1 to 25 of 33 Permanent SIEM Jobs in the South East

automating processes. Working knowledge of SecDevOps tools and methodologies. Excellent analytical and problem-solving skills. Strong communication and documentation abilities. Hands on experience with SIEM solutions i.e. Splunk, ArcSight, LogRhythm Communication and Soft Skills Experience speaking to and working with leadership as well as ability to write reports and present ...

/EDR across endpoints, O365, and Azure servers (P2), with a focus on advanced threat detection and automated response. Skilled in Microsoft Sentinel SIEM/SOAR setup, tuning, and KQL query development for detection engineering and incident investigation. PowerShell/Python scripting for automating Microsoft security tooling, plus experience securing ...

junior engineers Key experience & skills: Proven experience in an IT solutions, service desk or engineer role Strong knowledge of network security, firewalls, EDR, and SIEM tools Experience securing Microsoft Azure and/or AWS environments Hands-on endpoint security experience (Defender, Sophos, Bitdefender or similar) Understanding of Cyber Essentials/ ...

scripting such as Python, Perl, Bash, PowerShell, C++. CREST Practitioner Intrusion Analyst/Blue Teams Level 1 or other SOC related certifications. Experience with SIEM technologies, namely Sentinel and Splunk, with some experience with QRadar. If you are interested in this role but not sure if your skills and experience ...

policies, and standards Own vulnerability management, security monitoring, and incident response Ensure compliance with NCSC, PSN, PCI-DSS, GDPR and other national frameworks Manage SIEM, Microsoft security tooling (Sentinel/Defender/E5), identity & access, firewalls, and endpoint protection Advise on secure design for projects and change governance Prepare annual ...

junior engineers Key experience & skills: Proven experience in an IT solutions, service desk or engineer role Strong knowledge of network security, firewalls, EDR, and SIEM tools Experience securing Microsoft Azure and/or AWS environments Hands-on endpoint security experience (Defender, Sophos, Bitdefender or similar) Understanding of Cyber Essentials/ ...

with live incidents, real attackers, and industry-leading tools — not just alert watching. What you'll be doing Monitoring, triaging & investigating alerts across SIEM/EDR/XDR Analysing attacker behaviour & building incident timelines Escalating incidents with clear technical context Using tools such as Microsoft Sentinel, Google SecOps, Defender ...

with live incidents, real attackers, and industry-leading tools — not just alert watching. What you'll be doing Monitoring, triaging & investigating alerts across SIEM/EDR/XDR Analysing attacker behaviour & building incident timelines Escalating incidents with clear technical context Using tools such as Microsoft Sentinel, Google SecOps, Defender ...

with live incidents, real attackers, and industry-leading tools — not just alert watching. What you'll be doing Monitoring, triaging & investigating alerts across SIEM/EDR/XDR Analysing attacker behaviour & building incident timelines Escalating incidents with clear technical context Using tools such as Microsoft Sentinel, Google SecOps, Defender ...

with live incidents, real attackers, and industry-leading tools — not just alert watching. What you'll be doing Monitoring, triaging & investigating alerts across SIEM/EDR/XDR Analysing attacker behaviour & building incident timelines Escalating incidents with clear technical context Using tools such as Microsoft Sentinel, Google SecOps, Defender ...

with live incidents, real attackers, and industry-leading tools — not just alert watching. What you'll be doing Monitoring, triaging & investigating alerts across SIEM/EDR/XDR Analysing attacker behaviour & building incident timelines Escalating incidents with clear technical context Using tools such as Microsoft Sentinel, Google SecOps, Defender ...

with live incidents, real attackers, and industry-leading tools — not just alert watching. What you'll be doing Monitoring, triaging & investigating alerts across SIEM/EDR/XDR Analysing attacker behaviour & building incident timelines Escalating incidents with clear technical context Using tools such as Microsoft Sentinel, Google SecOps, Defender ...

with live incidents, real attackers, and industry-leading tools — not just alert watching. What you'll be doing Monitoring, triaging & investigating alerts across SIEM/EDR/XDR Analysing attacker behaviour & building incident timelines Escalating incidents with clear technical context Using tools such as Microsoft Sentinel, Google SecOps, Defender ...

more consultative, client-facing role. Ideal Background: Proven experience in cyber security design, architecture, or consultancy. Hands-on expertise across domains such as SIEM, SOAR, EDR, Vulnerability Management, WAF, IDAM , and Cloud Security . Strong understanding of vendor technologies (e.g., Fortinet, Palo Alto, Juniper ). Excellent communication and stakeholder engagement ...

solutions (MSP environment highly desirable). Deep product expertise in at least one area: Microsoft 365/Azure, cloud migration, cyber security (firewalls, EDR, SIEM), backup/DR, network infrastructure, or managed services. Proven ability to translate technical capabilities into business value for non-technical audiences. Understanding of the competitive ...

Check Point, Cisco, Fortinet, CrowdStrike, Netskope, F5, Akamai, and CyberArk Familiarity with security frameworks (ISO 27001, NIST, GDPR) and concepts like Zero Trust, SASE, SIEM/SOAR Familiarity with leading vendors and solutions across security, networking, and compliance frameworks Ability to engage confidently with C-level stakeholders and translate technical ...

management role in Security Operations. Location: Hybrid, London office 2x a week, 3 days from home. Key Responsibilities Monitor and analyse alerts from SIEM, EDR, firewalls, and other security platforms Lead and coordinate incident response activities Manage security projects including DPIAs, supplier assurance, penetration testing, and remediation Support evaluation and … Essential Experience & Knowledge Experience in Security Operations, Incident Response, or similar role Strong understanding of networking, Windows/Linux, and cybersecurity fundamentals Experience with SIEM (e.g., Sentinel, Splunk), EDR tools, and vulnerability platforms Understanding of security frameworks (ISO 27001, NIST, CIS) Working knowledge of Microsoft InTune Familiarity with GDPR and ...

responsible for a variety of day to day activities including: vulnerability management, patch management, email security and mobile device management assessing cyber threats, using SIEM & SOAR tools penetration testing continuous improvement, ensuring documentation is maintained in line with best-practice/standards support on project work About you Applicants ...

Doing Architect and deploy Microsoft Purview (DLP, classification, compliance) Implement the Defender suite (Endpoint, Identity, Cloud Apps, Office 365) Build and tune Sentinel SIEM: analytics rules, playbooks, KQL, automation Design Zero Trust controls via Entra ID: Conditional Access, PIM, RBAC Lead client-facing workshops and contribute to presales and security ...

provisioning and compliance. Integration knowledge across Microsoft Exchange, M365, VMware and enterprise IT ecosystems. Understanding of Zero Trust architecture, identity threat detection, and SIEM integration. Strong stakeholder management, influencing, and communication skills. Ability to translate complex technical challenges into executive-level decisions and investment cases Our company: Peace ...

security policies, procedures, and guidelines.- Conduct regular security audits and assessments to identify vulnerabilities and ensure compliance with industry standards (e.g., ISO 27001).- SIEM & Vulnerability Management.- Monitor and respond to security incidents, conducting investigations and implementing corrective actions.- Collaborate with IT and other departments to ensure the security … and interpersonal skills.**Preferred Qualifications:**- Experience with regulatory compliance requirements such as GDPR, HIPAA, or SOX.- Familiarity with security tools and technologies such as SIEM, DLP, and endpoint protection. CISA/CISSP/CCSP MCSA-Microsoft Windows Server MCSE- Microsoft Certified Solution Expert; MCITP-Microsoft Certified IT Professional; VMware Certified ...

and driving continuous improvement. Key Responsibilities Lead the design and implementation of Azure security best practices, policies, and controls. Manage and optimise Microsoft Sentinel SIEM, including rule creation, use-case development, automation, and threat hunting. Oversee vulnerability management activities using Tenable, ensuring timely identification, prioritisation, and remediation of risks. Support … Experience Required Strong hands-on experience with Azure Security Centre, Azure AD, Defender for Cloud, and cloud security architecture. Proven expertise in Microsoft Sentinel SIEM administration, threat detection, and automation (KQL experience desirable). Solid understanding of vulnerability management with Tenable (Tenable.io/Tenable.sc). Knowledge of industry security frameworks ...

operation of security systems and tools, including firewalls, intrusion detection/prevention systems (IDS/IPS), antivirus, anti-malware, SIEM (Security Information and Event Management), vulnerability scanners, and data encryption solutions. Manage vulnerability management programs, including regular scanning, penetration testing, and remediation of identified weaknesses. Lead and manage security incident … understanding of information security principles, frameworks (e.g., ISO 27001, NIST, Cyber Essentials), and best practices. Hands-on experience with security technologies such as firewalls, SIEM, IDS/IPS, vulnerability scanners, endpoint detection and response (EDR), and identity management solutions. Experience with cloud security (e.g., Azure Security). Proven experience ...

Delivery Qualifications: CISMP, CompTIA Security+ or other technical certifications desired Experience: 3+ years experience in SOC, or related technical field Understanding of the following: SIEM Cloud Computing Security Incident Management Networking Threat Intelligence Information Security Phishing, Ransomware and other key threats IDAM (Identity and Access Mgmt) JML (Joiners, Movers and ...

platforms (Microsoft 365/Azure). You will demonstrate experience handling escalations, ideally within an MSP environment and have an understanding of security tooling, SIEM, EDR, vulnerability/incident management, as well good written and verbal communication and being used to working to SLA’s Holding CompTIA Security, Microsoft Azure ...