1 to 25 of 87 Permanent SIEM Jobs in London

Essential 3+ years’ experience working in a security operations, IT security, privacy operations, or related technical role. Familiarity with: Microsoft Defender XDR Microsoft Sentinel (SIEM/SOAR) Privacy Management Solutions (e.g. Purview, OneTrust) Basic understanding of key cybersecurity and privacy concepts, such as: Threat detection and analysis Incident response lifecycle ...

security frameworks such as ISO 27001, NIST, Cyber Essentials Expertise in risk management, vulnerability assessment, and incident response Experience with enterprise security tools (e.g. SIEM, IDS, firewalls, encryption technologies) Knowledge of cloud and hybrid security environments Ability to communicate complex technical risks to non‐technical stakeholders Experience influencing senior leadership ...

service follows and complies with IT and Information Security policies and regulatory standards. Help configure and keep current the integration of IAM technologies with SIEM, SOAR, Service Desk and other tools. Work closely with relevant vendors to ensure optimised use of the supplied technologies and professional services. Serve ...

enhance security operations, improve threat detection, and upskill the internal team. Key Responsibilities Lead CrowdStrike Falcon deployment, configuration, and optimisation Design and enhance Splunk SIEM dashboards, alerts, and data models Act as an escalation point for major cyber incidents Develop SOAR automation workflows to improve response times Conduct proactive threat ...

. Scripting skills in Python for automation and threat analysis. Strong AWS security expertise (IAM, GuardDuty, Security Hub, CloudTrail, VPC design). Experience with SIEM, MDR, and vulnerability management tools. Familiarity with financial regulatory frameworks: DORA, FCA (SYSC/PS21/3), NIS2/UK NIS. Working knowledge ...

partners Preferred Certifications CISM or similar ISO 27001 Lead Implementer/Lead Auditor ISO 42001 (desirable) Technical Skills Security architecture and cloud security (AWS) SIEM, EDR and SOC tools ISO 27001/ISO 42001 implementation Vulnerability management and penetration testing oversight Data protection, encryption and privacy controls Third-party risk ...

technologies, with experience managing and operating FortiGate firewalls ·Proven experience with Active Directory/Azure AD, including patch and group policy management ·Cloud native SIEM, SOCs and SOAR ·Windows Server, Windows 11, and Microsoft Application Suite ·Experience with adoption of Infrastructure-as-Code (IaC) utilising technologies such as Terraform and ...

implementing security controls, mitigating risk and contributing to the continuous improvement of the company's overall security posture. Responsibilities: Monitor security tools including SIEM (QRadar) and respond to threat detection alerts Triage, analyse and prioritise security (via ServiceNow) Investigate root causes of security issues and design effective remediation solutions Oversee ...

implementing security controls, mitigating risk and contributing to the continuous improvement of the company's overall security posture. Responsibilities: Monitor security tools including SIEM (QRadar) and respond to threat detection alerts Triage, analyse and prioritise security (via ServiceNow) Investigate root causes of security issues and design effective remediation solutions Oversee ...

with firewalls such as Palo Alto or Fortinet Hands on knowledge of endpoint security tools such as Microsoft Defender or Sophos Experience working with SIEM or security monitoring platforms Understanding of secure network architecture including DNS and TCP IP Experience securing Azure or AWS environments Knowledge of incident response and ...

and infrastructure standpoint. Strong networking background, including understanding of network security principles, firewalls, VPNs, routing, and segmentation. Experience with a range of security tools (SIEM, monitoring, detection, and response platforms). Proven experience delivering and supporting certificate automation. Experience operating in enterprise or regulated environments. Comfortable working across project delivery ...

Strong understanding of security risks, threat vectors, and monitoring techniques across Linux and/or Windows environments Proven experience designing, building, and tuning detections (SIEM/EDR), conducting detection engineering, and supporting security tooling/infrastructure Experience in incident response, threat hunting, and forensic analysis Knowledge of network security architecture ...

successful in this role, candidates should bring: 35 years experience in SOC, incident response, or threat analysis roles Strong hands-on experience with SIEM and EDR tools Deep understanding of: Incident response methodologies Malware behaviour and analysis Threat detection and investigation techniques Proven ability to: Investigate and respond to high ...

tracking remediation, validating fixes, and assisting with reporting. Develop and maintain playbooks, runbooks, and procedural documentation. Required Skills: Microsoft Defender XDR Microsoft Sentinel (SIEM/SOAR) Privacy Management Solutions (e.g. Purview, OneTrust) Understanding of key cybersecurity and privacy concepts, such as Threat detection and analysis, Incident response lifecycle, Vulnerability and ...

with DLP incident handling, remediation and reporting - Experience with the following products would be highly advantageous; Microsoft Defender for Endpoint, Thales, Crowdstrike Falcon and SIEM, CyberArk, Rapid7 and Palo Alto Products - CISSP or CEH certification desirable Lead Information Security Engineer In accordance with the Employment Agencies and Employment Businesses Regulations ...

incident handling, remediation and reporting - Experience with the following products would be highly advantageous; Microsoft Defender for Endpoint, Thales, xkybehq Crowdstrike Falcon and SIEM, CyberArk, Rapid7 and Palo Alto Products - CISSP or CEH certification desirable Lead Information Security Engineer In accordance with the Employment Agencies and Employment Businesses Regulations ...

with Git and documentation practices Detail-oriented, proactive, and keen to learn Nice to have Exposure to incident response or security operations Experience with SIEM, EDR or similar tooling Interest in automation, CI/CD, or infrastructure-as-code Understanding of authentication systems (SSO, OAuth, LDAP) or HTTP fundamentals ...

management at production scale - Network flow log analysis and intrusion detection engineering - building detection logic for lateral movement, beaconing, anomalous egress, and C2 patterns - SIEM engineering: detection rule authoring (KQL, SPL, or equivalent), log pipeline design, alert correlation, triage workflow - you write the rules, not just read the dashboard - Endpoint ...

management at production scale - Network flow log analysis and intrusion detection engineering - building detection logic for lateral movement, beaconing, anomalous egress, and C2 patterns - SIEM engineering: detection rule authoring (KQL, SPL, or equivalent), log pipeline design, alert correlation, triage workflow - you write the rules, not just read the dashboard - Endpoint ...

looking for: • Strong hands-on experience across Security Engineering, Security Operations and Incident Response • Experience implementing and configuring enterprise security tooling • Strong understanding of SIEM/detection engineering/SOC environments • Experience securing complex cloud environments (AWS/GCP/Azure) • Good understanding of networking, infrastructure and platform engineering • Experience ...

implement, and enforce appropriate protective and detective security controls, policies, and procedures. The role includes the administration and operational management of security tooling and SIEM platforms, with responsibility for monitoring, detecting, and responding to cyber threats, intrusions, and unauthorised or suspicious activity. This includes Microsoft Sentinel (data and source tuning … standards and frameworks such as NIST, ISO 27001, and NCSC CAF. Person SpecificationEssential: Demonstrated experience with Microsoft Sentinel, Microsoft Defender for Endpoint/Cloud SIEM tools, threat intelligence platforms, and vulnerability management. Technical experience securing Microsoft Azure and Amazon Web Services cloud environments as well as on-premise/virtual ...

technologies and modern software development approaches. You’re comfortable working across cloud and on‐premise environments, using tools such as identity and access management, SIEM, firewalls and secure remote access. You understand DevOps and SecOps ways of working, are used to operating at pace in a culture of continuous release ...

Strong leadership capability, with experience mentoring or guiding analysts Proven experience acting as an escalation point for high-severity incidents Deep technical expertise in: SIEM and EDR platforms Threat detection and incident response methodologies Malware analysis and attack investigation Ability to: Lead incident response across containment, eradication, and recovery Correlate ...

Planning required levels of cyber investment including governance, tooling and staffing within the CSOC Essential skills & experience Proven experience managing Security Event Monitoring operations — SIEM/SOAR, antivirus, network and host IDS/IPS Strong working knowledge of NCSC incident response processes, GDPR, NIS regulations and MITRE ATT&CK Experience ...

Planning required levels of cyber investment including governance, tooling and staffing within the CSOC Essential skills & experience Proven experience managing Security Event Monitoring operations — SIEM/SOAR, antivirus, network and host IDS/IPS Strong working knowledge of NCSC incident response processes, GDPR, NIS regulations and MITRE ATT&CK Experience ...