1 to 25 of 27 Permanent SIEM Jobs in the North of England

Analyst * Detection & Response Lead * Cyber Security Team Lead You'll ideally bring experience across some of the following: * Security Operations and Incident Response * SIEM, EDR/XDR and security monitoring tools * Vulnerability Management * Threat Detection and Threat Hunting * Cloud Security (Azure, AWS or GCP) * Security Frameworks such ...

incidents alongside the Head of Cyber Work with the existing MSSP across incident response and proactive monitoring and detection Maintain and optimise Microsoft Sentinel SIEM, XDR/MDR/EDR solutions, and supporting tools. Track deployment and health of all security products across the business. Stay ahead of emerging threats ...

scenarios and leading in-depth CTI investigations. Act as the escalation tier for cyber threat intelligence tasks within Cyber Security tooling including EDR and SIEM tooling. Interrogate threat intelligence and internal security tooling to identify items of interest and potential cyber threats. Proactive research and assessment of Tactics. Techniques and ...

from colleagues and service delivery teams Support and coordinate patch management activities, validating effectiveness through vulnerability scanning Oversee and operate key security technologies, including SIEM, email and web gateways, and endpoint protection tools Monitor external threat intelligence sources and assess relevance to the organisation Produce and report on security metrics … operational performance Technical expertise Good understanding of information security principles, risk management and the threat landscape Experience of operating and monitoring security tooling, including SIEM, endpoint protection, and email/web security solutions Ability to proactively conduct threat hunting activities and develop or enhance detection analytics to improve identification ...

Databricks ITSM : ServiceNow EUC : Intune, SCCM Applications : CRM, ERP, HCM, Finance Infrastructure : servers (cloud/on prem), networking, storage, backup Cloud : Azure Cyber Security : SIEM, XDR, IPS/IDS, NIST, ISO27001 ...

time effectively Excellent interpersonal skills and professional demeanour Excellent verbal and written communication skills Proficient in Microsoft Office Applications Proficient in the use of SIEM (Security Incident and Event Management) technology, in terms of handling alerts, analysis of the data within the alert and rationale on whether escalation or closure ...

security-related role Experience following change management and similar ITIL best practice Strong knowledge of security technologies (NGFW, WAF, EDR, SIEM etc.) Security certification, e.g. CompTIA Security+, GIAC GISF/GSEC Progression: Professional qualification financial support with up to 6 days paid study leave for professional qualifications Training and personal ...

enterprise clients Create high-level and low-level architecture designs and technical specifications Work with cloud platforms, directories, HR systems, and security tools (SIEM, MFA) Define operating models, roadmaps, and maturity assessments (Senior and above) Develop client proposals, commercial offers, and executive presentations (Senior Manager and above) Build and maintain ...

closely with infrastructure, cloud, and SOC teams to detect, prevent, and respond to security threats. Key Responsibilities Monitor and respond to security alerts across SIEM and EDR platforms Manage and tune security tools including firewalls, WAFs, and endpoint protection Investigate and support response to security incidents Perform vulnerability assessments and … policies, standards, and procedures Assist with threat detection engineering and rule tuning Required Skills & Experience Strong understanding of core security technologies (NGFW, WAF, EDR, SIEM) Experience in a SOC, security engineering, or infrastructure security role Good knowledge of networking and common attack types (e.g. SQL injection, phishing, malware) Experience with ...

likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible for un-caveated UK SC Clearance. … Responsibilities Develop, maintain, and optimise detection content (primarily within Splunk SIEM) to identify threats across cloud, endpoint, and network environments. Collaborate across security functions to identify gaps in logging, alerting, and detection coverage aligned to business risk. Improve SecOps processes by recommending enhanced logging, identifying trends, and driving operational optimisation. ...

likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible for un-caveated UK SC Clearance. … Responsibilities Develop, maintain, and optimise detection content (primarily within Splunk SIEM) to identify threats across cloud, endpoint, and network environments. Collaborate across security functions to identify gaps in logging, alerting, and detection coverage aligned to business risk. Improve SecOps processes by recommending enhanced logging, identifying trends, and driving operational optimisation. ...

understanding of Information Security solutions e.g. email/web gateways, Privileged Account Management (PAM), Identity Governance and Administration (IGA), Security Information and Event Management (SIEM), Endpoint protection etc. Knowledge/experience working with firewalls is highly advantageous Experience of Cloud security solutions and standards is highly advantageous Competence, knowledge and ...

within 18 months following your successful probationary period. Key Responsibilities Incident Triage & Investigation – You review and prioritise new alerts from security monitoring tools (e.g., SIEM, endpoint solutions), performing basic checks to distinguish genuine threats from false positives. You rely on established playbooks and make initial validation decisions while escalating more ...

closely with infrastructure, cloud, and SOC teams to detect, prevent, and respond to security threats. Key Responsibilities Monitor and respond to security alerts across SIEM and EDR platforms Manage and tune security tools including firewalls, WAFs, and endpoint protection Investigate and support response to security incidents Perform vulnerability assessments and … policies, standards, and procedures Assist with threat detection engineering and rule tuning Required Skills & Experience Strong understanding of core security technologies (NGFW, WAF, EDR, SIEM) Experience in a SOC, security engineering, or infrastructure security role Good knowledge of networking and common attack types (e.g. SQL injection, phishing, malware) Experience with ...

Engineer, Infrastructure Security Engineer, Network Security Engineer, Platform Security Engineer, Cyber Security Engineer or DevSecOps Engineer with strong enterprise firewalling, secure infrastructure, Elastic/SIEM, public cloud security and hands-on security engineering experience. This is a senior, hands-on role working across firewalling, on-premise and cloud security, secure … Working with VMware NSX/vDefend security controls, including distributed firewall policies and micro-segmentation Working with Elastic Stack/Elastic Security for logging, SIEM, monitoring, threat detection and dashboards Supporting AWS/public cloud security across secure and regulated environments Hardening Windows Server environments, Active Directory, Group Policy and ...

will apply hands-on engineering expertise to design, build, and optimise automation workflows that improve the scalability and efficiency of SOC services. Working across SIEM, endpoint, and orchestration platforms (primarily Palo Alto XSOAR), you will reduce analyst workload, accelerate incident response, and enhance decision-making across customer environments. Key Responsibilities … Sales Support – Assist with demos, scoping, and proof-of-value activities where required. Core Duties Automation Design & Development Build and maintain workflows across SIEM, EDR, and SOAR platforms Develop reusable scripts, templates, and components Ensure solutions support secure, multi-tenant environments Integration & Response Automation Orchestrate containment, enrichment, and remediation actions ...

with BAE Systems in Preston on helping them source a Systems Administrator that has a couple of years' experience working with Linux (RHEL) and SIEM technologies. About the Role This role focuses on the day-to-day administration, monitoring, and support of Red Hat Linux servers within an enterprise environment ...

full incident response lifecycle (detection through to recovery and post-incident review) Overseeing threat detection, vulnerability management, and cyber defence capabilities Driving improvements across SIEM, SOAR, EDR/XDR, and security tooling Ensuring robust monitoring, alerting, and response across cloud, network, and endpoint environments Partnering with Infrastructure, Cloud, and Risk … performance, risks, and KPIs to senior stakeholders What We're Looking For Proven experience leading a Security Operations or SOC function Strong understanding of SIEM, SOAR, EDR/XDR, IDS/IPS, and security tooling Experience managing incident response and threat management in complex environments Strong knowledge of frameworks such ...

latest security and cloud technology developments, including researching and evaluating emerging cyber threats affecting cloud services and platforms. Use advanced analytic tools, including SIEM and cloud security platforms, to identify emerging threat patterns, suspicious activity and vulnerabilities across cloud environments. Apply experience and knowledge to support the investigation and triage … posts early. Don't miss out! Person Specification Knowledge Essential Working knowledge of concept, procedures and processes of Security Information and Event Management (SIEM); ability to utilise related applications to protect organisational networks from cyber risks. Proven knowledge of tools, techniques and processes of intrusion detection and prevention; ability ...

posts early. Don't miss out! Person Specification Knowledge Essential Working knowledge of concept, procedures and processes of Security Information and Event Management (SIEM); ability to utilise related applications to protect organisational networks from cyber risks. Proven knowledge of tools, techniques and processes of intrusion detection and prevention; ability ...

enjoys working across a broad technology estate and keeping up to date with emerging threats and security technologies. Key Responsibilities: * Monitor and develop SIEM and threat detection platforms * Investigate and respond to security incidents and alerts * Support vulnerability scanning, remediation, and reporting activities * Assist with development of security policies, procedures … cyber threats and recommend improvements where appropriate Key Skills & Experience: * 2-4 years' experience within a cybersecurity or infrastructure security role * Experience working with SIEM tools and vulnerability management platforms * Strong understanding of EDR, XDR, MDR, IDS/IPS technologies * Good knowledge of Microsoft security technologies and infrastructure environments * Understanding ...

technologies and play a hands-on role in building a more resilient and secure environment. Key Responsibilities Take ownership of monitoring and developing SIEM activity across the environment, helping to improve detection capability over time Manage and enhance endpoint and threat detection tooling (including EDR, XDR, and MDR platforms … backup, disaster recovery, and data protection measures Skills & Experience: Demonstrable experience in a cybersecurity or infrastructure-focused security role Practical, hands-on exposure to SIEM platforms and vulnerability management tools Strong understanding of endpoint detection and response technologies (EDR, XDR, MDR) Good working knowledge of common cyber threats, attack methods ...

techniques and tools to perform network defence Skills & Experience Essential Knowledge of concept, procedures and processes of Security Information and Event Management (SIEM); ability to utilise related applications to protect organisational networks from cyber risks. Desirable Knowledge of technologies, methods and tools of forensics investigations for IT security violations ...

improvements and engineering enhancements Support detection engineering, tuning, and platform optimisation Lead automation and SOAR initiatives to improve efficiency Collaborate with SOC providers on SIEM governance and data ingestion Ensure platforms meet regulatory and compliance requirements Maintain engineering documentation, standards, and governance Represent engineering in client governance and audit activities … issues Experience & Knowledge Essential: Significant experience in security engineering and platform management Strong leadership experience managing technical teams Deep knowledge of Microsoft Defender and SIEM platforms (e.g. Sentinel) Experience in hybrid cloud and on-prem environments Strong understanding of security architecture and frameworks Experience in regulated environments (e.g. financial services ...

with BAE Systems in Preston on helping them source a Systems Administrator that has a couple of years' experience working with Linux (RHEL) and SIEM technologies. About the Role This role focuses on the day-to-day administration, monitoring, and support of Red Hat Linux servers within an enterprise environment. … system health, troubleshooting issues, and ensuring reliable performance across both Linux and Windows platforms. Alongside core system administration duties, you'll support security tooling (SIEM and SOAR), ensuring systems are correctly configured to collect, process, and deliver accurate data. You'll also help onboard new systems and data sources, ensuring ...