1 to 25 of 31 Permanent SIEM Jobs in Ipswich

cause analysis, and provide incident response support Conduct regular vulnerability assessments and penetration testing; assist in remediation efforts Maintain and manage SIEM (Security Information and Event Management) tools and log analysis Develop and enforce security policies, standards, and procedures Work with IT and development teams to implement secure system designs … experience in an information security or cybersecurity role Strong understanding of security principles, frameworks, and practices (e.g., CIA triad, defense in depth) Experience with SIEM tools, intrusion detection/prevention systems (IDS/IPS), firewalls, and endpoint protection Familiarity with vulnerability scanning tools (e.g., Nessus, Qualys) and remediation processes Knowledge More ❯

environments (e.g., Azure) and end-user devices. Hands-on expertise with security tools and technologies, such as Defender for Cloud, Defender for Endpoint, and SIEM solutions. Solid background in implementing and managing security policies via Microsoft Intune and Group Policy (GPO) to secure endpoints and applications. Proven ability to monitor More ❯

and application teams to embed security by design in the migration process Oversee security tool integration, including identity and access management, logging/monitoring (SIEM), encryption, and vulnerability management Your skillset may include: Proven experience as a Security Architect supporting major infrastructure transformation or datacentre exit programs Strong understanding of More ❯

higher education or a similar sector. Familiarity with business continuity planning and disaster recovery. Proficiency in a range of security tools and technologies, including SIEM, firewalls, and VPNs. This role offers a dynamic working environment with opportunities for professional growth and the chance to shape the cybersecurity strategy of a More ❯

improvements. Prepare comprehensive reports for clients. Technical skills: Demonstrated experience in responding to and investigating incidents whilst utilizing various monitoring, detection and investigation tooling – SIEM, SOAR, EDR etc. Proficiency in log analysis of Networking, Windows, Mac and Linux and Cloud. Understanding of evidence collection process based on priority. Strong understanding More ❯

staff based on industry best practice. Experience in business growth and bid development is desirable. What We’re Looking for: Essential Experience in operating SIEM tools and vulnerability management software and being able to interpret and prioritise alerts, incidents and threat intelligence. Desirable Security Blue Team 1 or higher CompTIA More ❯

to transition into security and gain hands-on experience with cutting-edge technology. Gain hands on experience: - Threat Detection & Response – Monitor security alerts using SIEM platforms (Splunk, Sentinel, QRadar etc.) and act fast to counter potential threats. Incident Investigation – Analyse security incidents, conduct forensic investigations, and support remediation efforts. Vulnerability More ❯

experience working in cyber security, system engineering, or a similar role, with hands-on knowledge of security tools such as anti-malware, content filtering, SIEM and threat detection solutions . A strong understanding of Windows OS, Linux, and MacOS is essential, along with experience working with technology suppliers and outsourced More ❯

Hardware Design of Highly Available Systems Experience in - Delivering projects and solutions from inception to completion Any experience with the following software products: Rubrik SIEM Solarwinds Zabbix Grafana Azure DevOp’s Jenkins What can we do for you? The majority of this role will be remote(Hybrid) but will require More ❯

understanding of SOC best practices, incident response, and regulatory frameworks (e.g., GDPR, NIST, ISO 27001). Hands-on experience with security technologies such as SIEM, IDS/IPS, EDR, etc. Excellent communication skills, including the ability to explain technical topics to non-technical audiences Apply here or reach out to More ❯

Microsoft Purview, DLP, Azure security, compliance module etc Identity Access Management (IAM), Zero Trust strategy implementations, Microsoft Defender Anti-Virus or similar tools, XDR SIEM tools, IPS/IDS, Endpoint security, Firewalls, Email security Experience of project management, delivering quality projects on budget and on time Experience of the Financial More ❯

against basic and advanced threat actors. You will be responsible for the automation workflow design and use case development. You will work on the SIEM detection content development and false positive reduction. You will be in charge of robust and detailed incident response to threats, investigation, and triage of day More ❯

SD-WAN. Understanding of Zero Trust Architecture, microsegmentation, and secure cloud networking (e.g., Azure, AWS, GCP). Experience with security information and event management (SIEM), threat intelligence, and vulnerability management. Excellent communication and documentation skills, with the ability to influence and educate stakeholders. Relevant certifications strongly preferred (e.g., CISSP, CCNP More ❯

What you’ll be doing: Designing and implementing SOC process automation to eliminate manual overhead in alert triage, response, and reporting Integrating security tooling (SIEM, SOAR, firewalls, etc.) Creating automated playbooks to drive consistency and speed across IR workflows Collaborating with SOC analysts, engineers, and third-party vendors to identify More ❯

looking for a new role or path in their career. What will you be doing? Monitor IT and security events from SIEM (Security Information and Event Management) systems and other security tools to proactively detect incidents and prevent disruptions to services. Manage the lifecycle of security incidents , from initial detection … if you already have... Experience of working in a 24/7 rota, specifically in an established IT or Security function. Working knowledge of SIEM tools. Scripting capability, particularly using PowerShell, Bash, and KQL (Kusto Query Language) for automation, scripting, and querying in Microsoft Sentinel and Defender. Experience with security More ❯

and analysis. Hands-on experience with PowerShell scripting for automation and endpoint troubleshooting. Knowledge of SysTrack API integrations with ITSM (ServiceNow, Remedy, etc.) and SIEM tools (Splunk, Elastic, etc.). Familiarity with PC infrastructure, including Active Directory, network components, and endpoint management. Experience working with Azure Apps and cloud-based More ❯

scripting or programming languages. Practical knowledge and demonstrated experience in areas such as Data Loss Prevention (DLP), Data Privacy/Protection, DSPM/CSPM, SIEM, or vulnerability management is highly preferred. Proven success in a technical, customer-facing role within a software or SaaS company. Full spec available, please apply More ❯

global business risk/objectives. This role is focused on technical operations and support of various information security tools including event/incident management (SIEM), cloud security, endpoint detection and response, email security, and vulnerability management. This position will be responsible for supporting the Director IT Security in reviewing and … will be done monthly. Deploy new information security tools, services, processes, and procedures to support the information security roadmap. Support information security services including SIEM, MDR, endpoint technology, secure email gateway, cloud security, certificate management, network security, and vulnerability management. Respond to critical incidents in a timely manner in partnership More ❯

Hands-on expertise in any of the following vendors: Fortinet, Palo Alto, Cisco, Juniper, Zscaler, CrowdStrike... Experience in any of the following is advantageous: SIEM, SOAR, MSSP, DDoS, WAF, EDR, IDAM... Excellent communication skills and the ability to simplify complex concepts for a range of stakeholders A proactive, can-do More ❯

/Open API specs for vulnerabilities Advise on secure API design patterns Familiar with fallback controls such as WAF's, API gateways Experience using SIEM/logging tools to track API threats Familiarity with NIST, OWASP SAMM, or internal security frameworks Experience producing risk dashboards/reports for API's More ❯

This role offers an opportunity to work with market-leading vendors across networking (Cisco), data infrastructure (NetApp, IBM, cloud), and security solutions (NOC, SOC, SIEM) . While the focus is on new business development , there’s potential to inherit a small number of key accounts to support your success. What More ❯

Password Vault Web Access) PSM (Privileged Session Manager) AAM (Application Access Manager) Conjur (Secrets Management) Integrate CyberArk with other security tools and platforms (e.g., SIEM, IAM, ITSM). Configure and manage safes, platforms, and policies within CyberArk. 3. Operational Management: Monitor and maintain the CyberArk environment to ensure optimal performance … PVWA, PSM, AAM, Conjur). Strong understanding of privileged access management concepts and best practices. Experience with integrating CyberArk with other security tools (e.g., SIEM, IAM, ITSM). Proficiency in scripting languages (e.g., PowerShell, Python) for automation and customization. Excellent problem-solving and troubleshooting skills. Preferred: Experience with cloud platforms More ❯

governance & review processes to deliver project goals & deliverables. Follow enterprise ITSM & CMDB processes Monitor and analyse security alerts using Security Information and Event Management (SIEM) tools, and respond to security incidents in a timely and effective manner. Collaborate with cross-functional teams to develop and enforce identity and access management … Access Proficiency in configuring, managing, and troubleshooting firewalls. Cisco, Palo Alto etc,. Experience with intrusion detection/prevention systems, as well as with SIEM tools and security incident response. Excellent problem-solving skills, analytical thinking, and the ability to communicate effectively with diverse stakeholders. CERTIFICATIONS: (any of below) Cisco More ❯

and access controls. Lead threat modelling exercises to identify, assess and mitigate risks in systems and applications. Lead the design, implementation and optimisation of SIEM solutions (e.g. Splunk, Sentinel). Integrate SIEM systems with other security tools like EDR, SOAR and threat intelligence feeds. Skills Extensive experience in Cyber Security … threat modelling. Proficiency in cloud platforms and services (AWS, Azure, GCP) with deep knowledge of native security tools. Hands-on experience designing and implementing SIEM solutions in enterprise environments. Skilled in scripting and automation (e.g., Python, PowerShell) for security processes. Familiarity with tools for threat modelling, vulnerability management, and incident … response. SIEM-specific certifications like Splunk Certified Architect, Sentinel Expert, or equivalent. IAM certifications (e.g., Okta Certified Consultant, SailPoint IdentityNow, or CyberArk Defender) are highly desirable. More ❯

SIEM Automation Engineer – Leading Microsoft MSSP An opportunity to work with one of the top 1% Microsoft MSSPs globally, where cutting-edge security solutions meet expert cyber defense. With a 16-person SOC team, this role offers the chance to automate, optimize, and strengthen security operations at scale. A key … with security analysts, engineers, and SOC teams to develop automated responses to cyber threats. Continuously improve security monitoring strategies and contribute to the overall SIEM architecture. Experience required: Proven experience working with Microsoft Sentinel and Defender for Endpoint. Strong proficiency in KQL for deep threat hunting and security analytics. Knowledge … of SIEM automation, playbooks, and integrations. Experience in cybersecurity operations, threat detection, and incident response. Passion for security automation and proactive cyber defense strategies. Paying up to 60k + on-call (65k total package) Remote based Must be eligible for SC clearance. More ❯