1 to 25 of 124 Remote Permanent SIEM Jobs

IoT, Cloud, Infrastructure and Network Security controls; Programming/scripting experience (Powershell, ASP, .NET, Python, Perl); Log analysis and configuration reviews across infrastructure components including- Servers, Firewalls, WAF's, SIEM, VMware, etc Security Engineering or Architecture (SABSA an advantage) Knowledge of CI/CD would be an advantage Specifying and performing vulnerability analysis and review pen test and scan results More ❯

governance, assurance frameworks, and audit processes (ISO 27001, NIST, GDPR, Cyber Essentials Plus). Experience with modern security tooling such as:o Cortex XDR/Palo Alto Networkso Splunk (SIEM and dashboarding)o Abnormal Security (email security)o Prisma Cloud (cloud security posture management)o Airlock (application and API security)o Nucleus (vulnerability management and reporting) Deep knowledge of incident More ❯

risk assessments, and security validation/UAT; support incident response. Maintain SBOMs to support vulnerability management and supply-chain assurance. Integrate and enhance security monitoring, logging and alerting (including SIEM/threat detection). Create security documentation (designs, risk assessments, mitigation plans, ops procedures). Collaborate with project/programme managers and stakeholders to ensure effective control implementation. Skills/ More ❯

data protection, and governance, risk & compliance (GRC). Requirements In-depth understanding of the incident response lifecycle — preparation, detection, containment, eradication, recovery, and lessons learned. Hands-on experience with SIEM tools such as Splunk, Sentinel, or QRadar — including log analysis and data correlation. Strong familiarity with EDR platforms like CrowdStrike, SentinelOne, or Carbon Black. Working knowledge of network security , including More ❯

data protection, and governance, risk & compliance (GRC). Requirements In-depth understanding of the incident response lifecycle — preparation, detection, containment, eradication, recovery, and lessons learned. Hands-on experience with SIEM tools such as Splunk, Sentinel, or QRadar — including log analysis and data correlation. Strong familiarity with EDR platforms like CrowdStrike, SentinelOne, or Carbon Black. Working knowledge of network security , including More ❯

experience. Proven experience within a SOC (Security Operations Centre) or NOC (Network Operations Centre). Strong understanding of incident response methodologies and the MITRE ATT&CK framework. Experience using SIEM, IDS/IPS, vulnerability scanners, and Azure security tools. Technical expertise in Microsoft Defender, EDR (Endpoint Detection and Response), and network architecture. Practical experience managing cyber incidents and implementing secure More ❯

experience. Proven experience within a SOC (Security Operations Centre) or NOC (Network Operations Centre). Strong understanding of incident response methodologies and the MITRE ATT&CK framework. Experience using SIEM, IDS/IPS, vulnerability scanners, and Azure security tools. Technical expertise in Microsoft Defender, EDR (Endpoint Detection and Response), and network architecture. Practical experience managing cyber incidents and implementing secure More ❯

emerging tech. The following would also be of interest: Certifications in automation/cloud (Azure Solutions Architect, Terraform, GIAC), vulnerability management (Qualys, ISO 27001, NIST). Experience with SOAR, SIEM, XDR, and cloud-native security (especially Azure). Pre-sales or solution architecture exposure. What can we offer you? Through our one of a kind training programme, the Littlefish Academy More ❯

with Microsoft Cloud technologies ESSENTIAL Other requirements: Proven experience with Microsoft Sentinel, Microsoft Defender for Cloud, and Microsoft Purview in real-world environments. Strong understanding of cloud security architecture, SIEM/SOAR, compliance frameworks (e.g., ISO 27001, NIST, GDPR), and data protection. Familiarity with Azure, Microsoft 365, and hybrid cloud environments. Understanding of security operations, incident response, and threat intelligence. More ❯

to mitigate risks and enhance our data security posture. Technical Expertise in Cybersecurity & Incident Response Experience with email security, cloud platforms, and endpoint protection. Strong understanding of DLP, CASB, SIEM, XDR and other security monitoring tools. Proven ability to manage and/or support response to complex security incidents and data breaches. Strong troubleshooting and problem-solving skills, with the More ❯

Security/SharePoint/Exchange Online) Active Directory - Management, Group Policy, Sites and Services, ADconnect Public Cloud - Azure Administration & Management Endpoint Security - Antivirus/Firewalls Desirable Knowledge Experience with SIEM platforms and integration of network devices into SOC environments is desirable. Microsoft Azure - Familiarity with Azure services beyond the basics, such as Azure AD (Entra), or Azure workload configuration such More ❯

Security/SharePoint/Exchange Online) Active Directory - Management, Group Policy, Sites and Services, ADconnect Public Cloud - Azure Administration & Management Endpoint Security - Antivirus/Firewalls Desirable Knowledge Experience with SIEM platforms and integration of network devices into SOC environments is desirable. Microsoft Azure - Familiarity with Azure services beyond the basics, such as Azure AD (Entra), or Azure workload configuration such More ❯

compliance frameworks (NIS2, CAF, ISO 27001). Skills & Experience Required Extensive background in SOC operations, incident response, and threat hunting. Expertise with the Microsoft security stack, including: Microsoft Sentinel (SIEM/SOAR) Microsoft Defender for Endpoint, Identity, Cloud Apps, and Office 365 Microsoft Entra ID (Azure AD) Microsoft Purview (compliance and data protection) Strong knowledge of attacker tactics and techniques More ❯

or solutions architecture role. Background working with or for a VAR, Systems Integrator, or Security Vendor highly desirable . Technical Expertise Strong understanding of enterprise security technologies, including firewalls, SIEM/SOAR, IAM, DLP, SASE, Zero Trust, and cloud security. Working knowledge of AWS, Azure, and GCP security services. Broad understanding of networking, virtualisation, and enterprise infrastructure. CISSP, CCSP, or More ❯

and solution-level security architectures in hybrid and cloud (AWS/Azure) environments. Strong hands-on expertise with enterprise security platforms – including Endpoint Protection, Cloud Security, Network Security, DevSecOps, SIEM/SOAR, and vulnerability management. Deep understanding of secure design principles, IAM, encryption, API security, and application security. Experience performing threat modelling, security risk assessments, and control design validation. In More ❯

and solution-level security architectures in hybrid and cloud (AWS/Azure) environments. Strong hands-on expertise with enterprise security platforms – including Endpoint Protection, Cloud Security, Network Security, DevSecOps, SIEM/SOAR, and vulnerability management. Deep understanding of secure design principles, IAM, encryption, API security, and application security. Experience performing threat modelling, security risk assessments, and control design validation. In More ❯

and solution-level security architectures in hybrid and cloud (AWS/Azure) environments. Strong hands-on expertise with enterprise security platforms – including Endpoint Protection, Cloud Security, Network Security, DevSecOps, SIEM/SOAR, and vulnerability management. Deep understanding of secure design principles, IAM, encryption, API security, and application security. Experience performing threat modelling, security risk assessments, and control design validation. In More ❯

/AppArmor, OPA Gatekeeper, NVIDIA DCGM, cross-domain solutions. Automation & IaC: Ansible, Terraform, Python/Bash/Go for repeatable secure builds. Threat modelling & audits: Red-team HPC workloads, SIEM integration (Splunk/Elastic), vulnerability management. Documentation: Security design records, hardening guides, risk assessments for NCSC/MOD sign-off. Customer-facing consultancy: Advise end-clients (Defence Primes, CNI) on More ❯

are met. Ensure the IAM service follows and complies with IT and Information Security policies and regulatory standards. Help configure and keep current the integration of IAM technologies with SIEM, SOAR, Service Desk and other tools. Work closely with relevant vendors to ensure optimised use of the supplied technologies and professional services. Serve as an escalation point for issues of More ❯

secure SDLC practices, application security tooling (SAST/SCA/DAST), cloud security (CSPM/CIEM/CNAPP), and infrastructure hardening. Incident Detection & Response : Strong skills in threat detection, SIEM/SOAR, incident response, and achieving low MTTD/MTTR; experience with purple teaming and tabletop exercises. Network Security : Understanding of routing security principles (BGP/RPKI), network segmentation and More ❯

information security, risk, or compliance roles. Strong understanding of ISMS principles (ISO 27001) and audit support for SOC 2 Type II. Hands-on experience with security tools and controls - SIEM, IAM/PAM, endpoint protection, vulnerability management. Working knowledge of data-protection and privacy standards (GDPR, HIPAA). Excellent communication skills - able to collaborate across technical and non-technical teams. More ❯

Working closely with Infrastructure teams, you’ll ensure endpoint configurations meet organisational standards. You’ll also enhance threat-hunting capabilities by integrating threat intelligence and correlating EDR data with SIEM and XDR platforms for deeper insights. Data Loss Prevention (DLP) In this part of the role, you’ll implement and configure DLP solutions, define classification policies, and monitor for potential More ❯

Working closely with Infrastructure teams, you’ll ensure endpoint configurations meet organisational standards. You’ll also enhance threat-hunting capabilities by integrating threat intelligence and correlating EDR data with SIEM and XDR platforms for deeper insights. Data Loss Prevention (DLP) In this part of the role, you’ll implement and configure DLP solutions, define classification policies, and monitor for potential More ❯

of Security Operations working within or alongside Security Operations Centre(s). Experience working in all hyperscaler environments, preferably holding Professional Cloud Architect or equivalent Certification. Experience with multiple SIEM & SOAR Tooling, preferably Google SecOps (formerly Chronicle/Simplify). Strong written, verbal and presentation skills. Excellent communication and interpersonal skills, with the ability to build strong relationships with clients More ❯

date defences across both on-prem and cloud environments (cloud being a key area of focus) Implementing, configuring, and regularly updating a wide range of security toolsets including EDR, SIEM, vulnerability management, IAM, and cloud security solutions Collaborating closely with IT, Development, and third-party teams to embed security into all aspects of our operations Conducting regular risk assessments, vulnerability More ❯