT/version control, SDLC pipelines and More ❯

/Open API specs for vulnerabilities Advise on secure API design patterns Familiar with fallback controls such as WAF's, API gateways Experience using SIEM/logging tools to track API threats Familiarity with NIST, OWASP SAMM, or internal security frameworks Experience producing risk dashboards/reports for API's More ❯

reporting to the IT Security Officer, to implement and maintain robust security across their infrastructure. Key responsibilities include managing WAF/DDoS, security gateways, SIEM/SOAR/EDR, firewalls, MFA/SSO, MDM/MAM, vulnerability scans, and incident response. Key Responsibilities: Manage WAF/DDoS, web/email … security gateways, SIEM/SOAR/EDR (alert response), firewalls, MFA/SSO, MDM/MAM, vulnerability scans/remediation, security certificates, IDS/IPS, PAM, and deliver security awareness training. Remediate penetration test findings and contribute to ad-hoc projects. Essential Experience: Strong knowledge of CrowdStrike EDR, Mimecast, Duo More ❯

of onboarding CNI and all other systems. Configuration of all infrastructure including AWS - EC2, S3 buckets, SQS queues is also required. You must have SIEM Engineering and Architecture skills, specifically in Splunk SaaS. Full end to end experience of delivery lifecycle experience for improvements to Splunk SaaS is also essential. … You must have experience of defining improvements within Cyber departments, particularly, SIEM improvements within Cyber Security Operations Centre (CSOC) functions that result in an increase in SIEM Maturity Levels. More ❯