1 to 25 of 33 Permanent SIEM Jobs in Hampshire

artifacts in support of incident investigations Experience with vulnerability scanning solutions In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform (e.g. Sentinel, Nitro/McAfee Enterprise Security Manager, ArcSight, QRadar, LogLogic, Splunk) Understanding of mobile technology and OS (i.e. Android, iOS, Windows), Experienced in More ❯

strategies What You'll Bring 5+ years in cybersecurity operations, with at least 2 years in a leadership role Strong hands-on knowledge of SIEM, EDR, SOAR, IDS/IPS, Firewalls, and cloud security Deep understanding of MITRE ATT&CK, NIST, ISO 27001, CIS frameworks Proven experience in incident response More ❯

critical role supporting defence infrastructure through proactive monitoring, analysis and improvement of cybersecurity. Responsibilities: Experience in a security operations centre (SOC) environment Experience with SIEM tools such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP, VPNs, firewalls) Skilled in incident response and More ❯

strategies What You’ll Bring 5+ years in cybersecurity operations, with at least 2 years in a leadership role Strong hands-on knowledge of SIEM, EDR, SOAR, IDS/IPS, firewalls, and cloud security Deep understanding of MITRE ATT&CK, NIST, ISO 27001, CIS frameworks Proven experience in incident response More ❯

helpdesk/IT Service role. Experience in information security or related field Experience with computer network penetration testing and techniques Understanding of firewalls, proxies, SIEM, antivirus and IDPS concepts Ability to identify and mitigate network vulnerabilities and explain how to avoid them Ability to train and share knowledge with others More ❯

other attack artifacts in support of incident investigationsExperience with vulnerability scanning solutionsIn-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform (e.g. Sentinel, Nitro/McAfee Enterprise Security Manager, ArcSight, QRadar, LogLogic, Splunk)Understanding of mobile technology and OS (i.e. Android, iOS, Windows), Experienced in More ❯

Traceroute). Familiarity with virtualization technologies (VMware, Hyper-V) and cloud platforms (Azure, AWS). Understanding of cybersecurity best practices and tools (firewalls, antivirus, SIEM). Scripting skills (PowerShell, Bash, Python) for automation and troubleshooting. Experience with Unified Threat Management (UTM) Firewalls and other security technologies. Experience with Linux and More ❯

of our Security Operations Centre, ensuring we remain adaptable to new challenges. What youll bring: Experience in Security Operations Centres (SOC) and proficiency with SIEM tools. Understanding of networking, security technology, and system applications (TCP/IP, VPNs, firewalls, etc.). Problem-solving skills to assess complex threats and deliver More ❯

include a degree in Cyber Security, Computer Science, Networks, etc. Professional qualifications from organizations like CompTIA, ISACA, etc. Technical qualifications such as cloud computing, SIEM, vulnerability management, etc. Experience (Nice to have) Understanding of concepts like cloud computing, incident management, risk management, information security (CIA), phishing, ransomware, IDAM, JML processes More ❯

etc. Professional Qualifications from organisations such as CompTIA, ISACA etc. Technical qualifications in security and technology such as (but not limited to) cloud computing, SIEM, Vulnerability Scanning/Management etc. Understanding of some (or all) of the following: Key Concepts of Cloud Computing Security Incident Management Risk Management Information Security More ❯

re Looking For 5+ years’ experience in a SOC or cybersecurity operations role, including 2+ years in a leadership position . Strong understanding of SIEM, SOAR, EDR, IDS/IPS, and firewall technologies. Experience in incident response, threat intelligence, and forensic analysis . Proficiency in security frameworks like MITRE ATT More ❯

re Looking For 5+ years’ experience in a SOC or cybersecurity operations role, including 2+ years in a leadership position . Strong understanding of SIEM, SOAR, EDR, IDS/IPS, and firewall technologies. Experience in incident response, threat intelligence, and forensic analysis . Proficiency in security frameworks like MITRE ATT More ❯

experience in a production setting. VMware Aria Operations (formally Log and network insight) Design, deploy, troubleshoot and manage to a 3rd line level and SIEM integration. Operational experience in zero trust, deny all by default, secure by design environments. Linux operating system (Ubuntu preferred) Design, deploy, troubleshoot and manage to More ❯

in the management of IDS/IPS, Firewalls, VPN, EDR/XDR, mail filtering and other security products Experience of Security Information Event Management (SIEM) tools Any experience or knowledge of ISO27001 as well as with penetration testing/vulnerability scanning would be highly advantageous The list above is important More ❯

in the management of IDS/IPS, Firewalls, VPN, EDR/XDR, mail filtering, and other security products Experience with Security Information Event Management (SIEM) tools Any experience or knowledge of ISO27001 as well as with penetration testing/vulnerability scanning would be highly advantageous The list above is important More ❯

Collaborate with external audit teams to streamline processes and provide requested documentation and evidence. Security Monitoring: Use tools such as Rapid7 InsightIDR or other SIEM solutions to assist with security monitoring and incident detection. Incident Response Support: Participate in incident response efforts, documenting security incidents and assisting in containment and … ISO 27001, ISO 27701, ISO 42001, GDPR, DORA, Cyber Essentials, and Cyber Essentials Plus. Familiarity with CSOC tools such as Rapid7 InsightIDR or other SIEM solutions. Hands-on experience in internal and external audits, compliance assessments, and process improvement. Basic understanding of incident response frameworks and cybersecurity best practices. Exceptional More ❯

analysis, and improvement of cybersecurity postures. Essential Skills and Experience: Proven experience in a Security Operations Centre (SOC) environment Strong hands-on expertise with SIEM tools such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ) Skilled in incident response and … at the forefront of digital defenceleading incident response, improving detection mechanisms, and mentoring junior analysts. Your responsibilities will include: Analysing security incidents using advanced SIEM platforms ( Microsoft Sentinel , Splunk ) Leading incident response and driving improvements in detection and containment strategies Tuning and maintaining detection rules, using threat frameworks like Mitre More ❯

analysis, and improvement of cybersecurity postures. Essential Skills and Experience: Proven experience in a Security Operations Centre (SOC) environment. Strong hands-on expertise with SIEM tools such as Microsoft Sentinel and Splunk . Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ). Skilled in incident … will be at the forefront -leading incident response, improving detection mechanisms, and mentoring junior analysts. Your responsibilities will include: Analysing security incidents using advanced SIEM platforms ( Microsoft Sentinel , Splunk ). Leading incident response and driving improvements in detection and containment strategies. Tuning and maintaining detection rules, using threat frameworks like More ❯

be eligible to go through DV clearance as well. We are seeking someone with profound SOC experience, particularly at SOC Level 2. Mastery of SIEM tools such as Microsoft Sentinel and Splunk is crucial, along with a deep understanding of network protocols and infrastructure, including TCP/IP, VPNs, and … this pivotal role, you will lead incident response initiatives, refine detection mechanisms, and mentor junior analysts. Key responsibilities include: Analysing security incidents using advanced SIEM platforms (Microsoft Sentinel, Splunk) Leading incident response and fortifying detection and containment strategies Tuning and maintaining detection rules, leveraging frameworks like Mitre Att&ck Collaborating More ❯

be eligible to go through DV clearance as well. We are seeking someone with profound SOC experience, particularly at SOC Level 2. Mastery of SIEM tools such as Microsoft Sentinel and Splunk is crucial, along with a deep understanding of network protocols and infrastructure, including TCP/IP, VPNs, and … this pivotal role, you will lead incident response initiatives, refine detection mechanisms, and mentor junior analysts. Key responsibilities include: Analysing security incidents using advanced SIEM platforms (Microsoft Sentinel, Splunk) Leading incident response and fortifying detection and containment strategies Tuning and maintaining detection rules, leveraging frameworks like Mitre Att&ck Collaborating More ❯

of cybersecurity postures. Essential Skills and Experience: Proven experience in a Security Operations Centre (SOC) environment SOC Level 2 Strong hands-on expertise with SIEM tools such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ) Skilled in incident response and … the forefront of digital defence—leading incident response, improving detection mechanisms, and mentoring junior analysts. Your responsibilities will include: Analysing security incidents using advanced SIEM platforms ( Microsoft Sentinel , Splunk ) Leading incident response and driving improvements in detection and containment strategies Tuning and maintaining detection rules, using threat frameworks like Mitre More ❯

analysis, and improvement of cybersecurity postures. Essential Skills and Experience: Proven experience in a Security Operations Centre (SOC) environment Strong hands-on expertise with SIEM tools such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ) Skilled in incident response and … at the forefront of digital defenceleading incident response, improving detection mechanisms, and mentoring junior analysts. Your responsibilities will include: Analysing security incidents using advanced SIEM platforms ( Microsoft Sentinel , Splunk ) Leading incident response and driving improvements in detection and containment strategies Tuning and maintaining detection rules, using threat frameworks like Mitre More ❯

doing: Conduct thorough tests on infrastructure, networks, systems, and web applications Lead security assessments, identifying vulnerabilities and ensuring effective remediation strategies Utilise tools for SIEM, Data Loss Prevention (DLP), and endpoint detection and response (EDR) to monitor and protect systems Collaborate effectively with third-party vendors to maintain trusted security More ❯

This role is based onsite in DXC Erskine and involves a rotational 24x7 shift pattern. MUST have at least 6 months of experience with SIEM technologies Job Overview The Tier 2 Cyber Security Analyst is a mid-level position within the Cyber Threat Analysis Centre (CTAC). Responsible for advancing … escalated triage and analysis on security events identified by Tier 1 Analysts, assessing threat severity and advising on initial response actions. Utilize expertise in SIEM solutions, especially Kusto Query Language (KQL), for log analysis, event correlation, and documentation of security incidents. Identify and escalate critical threats to Tier 3 Analysts … updates to enhance response times. Coordinate with Tier 3 Analysts and management to refine detection and response workflows, supporting SOC maturity. Collaborate on tuning SIEM and detection tools to reduce false positives and improve alert accuracy, including submitting tuning requests and testing configurations. Identify gaps in detection content and work More ❯

the forefront of digital defence-leading incident response, improving detection mechanisms, and mentoring Junior Analysts. Your responsibilities will include: Analysing security incidents using advanced SIEM platforms (Microsoft Sentinel, Splunk) Leading incident response and driving improvements in detection and containment strategies Tuning and maintaining detection rules, using threat frameworks like Mitre … in a Security Operations Centre (SOC) environment Previous experience working as a SOC Level 2/Cyber Security Analyst Strong hands-on expertise with SIEM tools such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (eg TCP/IP, VPNs, Firewalls) Skilled in incident response and More ❯