Security: Skilled in implementing information protection tools, key and secrets management, data loss prevention, and protective marking and classification capabilities. Cyber Security Operations: Proficient in incident response, vulnerability management, SIEM, SOAR, threat modeling, threat hunting, intelligence, data analytics, and anti-phishing methodologies. Infrastructure and Endpoint Security: Experience with endpoint security control technologies (EDR, EPP, UEBA, baseline configurations) including the Microsoft More ❯
cause analysis and liaise with the customer and the Service Delivery Manager as well and ensuring the actions of the SOC Analysts follow best practice. Security Monitoring: & Investigation: Monitoring SIEM tools to assure high a level of security operations delivery function Oversee and enhance security monitoring systems to detect and analyse potential security incidents. Conduct real-time analysis of security … vulnerabilities, integrating threat intelligence into security monitoring processes. Contribute to the development of threat intelligence feeds to enhance proactive threat detection. Proactively hunt for threats within enterprise environments using SIEMand EDR solutions. Fine-tune SIEM detection rules, correlation alerts, and log sources to reduce false positives. Analyse threat intelligence feeds, map findings to MITRE ATT&CK framework, and provide … mechanisms. Conduct adversary simulation exercises to test and improve detection capabilities. Generate detailed reports on emerging threats, attack trends, andsecurity posture improvements. Monitored and analysed security logs from SIEM platforms to identify suspicious activity. Security Tool Management: Manage and optimise SIEM tools, ensuring they are properly configured and updated to maximize effectiveness. Own the development and implementation of SOC More ❯
Organisational Environment. This role is critical in identifying and responding to security incidents to protect our customers information assets. What will you be doing? •Monitor SecurityInformation & EventManagement (SIEM) Tools: Continuously monitor SIEM tools to pro-actively engage with and investigate potential security incidents. •Incident Identification and Triage: Identify, analyse, and prioritize security incidents, escalating them as necessary within … Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field. •Experience: experience in IT Security or Security Operations Team. Network Security Experience may be considered if SIEM specific qualifications and exposure are evident in the applicant’s experience. •Desirable Certifications (any of): •Microsoft AZ-200 •ISC2 Certified in Cybersecurity •CompTIA Security+ Internal •CompTIA CySA+ •Demonstrable experience using … Microsoft Sentinel or Similar SIEM tooling. •Familiarity with security tools and technologies such as SIEM, IDS/IPS, firewalls, and antivirus software. •Proficiency in using log analysis tools and basic scripting languages (e.g., Python, PowerShell) is a plus Why come and work with us at Systal? Competitive salary and benefits package. Unrivalled training and development, ensuring you stay at the More ❯
Attention to detail Desirable but Not Essential: Experience working in a Law firm and/or with legal software Experience working with Microsoft Defender for Endpoint, Sentinel, or other SIEM tools. Exposure to compliance standards such as ISO 27001, Cyber Essentials+, or NIST. Understanding of identity and access management, conditional access, and zero-trust concepts. Certifications such as CompTIA Security+ More ❯
security-specific experience, support by relevant industry certifications (e.g. CySA+, Security+) and risk management knowledge (essential) Knowledge and experience working across a diverse range of cyber security tools, including SIEM technologies, EDR, NIDS etc. (essential) Self-motivated with a willingness to go the extra mile to achieve important goals (essential) Excellent verbal and written communication skills, including the ability to More ❯
Strong cyber security-specific experience supported by relevant industry certifications (e.g., CySA+, Security+), and risk management knowledge. Knowledge and experience with a diverse range of cyber security tools, including SIEM, EDR, NIDS, etc. Self-motivated with a willingness to go the extra mile to achieve goals. Excellent verbal and written communication skills, capable of explaining technical concepts to both technical More ❯
. Excellent analytical, problem-solving, and execution skills (essential). Relevant industry certifications (e.g., CySA+, Security+) and risk management knowledge (essential). Experience with cyber security tools such as SIEM, EDR, NIDS (essential). Self-motivated with a proactive attitude (essential). Strong verbal and written communication skills, capable of explaining technical concepts to diverse audiences (essential). Experience monitoring More ❯
and the gathering of data in support of them Own completion and accuracy of all SecOps-related product delivery evidence Key Skills Security products (M365 Defender stack, Sentinel/SIEM, email filtering (including authentication protocols), AV, firewalls, WAFs, Defender for Cloud) Security Testing (SAST, DAST, vulnerability scanning, configuration compliance scanning) Virtualisation platforms and operating systems, including Hyper-V and Windows More ❯
on technical expertise in building AWS cloud security capabilities in code and deploying infrastructure in code Implementation experience with enterprise security solutions such as WAF, IPS, Anti-DDOS, andSIEM PREFERRED QUALIFICATIONS Experience in supporting internal and external customers. You understand what it means to draw out critical customer needs and focus your knowledge and creativity to deliver practical outcomes More ❯
security function within a regulated business. Specifically, you will possess: Extensive risk management, and regulatory compliance experience Strong technical knowledge of security infrastructure, cloud platforms and modern security tooling (SIEM, SOAR). Excellent communication and stakeholder engagement skills. Most importantly you will have a track record of building high-performing teams. More ❯
It's about bringing your skills, curiosity, creativity, and your true self to your work. Due to continued growth, DXC Technology has a great opportunity for an experienced Lead SIEM Engineer to join our Microsoft and Cloud Security Practice based in either our Erskine or Farnborough sites. Successful candidates will be required to be based in the UK and hold … or be eligible for SC/DV clearance. Job Essentials: SIEM Engineer skills, preferably ArcSight. Office-based role 5 days a week from either Erskine or Farnborough. Security clearance level of DV must be obtained and is an essential requirement for this role. Job Functions: Drive technical and architectural improvement of the ArcSight SIEM managed service and tools used to … management, troubleshooting, and tuning. Maintain documentation of the managed infrastructure. Engage with other DXC technical teams, providing technical assistance where appropriate. Act as a technical escalation point for ArcSight SIEM-specific incidents for both service and technical matters. Design, review, and implement ArcSight architecture and components. Demonstrate troubleshooting skills on ArcSight and its components. Mentoring experience, necessary for training junior More ❯
A forward-thinking Financial Services firm is seeking a Threat Detection Engineer to join its Cyber Security team. This role is crucial in managing and improving the firm's SIEM solution. You will be responsible for designing and developing monitoring systems, onboarding data from various sources, and automating responses to Cyber Security incidents. Key responsibilities include: SIEM Solution Management: Oversee … lifecycle from deployment to continuous improvement. Use Case Development: Design and implement use cases to support security monitoring and incident response. Threat Intelligence Integration: Integrate external CTI into the SIEM platform to enhance proactive threat detection. To be considered for this role, you should have a background as a Threat Detection Engineer, ideally with experience using Splunk and Sentinel, andMore ❯
Terraform for Fabric Landing Zones and Purview Governance. Experience with Fabric Tenant Settings, Workspace Templates, and network configurations including VNET, Private Link, and Private DNS. Knowledge of logging andSIEM integrations with Microsoft Sentinel and ServiceNow. Understanding of deployment methodologies such as Waterfall, Agile, Scrum. More ❯
