1 to 25 of 180 Permanent SIEM Jobs in the UK

standards for Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic investigations. Infrastructure Hardening: Enforce secure baselines across virtualized environments ...

standards for Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic investigations. Infrastructure Hardening: Enforce secure baselines across virtualized environments ...

Gather and analyse threat intelligence to inform detection strategies. Maintain detailed incident records and conduct post-incident reviews. Technical Skills Hands-on experience with SIEM, EDR, IDS/IPS, and SOAR platforms. Strong knowledge of operating systems (Windows, Linux), network protocols, and packet analysis tools. Familiarity with scripting languages (Python ...

testing. Security & Compliance Strong grasp of cybersecurity (firewalls, EPP, vulnerabilities, threat detection). Understanding of ISO 27001 and GDPR; audit support experience. Familiar with SIEM tools (Splunk, Sentinel). Operating Systems & Automation Working knowledge of Linux (Ubuntu, CentOS). Scripting with PowerShell, Bash, Python. Familiar with ITSM platforms (ServiceNow, Freshservice ...

Controls, or DORA. Strong understanding of cloud and hybrid security environments, including Microsoft 365 and Azure. Strong operational expertise across EDR/XDR, SIEM (e.g., Microsoft Sentinel, Splunk), identity protection, and vulnerability management. Experience with security audits, compliance programmes, and regulated industry requirements. Excellent communication and influencing skills, with confidence ...

types of log sources such as firewall, web and database to identify anomalous activity. Understand network communications and protocols. Experience and deep knowledge of SIEM, EDR and other core cyber toolsets. Strong problem-solving skills as applied to technical solutions. Sound technical knowledge of security as applied to IT/ ...

years in cybersecurity or technical security or solutions engineering roles. Hands-on experience deploying and managing security tooling - such as DLP, EDR, IAM, MDM, SIEM, ZTNA, or vulnerability scanners, and enjoy solving problems at the implementation level. Strong communication skills and comfortable communicating technical security concepts to non-security stakeholders. ...

analysis, and risk-based prioritisation. Experience working in large, complex enterprise environments. Familiarity with regulatory and compliance requirements relevant to vulnerability management. Knowledge of SIEM, SOAR, EDR, and associated security tooling. Strong analytical skills with the ability to translate technical risk into clear, executive-level reporting. Experience supporting incident response ...

service follows and complies with IT and Information Security policies and regulatory standards. Help configure and keep current the integration of IAM technologies with SIEM, SOAR, Service Desk and other tools. Work closely with relevant vendors to ensure optimised use of the supplied technologies and professional services. Serve ...

skills are essential for this position. Knowledge of information security standards (e.g., ISO 17799/27002/27001/PCI DSS/SIEM, etc.), rules and regulations related to information security and data confidentiality (e.g., FERPA, HIPAA, etc.) and key network security principles for risk identification and analysis. Knowledge ...

automating processes. Working knowledge of SecDevOps tools and methodologies. Excellent analytical and problem-solving skills. Strong communication and documentation abilities. Hands on experience with SIEM solutions i.e. Splunk, ArcSight, LogRhythm Communication and Soft Skills Experience speaking to and working with leadership as well as ability to write reports and present ...

Strong experience in cyber security operations Strong experience of leading or mentoring SOC teams Strong knowledge of incident response and threat detection Experience with SIEM platforms such as LogRhythm, Splunk, or Microsoft Sentinel Familiarity with SOAR platforms, EDR/XDR tools (eg CrowdStrike, Defender, SentinelOne) and cloud security monitoring across ...

Strong experience in cyber security operations Strong experience of leading or mentoring SOC teams Strong knowledge of incident response and threat detection Experience with SIEM platforms such as LogRhythm, Splunk, or Microsoft Sentinel Familiarity with SOAR platforms, EDR/XDR tools (eg CrowdStrike, Defender, SentinelOne) and cloud security monitoring across ...

Strong experience in cyber security operations Strong experience of leading or mentoring SOC teams Strong knowledge of incident response and threat detection Experience with SIEM platforms such as LogRhythm, Splunk, or Microsoft Sentinel Familiarity with SOAR platforms, EDR/XDR tools (eg CrowdStrike, Defender, SentinelOne) and cloud security monitoring across ...

points if you've dabbled in things like: Networking basics (TCP/IP, DNS, DHCP). Windows/Linux systems or firewalls. Security tools (SIEM, antivirus, vulnerability scanners). Scripting (PowerShell, Python). Cloud platforms (Azure, AWS). Entry requirements: an A-Level in ICT OR an International Baccalaureate ...

this vacancy only. KEY SKILLS Cyber Security, Security Operations, SOC, Microsoft Defender, Sentinel, Incident Response, Vulnerability Management, Threat Intelligence, Threat Hunting, SOAR, Azure, AWS, SIEM, KPIs, Risk Reporting ...

following: IT operations, preferably with exposure to governance, internal audit, or cybersecurity ISO 27001, GDPR, and risk management frameworks Security tools for Vulnerability Management, SIEM, AV/EDR/XDR, and DLP (e.g., Splunk, Qualys, Defender, Purview, CrowdStrike) Windows Server, Active Directory, and Microsoft 365 security Relevant certifications (e.g. ...

strong AWS security expertise. SaaS cloud operations experience, managing security and compliance at scale. 8+ years of network security technologies (PAM, NGFW, WAF, IPS, SIEM, etc.). 6+ years of Deep knowledge in AWS networking (VPC, Transit Gateway, Direct Connect, Route 53, Global Accelerator) and security services (Security Hub, GuardDuty ...

Experience in IT operations with exposure to cybersecurity or governance * Knowledge of ISO 27001, GDPR and risk management frameworks * Familiarity with vulnerability management, SIEM or EDR tools * Strong understanding of Windows Server, Active Directory and Microsoft 365 security * Strong analytical and communication skills What is on offer: * Salary ...

solutions, vulnerability scanners and hardening baselines. Managing firewalls, VPNs, secure remote access and segmentation controls. Improving detection and response by working closely with SIEM/SOC teams. Ensuring critical logging, monitoring and compliance standards are always met. Automating deployments and controls using PowerShell, Python, Terraform or similar tools. Supporting vulnerability ...

scripting such as Python, Perl, Bash, PowerShell, C++. CREST Practitioner Intrusion Analyst/Blue Teams Level 1 or other SOC related certifications. Experience with SIEM technologies, namely Sentinel and Splunk, with some experience with QRadar. If you are interested in this role but not sure if your skills and experience ...

experience who wants real technical ownership and variety across the full defensive lifecycle. What You’ll Be Doing Lead investigations, triage and containment using SIEM/EDR (Microsoft Sentinel preferred) Harden IAM, PIM/PAM , Windows/Linux, endpoint baselines and identity services Strengthen M365 security : Defender for Endpoint/… security hardening (Windows + Linux) Network security concepts (firewalls, IDS/IPS) Incident Response & Detection Hands-on IR: triage investigation containment recovery Experience with SIEM (Sentinel strongly preferred) Experience with EDR/XDR tools: Defender/CrowdStrike/SentinelOne Log analysis, packet captures, forensic investigation fundamentals Microsoft Security Defender suite ...

years' experience in information security within a global enterprise environment . Strong knowledge of cloud and network security (Azure, O365). Experienced in DLP, SIEM, and incident response processes. Familiar with ISO 27001/27002 and governance frameworks. CISSP or CEH certification preferred. Excellent communication, stakeholder management, and documentation skills. ...

processes Technical Expertise Proven experience implementing enterprise security platforms Strong understanding of security risk management tools and techniques Deep knowledge of security solutions including SIEM, PAM, IGA, email/web gateways and endpoint protection Experience with firewall technologies (highly desirable) Knowledge of cloud security standards and solutions (highly desirable) Strong ...

security operations, including vulnerability management, access reviews, and incident response readiness. Provide insights and triage signals from security tooling (SAST, DAST, dependency scanning, SIEM). Work hands-on to perform internal security assessments or penetration testing. Manage relationships with external pentest providers, auditors, and assessors. Secure Development Lifecycle (SDLC) Partner ...