1 to 25 of 41 Permanent SIEM Jobs in the South East

day-to-day operations of the Counter Threat Unit, ensuring security controls are effectively implemented across infrastructure and cloud environments. Configure, maintain, and optimise security tools and solutions (e.g., SIEM, EDR )to protect enterprise systems. Monitor systems and networks for anomalies, gather and analyse threat intelligence, and contribute to situational awareness. Investigate and resolve security incidents in line with organisational More ❯

will play a key part in implementing security controls, mitigating risk and contributing to the continuous improvement of the company's overall security posture. Responsibilities: * Monitor security tools including SIEM (QRadar) and respond to threat detection alerts * Triage, analyse and prioritise security (via ServiceNow) * Investigate root causes of security issues and design effective remediation solutions * Oversee Patch Management * Conduct vulnerability More ❯

background in cybersecurity or a related subject. Desirable Skills: Programming/scripting (Python, Bash, PowerShell, etc.). Additional SOC certifications (e.g., CREST Practitioner Intrusion Analyst). Experience with other SIEM platforms like QRadar. Additional Info: Permanent role with a salary up to £58K (depending on experience), plus shift allowance. Benefits include 25 days annual leave (plus buy/sell options More ❯

readiness and response. Key responsibilities of the role are summarised below: · Security monitoring and incident response · Detection engineering - Develop, maintain, and enhance security detection content primarily for the Splunk SIEM, to enable the detection of threats across diverse platforms (e.g. cloud, endpoints, and networks) · Use frameworks like MITRE ATT&CK to map detection rules and maximise threat coverage · Use analytical More ❯

and reverse engineering. Programming and scripting such as Python, Perl, Bash, PowerShell, C++. CREST Practitioner Intrusion Analyst/Blue Teams Level 1 or other SOC related certifications. Experience with SIEM technologies, namely Sentinel and Splunk. If you are interested in this role but not sure if your skills and experience are exactly what we’re looking for, please do apply More ❯

and reverse engineering. Programming and scripting such as Python, Perl, Bash, PowerShell, C++. CREST Practitioner Intrusion Analyst/Blue Teams Level 1 or other SOC related certifications. Experience with SIEM technologies, namely Sentinel and Splunk. If you are interested in this role but not sure if your skills and experience are exactly what were looking for, please do apply, wed More ❯

if you had: Programming and scripting such as Python, Perl, Bash, PowerShell, C++. CREST Practitioner Intrusion Analyst/Blue Teams Level 1 or other SOC related certifications. Experience with SIEM technologies, namely Sentinel and Splunk, with some experience with QRadar. If you are interested in this role but not sure if your skills and experience are exactly what we’re More ❯

initiatives. About You Minimum 5 years’ experience in information security within a global enterprise environment . Strong knowledge of cloud and network security (Azure, O365). Experienced in DLP, SIEM, and incident response processes. Familiar with ISO 27001/27002 and governance frameworks. CISSP or CEH certification preferred. Excellent communication, stakeholder management, and documentation skills. Why Join? You’ll be More ❯

services strongly preferred). Expertise in IAM technologies (SailPoint, Okta, Azure AD, CyberArk, Ping Identity), DLP platforms (Symantec, Microsoft Purview, Forcepoint, Digital Guardian), and security engineering tools (EDR, CSPM, SIEM, SOAR, vulnerability management). Strong knowledge of Zero Trust, data protection regulations (GDPR, FCA, PRA), cloud-native security, and DevSecOps practices. Exceptional leadership, communication, and stakeholder engagement skills, with the More ❯

DDoS protection, and encryption. Mentor junior engineers, elevate best practices, and help us on our journey to ISO 27001 certification. What You Bring Deep hands-on expertise across EDR, SIEM, NAC, MFA, PAM, and cloud security environments. Proven experience with security frameworks such as ISO 27001, NIST, CIS, and PCI-DSS. Certifications like CISSP, CPSA, or Palo Alto Certified Security More ❯

certifications such as CISSP, TOGAF, CCSP, GCIH or equivalent Strong experience securing Microsoft cloud environments (Azure) - design, deployment, configuration and management Broad knowledge of infrastructure and security solutions, including SIEM/SOAR Proven track record designing end-to-end solutions with security Embedded across network, infrastructure, access, cloud services, controls and SecOps Experience addressing cloud-specific security challenges, patterns and More ❯

day-to-day operations of the Counter Threat Unit, ensuring security controls are effectively implemented across infrastructure and cloud environments. Configure, maintain, and optimise security tools and solutions (e.g., SIEM, EDR )to protect enterprise systems. Monitor systems and networks for anomalies, gather and analyse threat intelligence, and contribute to situational awareness. Skills and experience: Minimum 4 years’ experience within IT More ❯

Incident Response: Oversee the day-to-day operation of security systems and tools, including firewalls, intrusion detection/prevention systems (IDS/IPS), antivirus, anti-malware, SIEM (Security Information and Event Management), vulnerability scanners, and data encryption solutions. Manage vulnerability management programs, including regular scanning, penetration testing, and remediation of identified weaknesses. Lead and manage security incident response, including detection … creating Cyber Security roadmaps. Strong understanding of information security principles, frameworks (e.g., ISO 27001, NIST, Cyber Essentials), and best practices. Hands-on experience with security technologies such as firewalls, SIEM, IDS/IPS, vulnerability scanners, endpoint detection and response (EDR), and identity management solutions. Experience with cloud security (e.g., Azure Security). Proven experience in managing security incidents and conducting More ❯

knowledge of network protocols (TCP/IP) and security practices (IPSec, SSL-VPN, NAT, GRE) Hands-on experience with cloud infrastructure operations and troubleshooting customer tech stacks. Familiarity with SIEM tools, vulnerability management, malware analysis, and firewall configurations Ability to communicate complex technical solutions to a wide range of audiences, both technical and non-technical Skilled in Python, JSON, YAML More ❯

malware analysis and reverse engineering. Scripting/programming skills (Python, Bash, PowerShell, etc.). Relevant certifications (e.g., CREST Practitioner Intrusion Analyst, Blue Team Level 1). Exposure to other SIEM platforms like QRadar. Additional Info: Permanent role with a generous benefits package including 25 days annual leave (plus buy/sell options), pension, life assurance, health cash plan, and a More ❯

in Security Architecture. Cloud security architecture experience (AWS, Azure, GCP), multi-cloud preferred. Deep financial services security knowledge and regulatory experience. Expertise in IAM, network, data, application, container security, SIEM, and Zero Trust. DevSecOps and CI/CD security implementation experience. Relevant certifications desirable (CISSP, CCSP, AWS Security Specialty, Azure Security, GCP Security). Desirable Skills Strong communication, leadership, and More ❯

networks, and operating systems. Good written and verbal communication skills to explain risks to both technical and non-technical stakeholders. CompTIA Security+ or equivalent qualification ??. Desirable: Experience with SIEM systems, EDR, IDS/IPS, and vulnerability scanners. Previous experience in a law firm or professional services environment. Familiarity with Practice Management Systems (PMS) and Document Management Systems (DMS). More ❯

SABSA & TOGAF Experience following the green book five case model would be a plus and certifications such as: CCP, CISMP, CISSP, CREST. Identity management and federation, public key infrastructure, SIEM, cryptography, firewalls, vulnerability scanning. A varied background, diverse programme exposure and a security-based master’s degree or alternatively STEM degree are needed with an ability to demonstrate your capability More ❯

to cybersecurity threats in a proactive and efficient manner. Key Responsibilities: Security Architecture & Implementation Design, deploy, and manage security solutions including firewalls, intrusion detection/prevention systems, endpoint protection, SIEM, and identity management platforms. Implement secure network architecture and enforce segmentation and least-privilege access controls. Support secure cloud environments across Azure, AWS, or GCP (e.g., IAM, security groups, encryption … Certifications (Preferred): CompTIA Security+, CEH, OSCP, CISSP, CCSP, Azure/AWS security certifications. Skills & Competencies Strong knowledge of network security (TCP/IP, VPNs, DNS, firewalls). Experience with SIEM tools (e.g., Splunk, Sentinel, QRadar) and EDR platforms. Familiarity with scripting or automation (PowerShell, Python, Bash). Understanding of secure cloud architecture and Zero Trust principles. Ability to analyze complex More ❯

technical audiences. Proven experience leading client-facing security reviews . Desirable CISSP, CISM , or equivalent certifications. Experience auditing or delivering compliance frameworks. Familiarity with RMM/XDR/EDR , SIEM, and vulnerability scanning platforms. Background in mentoring or managing small teams. Exposure to incident response and tabletop exercises. Reasonable Adjustments: Respect and equality are core values to us. We are More ❯

likely have: Proven experience designing and implementing enterprise cyber security solutions. Hands on experience with vendors such as Fortinet, Palo Alto, Juniper, Check Point, or Netskope, and familiarity with SIEM, SOAR, and managed security services. Strong understanding of enterprise security architecture frameworks (e.g. SABSA, TOGAF, NIST, ISO 27001). A confident, engaging personality with the ability to build rapport and More ❯

sustainable mitigation strategies. Manage remediation and closure of security cases, ensuring timely implementation of corrective actions. Develop and maintain threat scenarios to validate detection and response across SOC, EDR, SIEM, and XDR platforms. Translate threat intelligence into testable hypotheses and simulation exercises in collaboration with Threat Intelligence teams. Utilise adversarial emulation tools (Caldera, Atomic Red Team, AttackIQ, SCYTHE, Cobalt Strike More ❯

draft, implement, and maintain information security policies, procedures, and guidelines.- Conduct regular security audits and assessments to identify vulnerabilities and ensure compliance with industry standards (e.g., ISO 27001).- SIEM & Vulnerability Management.- Monitor and respond to security incidents, conducting investigations and implementing corrective actions.- Collaborate with IT and other departments to ensure the security of network infrastructure and data.- Manage … problem-solving skills.- Strong communication and interpersonal skills.**Preferred Qualifications:**- Experience with regulatory compliance requirements such as GDPR, HIPAA, or SOX.- Familiarity with security tools and technologies such as SIEM, DLP, and endpoint protection. CISA/CISSP/CCSP MCSA-Microsoft Windows Server MCSE- Microsoft Certified Solution Expert; MCITP-Microsoft Certified IT Professional; VMware Certified Professional;CCNA/CCNP Hays More ❯

a rapidly scaling B2B payments startup, and we're looking for a bold, proactive, and hands-on Cybersecurity Lead to design, implement, and operate our security operations function, including SIEM, incident response, threat detection, secure by design, shift-left security engineering, and automated monitoring and response. You'll run and be part of the projects that implement, build, and maintain … leave a legacy of a high‐performing SOC built on automation, quality data, and continuous learning. What You'll Be Doing: Own the design, implementation, and operation of our SIEM and SOC capability with Microsoft Sentinel, including data ingestion, workspace architecture, analytics, automation, and dashboards. Integrate high‐value telemetry sources (Entra, M365, Google Workspace, AWS, GCP, endpoints/EDR, network … t miss a thing. Your attention to detail and decision-making capabilities are top-notch. You're able to horizon scan and research effectively to find the missing details. SIEM & Sentinel Expertise – Proven experience in architecting, implementing, and operating Microsoft Sentinel at scale: data connectors, KQL, analytics, UEBA, SOAR (Logic Apps), workbooks, and cost governance. SOC Leadership – Demonstrated capability to More ❯

Permanent Salary: Up to £78,500 (DOE) + Bonus Working arrangement: Hybrid Office Location: Portsmouth As a Senior Security Engineer, you will: Design, deploy, and maintain core SOC technologies (SIEM, EDR, SOAR, threat intelligence, and logging infrastructure). Develop and optimise detection use cases, correlation rules, and analytics content. Build and maintain automation workflows and integrations using automation platforms or … junior engineers and maintain documentation, diagrams, and standards. Required Experience/Skills: 5 years’ experience in a SOC, security engineering, or cyber operations role. Strong hands-on experience with SIEM or EDR platforms (e.g., Microsoft Sentinel, Splunk, Defender, CrowdStrike, Elastic). Expertise in building and tuning detection rules, dashboards, and automation playbooks. Proficiency in scripting or automation (KQL, PowerShell, Python More ❯