1 to 25 of 1,419 Permanent SIEM Jobs in the UK

experience Good knowledge of MS Defender for Cloud, Storage (SQL) and CSPM. Proficient with Data loss prevention tools experience, such as MS Purview Compliance Manager and Tessian Security monitoring, SIEM tooling such as Exabeam, QRadar, Splunk and Sentinel. Experience with Azure (security centre) and M365 cloud infrastructure and configuration and on-premises Active Directory Experience in Cloud email security gateway More ❯

auditing security measures, security response, and incident management. • Possess a working knowledge of Cisco network switches, routers, firewalls and VPN, network security, administration of DLP, antivirusantimalware, IDS/IPS, SIEM, SMTP, Email security, AD, Group Policy, DNS, DHCP, and VLANs. • Experience with identity access management solutions, such as SAMLOATH • Experience with HIDS and NIDS • The ideal candidate possesses relevant information More ❯

of a collaborative and high-performing security team. Role Responsibilities Key responsibilities for this role may include: Incident Detection & Response: Monitor security events and alerts using SIEM (Security Information and Event Management) and other security tools to identify potential security threats and incidents. Conduct initial triage, analysis, and categorisation of security incidents based on severity and impact. Escalate complex or … or home lab projects are encouraged to apply Education: Bachelor’s degree in Computer Science, Information Security, Cyber Security or related field, or equivalent experience desirable. Certifications (preferred): Any SIEM-specific certification or vendor-specific training. Relevant cybersecurity certifications such as Certified Cloud Security Professional (CCSP) or other relevant security certifications, Security+ (CompTIA), CEH (Certified Ethical Hacker), BTL1 or others … are highly desirable but not essential. Technical Skills: Familiarity with SIEM tools (e.g., LogRhythm, Elastic SIEM, Microsoft Sentinel, or similar). Basic understanding of network protocols, firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint security. Exposure to or understanding of log analysis and alert triage, vulnerability scanning and patching and incident response Knowledge of cyber security and More ❯

cyber threat intelligence, and incident response, ensuring the protection of BCG’s global network. You will work closely with the Security Operations Center (SOC), Security Information and Event Management (SIEM), and Managed Security Service Provider (MSSP) to enhance detection and response capabilities. Your expertise will contribute to strengthening our security posture and minimizing business risks associated with cyber threats. What … You Do? Act as a Tier 3 Incident Responder, supporting complex investigations into cyber security incidents. Conduct proactive threat hunting to detect and neutralize emerging threats. Monitor and analyze logs via SIEM, EDR, and network traffic analysis tools for potential attack indicators. Investigate security incidents, including malware infections, phishing attacks, and unauthorized access attempts. Develop and enhance incident response playbooks … solving skills, with an investigative mindset to identify security threats. Experience with malware analysis, including static and dynamic analysis techniques. Ability to develop and refine threat-hunting methodologies and define SIEM use cases. Familiarity with global cybersecurity regulations and compliance frameworks (GDPR, NIST, ISO 27001, etc.). Ability to work under pressure in a fast-paced, dynamic security environment. Experience More ❯

cyber threat intelligence, and incident response, ensuring the protection of BCG’s global network. You will work closely with the Security Operations Center (SOC), Security Information and Event Management (SIEM), and Managed Security Service Provider (MSSP) to enhance detection and response capabilities. Your expertise will contribute to strengthening our security posture and minimizing business risks associated with cyber threats. What … You Do? Act as a Tier 3 Incident Responder, supporting complex investigations into cyber security incidents. Conduct proactive threat hunting to detect and neutralize emerging threats. Monitor and analyze logs via SIEM, EDR, and network traffic analysis tools for potential attack indicators. Investigate security incidents, including malware infections, phishing attacks, and unauthorized access attempts. Develop and enhance incident response playbooks … solving skills, with an investigative mindset to identify security threats. Experience with malware analysis, including static and dynamic analysis techniques. Ability to develop and refine threat-hunting methodologies and define SIEM use cases. Familiarity with global cybersecurity regulations and compliance frameworks (GDPR, NIST, ISO 27001, etc.). Ability to work under pressure in a fast-paced, dynamic security environment. Experience More ❯

security operations, including incident response , vulnerability management , and DLP Embed security–by–design principles in collaboration with IT and Dev teams Operate and enhance security infrastructure, including HSM , EDR , SIEM , and IAM Monitor and respond to security alerts; manage threat mitigation and patch compliance Participate in change and architecture review boards, documenting detailed design work Skills & Experience Required … in cyber security engineering , ideally in legal, financial services or similarly regulated environments Hands–on expertise in: EDR tools : SentinelOne, CrowdStrike, Defender Cloud platforms : Azure, M365, Defender for Cloud SIEM : Exabeam, Splunk, QRadar IAM : ENTRA ID, CyberArk, DUO MFA Firewall & Network Security : Cisco, Palo Alto, NAC DLP tools: Microsoft Purview, Tessian Strong scripting abilities (PowerShell, Python, Perl) Familiarity with vulnerability More ❯

scans and update relevant records. Incident readiness and handling as part of the Computer Security Incident Response team (CSIRT). Monitor and analyse security logs from various systems (including SIEM) and network devices to identify potential threats and vulnerabilities. Knowledge, Skills & Experience Required: Bachelor’s degree in computer science, Information Technology, Cyber Security, or a related field. 5+ years of More ❯

scans and update relevant records. Incident readiness and handling as part of the Computer Security Incident Response team (CSIRT). Monitor and analyse security logs from various systems (including SIEM) and network devices to identify potential threats and vulnerabilities. Knowledge, Skills & Experience Required: Bachelor’s degree in computer science, Information Technology, Cyber Security, or a related field. 5+ years of More ❯

Azure, Entra), security auditing, and modern endpoint protection such as CrowdStrike. Responsibilities Monitor and respond to security incidents using EDR/XDR tools such as CrowdStrike, Microsoft Defender, and SIEM platforms. Perform regular audits and security assessments across cloud (AWS, Azure) and SaaS platforms to identify risks and ensure compliance with internal policies and industry standards (ISO 27001, CIS, NIST …/Azure), including the shared responsibility model. Familiarity with compliance frameworks (ISO 27001, GDPR, SOC 2, NIST). Hands-on experience with EDR tools (CrowdStrike, Defender for Endpoint) and SIEM/SOAR platforms. Basic scripting for automation and reporting using PowerShell or Python. Working knowledge of network security protocols, VPNs, firewalls, and web filtering tools. Understanding of patch management, application More ❯

Cybersecurity, Computer Science, Information Technology, or equivalent experience. Previous experience in Cybersecurity or a related IT role, ideally working in public sector environments. Proficiency with security tools such as SIEM, IDS/IPS, and vulnerability scanners. Strong understanding of network security, firewalls, and access control. Knowledge of regulatory frameworks like GDPR, HIPAA, PCI-DSS, or NIST. Experience in incident response More ❯

threats. You’ll play a crucial role in delivering technical excellence, leading customer engagements, and mentoring team members. Key Responsibilities: Design, implement, and manage enterprise-grade security solutions (firewalls, SIEM, IDS/IPS, endpoint protection, cloud security). Shape strategic security recommendations and collaborate on technical win plans. Maintain and update security policies, procedures, and incident response plans. Deliver security … Looking For: A degree in Cybersecurity, IT, or equivalent experience. 4+ years in a cybersecurity role, preferably within an MSP or fast-paced environment. Strong hands-on experience with SIEM, EDR, VPNs, firewalls, and cloud platforms (AWS, Azure, GCP). Expertise in Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and KQL. Proven skills in threat detection, incident response, and More ❯

threats. You’ll play a crucial role in delivering technical excellence, leading customer engagements, and mentoring team members. Key Responsibilities: Design, implement, and manage enterprise-grade security solutions (firewalls, SIEM, IDS/IPS, endpoint protection, cloud security). Shape strategic security recommendations and collaborate on technical win plans. Maintain and update security policies, procedures, and incident response plans. Deliver security … Looking For: A degree in Cybersecurity, IT, or equivalent experience. 4+ years in a cybersecurity role, preferably within an MSP or fast-paced environment. Strong hands-on experience with SIEM, EDR, VPNs, firewalls, and cloud platforms (AWS, Azure, GCP). Expertise in Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and KQL. Proven skills in threat detection, incident response, and More ❯

threats. You’ll play a crucial role in delivering technical excellence, leading customer engagements, and mentoring team members. Key Responsibilities: Design, implement, and manage enterprise-grade security solutions (firewalls, SIEM, IDS/IPS, endpoint protection, cloud security). Shape strategic security recommendations and collaborate on technical win plans. Maintain and update security policies, procedures, and incident response plans. Deliver security … Looking For: A degree in Cybersecurity, IT, or equivalent experience. 4+ years in a cybersecurity role, preferably within an MSP or fast-paced environment. Strong hands-on experience with SIEM, EDR, VPNs, firewalls, and cloud platforms (AWS, Azure, GCP). Expertise in Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and KQL. Proven skills in threat detection, incident response, and More ❯

and applications. You’ll monitor security tools and alerts, respond to threats, and contribute to the development and implementation of controls across cloud and on-premise environments. Responsibilities: Analyse SIEM events and alerts, ensuring effective investigation and resolution. Respond to phishing incidents and manage malicious email reporting. Support incident response, escalation, and coordination. Monitor cloud and on-premises environments for … . Practical knowledge of cloud security across AWS, Azure, or GCP (e.g. CloudTrail, Sentinel). Experience with endpoint protection, DLP, IDS/IPS, MFA, and content filtering. Familiarity with SIEM platforms and vulnerability management tools. Exposure to SOAR platforms and scripting or development skills (e.g. Python, Bash). Understanding of frameworks such as ISO 27001/2, NIST, SOC, or More ❯

Computer Science, Information Security, or a related field (Master's preferred). • Extensive experience in cybersecurity leadership within a SOC or incident response function. • Strong knowledge of security technologies, SIEM platforms (e.g., Chronicle, Splunk, QRadar), EDR tools, firewalls, and network security. • Experience with security frameworks and regulations (NIST, ISO 27001, MITRE ATT&CK, CIS, etc.). • Demonstrated experience leading security More ❯

cyber threat intelligence, and incident response, ensuring the protection of BCG’s global network. You will work closely with the Security Operations Center (SOC), Security Information and Event Management (SIEM), and Managed Security Service Provider (MSSP) to enhance detection and response capabilities. Your expertise will contribute to strengthening our security posture and minimizing business risks associated with … cyber threats. Act as a Tier 3 Incident Responder, supporting complex investigations into cyber security incidents. Conduct proactive threat hunting to detect and neutralize emerging threats. Monitor and analyze logs via SIEM, EDR, and network traffic analysis tools for potential attack indicators. Investigate security incidents, including malware infections, phishing attacks, and unauthorized access attempts. Develop and enhance incident response playbooks … solving skills, with an investigative mindset to identify security threats. Experience with malware analysis, including static and dynamic analysis techniques. Ability to develop and refine threat-hunting methodologies and define SIEM use cases. Familiarity with global cybersecurity regulations and compliance frameworks (GDPR, NIST, ISO 27001, etc.). Ability to work under pressure in a fast-paced, dynamic security environment. Experience More ❯

Services Are you an experienced Cyber Security Engineer looking for a new challenge? Do you have a background in Cyber Security with a strong understanding of security technologies, including SIEM, EDR, Firewalls, VPNs, and cloud security (AWS, Azure, GCP) in an MSP or similar environment, along with hands-on experience with Splunk/MS Sentinel/QRadar and KQL? Here … will allow you to achieve great things by working with brilliant colleagues, and clients, on exciting projects. Responsibilities: Key Responsibilities: Design, implement, and manage advanced security solutions, including Firewalls, SIEM, IDS/IPS, endpoint protection, and cloud security. Lead technical presentations, demonstrations, workshops and architecture design sessions, explain, demonstrate, and architect the solution to help solve client security challenges and … Information Technology, or related field (or equivalent experience). 5yrs+ of experience in a cybersecurity role within an IT MSP or similar environment. Strong understanding of security technologies, including SIEM, EDR, Firewalls, VPNs, and cloud security (AWS, Azure, GCP). Strong hands-on experience with Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and Detection Rule languages such as KQL More ❯

access for you and your household Onsite perks including free parking, tea and coffee stations, and a subsidized café with free breakfast toast Responsibilities Security Monitoring & Incident Response: Use SIEM tools like Exabeam, LogRhythm, Splunk, or Arcsight to monitor security events, detect threats, and analyze data to address incidents swiftly. Vulnerability Management Tools: Conduct regular vulnerability assessments, prioritize and remediate More ❯

Security: Skilled in implementing information protection tools, key and secrets management, data loss prevention, and protective marking and classification capabilities. Cyber Security Operations: Proficient in incident response, vulnerability management, SIEM, SOAR, threat modeling, threat hunting, intelligence, data analytics, and anti-phishing methodologies. Infrastructure and Endpoint Security: Experience with endpoint security control technologies (EDR, EPP, UEBA, baseline configurations) including the Microsoft More ❯

Security: Skilled in implementing information protection tools, key and secrets management, data loss prevention, and protective marking and classification capabilities. Cyber Security Operations: Proficient in incident response, vulnerability management, SIEM, SOAR, threat modeling, threat hunting, intelligence, data analytics, and anti-phishing methodologies. Infrastructure and Endpoint Security: Experience with endpoint security control technologies (EDR, EPP, UEBA, baseline configurations) including the Microsoft More ❯

Security: Skilled in implementing information protection tools, key and secrets management, data loss prevention, and protective marking and classification capabilities. Cyber Security Operations: Proficient in incident response, vulnerability management, SIEM, SOAR, threat modeling, threat hunting, intelligence, data analytics, and anti-phishing methodologies. Infrastructure and Endpoint Security: Experience with endpoint security control technologies (EDR, EPP, UEBA, baseline configurations) including the Microsoft More ❯

working within a SOC (Security Operations Centre) or in a cyber security focused role - Ideally 1- 2 years working as an engineer. Knowledge of security tools and technologies (e.g., SIEM, IDS/IPS, EDR/XDR, Email protection, DLP, SOAR, Cloud Security etc.) Knowledge of Cyber Security domains (e.g., Identity and access Management, Network Security, Incident Response etc) Desirable skills More ❯

Qualifications: Proven experience in a cyber security or information security engineering role. Strong knowledge of network and system security, encryption, and authentication protocols. Experience with security tools such as SIEM, vulnerability scanners, firewalls, antivirus, and endpoint protection platforms. Familiarity with cloud security (AWS, Azure, or GCP) and hybrid environments. Good understanding of regulatory frameworks and standards (ISO 27001, NIST, PCI More ❯

Qualifications: Proven experience in a cyber security or information security engineering role. Strong knowledge of network and system security, encryption, and authentication protocols. Experience with security tools such as SIEM, vulnerability scanners, firewalls, antivirus, and endpoint protection platforms. Familiarity with cloud security (AWS, Azure, or GCP) and hybrid environments. Good understanding of regulatory frameworks and standards (ISO 27001, NIST, PCI More ❯

Qualifications: Proven experience in a cyber security or information security engineering role. Strong knowledge of network and system security, encryption, and authentication protocols. Experience with security tools such as SIEM, vulnerability scanners, firewalls, antivirus, and endpoint protection platforms. Familiarity with cloud security (AWS, Azure, or GCP) and hybrid environments. Good understanding of regulatory frameworks and standards (ISO 27001, NIST, PCI More ❯