1 to 25 of 26 Permanent SIEM Jobs in Preston

cause analysis, and provide incident response support Conduct regular vulnerability assessments and penetration testing; assist in remediation efforts Maintain and manage SIEM (Security Information and Event Management) tools and log analysis Develop and enforce security policies, standards, and procedures Work with IT and development teams to implement secure system designs … experience in an information security or cybersecurity role Strong understanding of security principles, frameworks, and practices (e.g., CIA triad, defense in depth) Experience with SIEM tools, intrusion detection/prevention systems (IDS/IPS), firewalls, and endpoint protection Familiarity with vulnerability scanning tools (e.g., Nessus, Qualys) and remediation processes Knowledge More ❯

environments (e.g., Azure) and end-user devices. Hands-on expertise with security tools and technologies, such as Defender for Cloud, Defender for Endpoint, and SIEM solutions. Solid background in implementing and managing security policies via Microsoft Intune and Group Policy (GPO) to secure endpoints and applications. Proven ability to monitor More ❯

improvements. Prepare comprehensive reports for clients. Technical skills: Demonstrated experience in responding to and investigating incidents whilst utilizing various monitoring, detection and investigation tooling – SIEM, SOAR, EDR etc. Proficiency in log analysis of Networking, Windows, Mac and Linux and Cloud. Understanding of evidence collection process based on priority. Strong understanding More ❯

staff based on industry best practice. Experience in business growth and bid development is desirable. What We’re Looking for: Essential Experience in operating SIEM tools and vulnerability management software and being able to interpret and prioritise alerts, incidents and threat intelligence. Desirable Security Blue Team 1 or higher CompTIA More ❯

relevant industry certifications (e.g. CySA+, Security+) and risk management knowledge (essential) Knowledge and experience working across a diverse range of cyber security tools, including SIEM technologies, EDR, NIDS etc. (essential) Self-motivated with a willingness to go the extra mile to achieve important goals (essential) Excellent verbal and written communication More ❯

will require active SC-Clearance and prior experience with a broad range of cybersecurity tools. Key Responsibilities: Working closely with the SOC to implement SIEM technology Automating security workflows to streamline incident response Utilising cloud environments across both Azure and AWS. Assisting with Incident Management Contributing to platform automation and More ❯

understanding of SOC best practices, incident response, and regulatory frameworks (e.g., GDPR, NIST, ISO 27001). Hands-on experience with security technologies such as SIEM, IDS/IPS, EDR, etc. Excellent communication skills, including the ability to explain technical topics to non-technical audiences Apply here or reach out to More ❯

You 3-5 years of experience in cyber security roles, with hands-on involvement in implementing frameworks like NIST, eCAF, or ISO27001 Experience in SIEM, Vulnerability Management, Threat Intelligence, and IAM tools Background in supporting enterprise-level security initiatives aligned with regulatory or certification standards If you're interested in More ❯

engineering. Experience with scripting or programming (Python, PowerShell, Bash, etc.). Relevant SOC certifications (e.g., CREST, Blue Team Level 1). Exposure to additional SIEM tools such as QRadar. Benefits: 25 days annual leave (plus option to purchase more). Health cash plan, life assurance, and company pension. Flexible benefits More ❯

against basic and advanced threat actors. You will be responsible for the automation workflow design and use case development. You will work on the SIEM detection content development and false positive reduction. You will be in charge of robust and detailed incident response to threats, investigation, and triage of day More ❯

NETbuilder is a leading provider of digital solutions, software, consulting, and managed services. We work across multiple sectors, with specialist expertise in the financial, government and commercial markets. Since 1999, we have been providing end-to-end solutions across Digital More ❯

cyber incidents, offering reassurance and expert guidance Produce detailed incident reports with root cause analysis and actionable recommendations Perform forensic and log analysis using SIEM, EDR, SOAR, and other security tools Collaborate across teams to enhance response playbooks and internal processes Stay informed on emerging threats and tactics to strengthen More ❯

global business risk/objectives. This role is focused on technical operations and support of various information security tools including event/incident management (SIEM), cloud security, endpoint detection and response, email security, and vulnerability management. This position will be responsible for supporting the Director IT Security in reviewing and … will be done monthly. Deploy new information security tools, services, processes, and procedures to support the information security roadmap. Support information security services including SIEM, MDR, endpoint technology, secure email gateway, cloud security, certificate management, network security, and vulnerability management. Respond to critical incidents in a timely manner in partnership More ❯

UK enterprise IT infrastructure against cyber threats through the configuration, installation and maintenance of Cyber Security Technical Control Software solutions and compensating controls Supporting SIEM (On-premise and Cloud), SOAR, Protection and Monitoring technologies Continuously work towards organisational, departmental and individual objectives and uphold security standards and principles Production of … a green car scheme, private health plans and shopping discounts - you may also be eligible for an annual incentive. The EIT Cyber Security Engineering SIEM team: Within EIT Cyber Security Engineering - Team SIEM, the primary focus is to provide and maintain the UK Cyber Security Operations Enhanced Protective Monitoring Capability … platform (EPMC). The SIEM, both on-premise and cloud based, collates system logs to create a searchable dataset for analysis. This allows the EIT Cyber Security Operations Centre to monitor, search, analyse and visualise the data for potential threat alerts. You'll be joining a function that's been More ❯

/Open API specs for vulnerabilities Advise on secure API design patterns Familiar with fallback controls such as WAF's, API gateways Experience using SIEM/logging tools to track API threats Familiarity with NIST, OWASP SAMM, or internal security frameworks Experience producing risk dashboards/reports for API's More ❯

Password Vault Web Access) PSM (Privileged Session Manager) AAM (Application Access Manager) Conjur (Secrets Management) Integrate CyberArk with other security tools and platforms (e.g., SIEM, IAM, ITSM). Configure and manage safes, platforms, and policies within CyberArk. 3. Operational Management: Monitor and maintain the CyberArk environment to ensure optimal performance … PVWA, PSM, AAM, Conjur). Strong understanding of privileged access management concepts and best practices. Experience with integrating CyberArk with other security tools (e.g., SIEM, IAM, ITSM). Proficiency in scripting languages (e.g., PowerShell, Python) for automation and customization. Excellent problem-solving and troubleshooting skills. Preferred: Experience with cloud platforms More ❯

config portals). For example, hands-on configuration across the different security platforms, working with Cloud and on-prem AD, EntraID, M365, working on SIEM logic and configs with MSSP, scripting/coding, and troubleshooting configurations day to day. Hybrid/Location: 2 days per week in the City of … Systems Engineering Demonstrated ability working with IT System Administration of Azure (Security Centre), Defender (ATP), M365, and Windows (on-premise Active Directory) Security monitoring, SIEM tooling such as Exabeam, QRadar, Splunk,k, and Sentinel. Senior experience with security management and incident response across SOC, Malware Ransomware, Threat/Analytics, Server More ❯

and compliance responsibilities. Role Highlights Monitor, detect, and respond to security incidents and vulnerabilities Own and manage key elements of the security stack, including SIEM and DLP tools Lead audits, penetration testing, and remediation actions to uphold ISO27001 & SOC2 compliance Collaborate with product teams to embed security into the development … KPI-driven security reports and dashboards for internal stakeholders Experience needed: 1+ year in a SOC or similar cybersecurity role Hands-on experience with SIEM, IDS/IPS, and vulnerability scanning tools Knowledge of AWS, Linux, Windows, IAM (e.g. Okta), and firewalls Understanding of ISO27001, SOC2, GDPR, and third-party More ❯

Job Title: SIEM Engineer Location: Remote Salary: £40,000 - £50,000 The Company An exciting opportunity has arisen at an award-winning Microsoft Partner for a SIEM Engineer. The business is a fast-growing, industry-leading managed service and managed security service provider, delivering to mid-sized and large enterprise … clients. This is a fantastic opportunity for a SIEM Engineer to continue developing their expertise in security platforms at an established Microsoft Partner. The company places strong emphasis on staff development, offering support for training and professional certifications. You’ll also gain exposure to cutting-edge technologies, working across security More ❯

up to £75000 Per annum Languages: Mandarin Chinese and English Key Responsibilities: 1. Security Monitoring & Incident Response Monitor security tools (firewalls, IDS/IPS, SIEM) to detect and analyze potential threats. Investigate security alerts, logs, and incidents (e.g., malware, unauthorized access, breaches). Assist in incident response and remediation efforts. … IP telephony). Technical Skills: Hands-on experience with OSPF, BGP, STP, NAC, and IPT (Cisco). Proficiency in network monitoring tools, NDR, and SIEM systems. Knowledge of vulnerability assessment tools and patch management. Soft Skills: Ability to work under pressure and handle emergencies. Strong communication and collaboration skills. Working More ❯

the implementation and management of various security technologies. Main responsibilities: Analysing security events and incidents relating to internal and customer assets. Designing and developing SIEM security use cases. Designing and implementing security controls and secure configurations. Maintaining proactive vulnerability scanning ensuring that all known vulnerabilities are addressed in line with … internal stakeholders to discuss security related matters. Skills Required: Proven hands-on experience as a Security Engineer or similar working with tools such as SIEM, vulnerability management, endpoint detection & response (EDR), applications security, identity, and access management, etc. Ability to work in a small high performing team, collaborating with other … with experience of learning, adapting and utilising different security technologies, including but not limited to private and cloud infrastructure. Technical knowledge and experience with SIEM, SOAR, IDPS, DDoS, Malware Protection, Vulnerability Management, and Application Security tooling, etc. Knowledge of Information Security frameworks (CIS, NIST, NCSC CAF), supporting processes and toolsets. More ❯

You'll own and optimise enterprise-wide log onboarding into Microsoft Sentinel – deploying standard and custom connectors, Function Apps, and parsers to build tailored SIEM solutions that drive real-world threat detection and response. Log ingestion at scale across numerous hybrid and multi-cloud environments Enhance custom Function Apps and … Experience building and integrating complex Microsoft Sentinel at SMC and enterprise Understanding of security telemetry across identity, endpoint, cloud, and network layers Experience in SIEM content development, including KQL, analytics rules, and custom data connectors Scripting and engineering skills – Python, PowerShell, APIs, Function Apps A background in cyber threat detection More ❯

technologies. Create and maintain detection rules and logic to identify suspicious activity and potential security threats. Participate in the creation, implementation, and optimisation of SIEM event correlation rules, logic, and content to filter out security events associated with known network behaviour, false positives, and errors. Support the transition of project … technologies such as NDR/content filtering/FW/IPS/IDS/DDOS, EDR/MDR, DAST/SAST, Identity Access Management, SIEM & SOAR, log management. Preferable experience in Azure, AWS, Defender, Darktrace. Experience and technical knowledge in multiple areas of cyber defence operations. Experience as a Cyber More ❯

contract XSIAM Engineer with deep expertise in Palo Alto Networks technologies , ideally coming from an XSOAR background , and possessing strong experience across XDR and SIEM environments. This is a key role within our security operations function, focused on enhancing detection, automation, and response capabilities. *For this role you must be … and manage security automation workflows , drawing from previous XSOAR experience Integrate and optimize XDR capabilities to support proactive threat detection Set up and maintain SIEM-style log ingestion , correlation rules, and enrichment pipelines Build custom dashboards and reporting tools for real-time security insights Troubleshoot complex issues related to XSIAM … XSIAM in real-world environments but will consider strong XSOAR Consultants who want to evolve into XSIAM. Strong understanding of Security Operations, XDR , and SIEM principles Proficient in scripting and automation (e.g., Python, PowerShell) Solid experience with log analysis , event correlation, and alert tuning Needs to be eligible for SC More ❯

I am currently supporting a business engaged in the setup and deployment of a new Security Information and Event Management (SIEM) solution. The scope of work includes replacing the existing Trend Micro infrastructure and rolling out CrowdStrike across all server environments to enhance threat detection and response capabilities. Job Title … Job Type: 3 month Contract Contract: Outside I35 Location: Remote Responsibilities: Collaborate with delivery teams and the client to develop SOC playbooks supporting both SIEM and SOC operations. Design and implement SOAR workflows to automate incident response processes. Configure correlation searches and alerting mechanisms, optimising rules to minimise false positives. … Serve as the Subject Matter Expert (SME) for SIEM deployment, supporting data ingestion from sources such as AWS and Qualys. Assist in the integration of SIEM alerts with Jira, enabling streamlined alert tracking and incident management. Define and configure alert severity levels within SIEM, SOAR, and Jira to align with More ❯