1 to 25 of 213 Permanent SIEM Jobs

specifically around policies, security practices, and risk management methodologies. Technologies: Advanced proficiency with AuditBoard is preferred. Experience with other key cybersecurity technologies such as SIEM, firewall management, and intrusion detection systems is highly regarded. Education: Bachelor's degree in computer science, information security, or a related field; a graduate degree more »

for building the security architecture and systems within the SOC, as well as maintaining and improving the security monitoring and analysis tools. As a SIEM subject matter expert, you will also be responsible for the maintaining and recommending new tools, as well as updating the systems. You will be a … responsible for the daily maintenance and support of applications and related hardware associated with our solutions for intrusion detection (IDS), Security Incident Event Monitoring (SIEM), and packet capture (PCAP). You will be expected to deliver upgrades and manage configuration of technology that underpins cyber operations, this is will include … be a subject matter expert for these tools, providing guidance to our Security Operations Centre. Main Duties Responding to requests from SOC to tune SIEM, IDS and associated tooling in an effective and timely manner. Working with threat management teams and liaising directly with Network and Data Centre teams to more »

operation with four shift teams working in a standard rotation. They are responsible for utilising the SOC's Security Incident and Event Management (SIEM) toolsets to detect and investigate potential Security and Service Incidents occurring within the monitored networks. These roles require a minimum of SC clearance and be prepared more »

F5 Advanced WAF). Strong knowledge of web application security practices, including OWASP Top Ten vulnerabilities. Experience with security tools and technologies such as SIEM, IDS/IPS, and vulnerability scanners. Analytical and Problem-Solving Skills: Ability to analyze complex security issues and develop effective solutions. Strong attention to detail more »

with customers and other internal stakeholders. Confidence in effectively communicating technical incidents or security threats to non-technical stakeholders. Previous experience of working with SIEM and log monitoring tools. Proven technical understanding of IT and operating systems including Cisco and Fortinet SC-200, SC-900 or equivalent certification would be more »

Will Need to Succeed: Minimum 5+ years of experience working in 24x7 enterprise operations, preferably security operations Minimum 3+ years of experience working with SIEM, including running investigations (correlating events on different aspects such as source/destination addresses, usernames, and process names) Demonstrable comprehension of Information Security including malware more »

high level delivery. Required Skills/Experience; - A broad range of technology experience including Cloud Security (Azure, 365 E5 suite), Internet Protection, Vulnerability Management, SIEM, Firewalls, CASB, WAF and EDR products. - Experience in managing, supporting, and improving enterprise security solutions with a strong understanding of the impact of these changes. more »

range of services and multi vendor solutions, including Microsoft security, compliance and identity services. Managed SOC Managed XDR Cloud Security (M365, Azure, AWS) Managed SIEM (Sentinel + multi vendor) Security Professional Services Pen Testing Red Teaming ISO27001/Cyber Essential Plus Apps/Infra testing You role will be to more »

range of services and multi vendor solutions, including Microsoft security, compliance and identity services. Managed SOC Managed XDR Cloud Security (M365, Azure, AWS) Managed SIEM (Sentinel + multi vendor) Security Professional Services Pen Testing Red Teaming ISO27001/Cyber Essential Plus Apps/Infra testing You role will be to more »

Threat Intelligence which is actionable information (eg IOCs/TTPs), conduct threat hunting activities; leveraging and analysing sources of information as available through the SIEM, in addition identify and investigate potential suspicious activity as well as helping organizations identify, isolate and contain security issues. You will support the initial implementation more »

its security suite. A good understanding of Security Operations You're a fast learner, passionate about emerging security trends. Experience with security tools like SIEM, IDPS, Cloud Security, and EDR is a big plus. Experience with Zscaler, CrowdStrike, or Qualys Web3 and DeFi Experience with ISO27001 and SOC2 If you more »

infrastructure in Azure, AWS or GCP. 3+ years of experience in DevSecOps role or security operations. Experience configuring and supporting production firewalls. Hands-on SIEM configuration and support experience. Expertise with IaC tooling (Hashicorp Terraform). Expertise with token/secret management tools (Hashicorp Vault). Expertise with monitoring and more »

of the current business environment and the challenges it presents to organisations. What skills will you have: Experience with security tools and technologies (eg, SIEM, IDS/IPS, DLP, encryption). Experience with the implementation of CIS benchmarks Knowledge of cloud security principles and practices. Experience with UK & EU compliance more »

VPN, TCP/IP, SSL, TLS, IDS/IPS, SSH, SNMP, NTP of security tools and technologies, including firewalls, IDS/IPS, VPN, and SIEM and scripting skills required (Python, Powershell scripting or Shell scripts preferred) to learn and adapt to new challenges problem-solving skills and excellent communication and more »

tools to enable the detection and defence from threats to the society. Essential skills: • Experience of configuring security tools including one of the following: SIEM, EDR, AV, WAF or Secure Web Gateways. • Experience of integrating tools in an enterprise environment. • Proven problem-solving, analytical skills • Great experience of Microsoft Defender more »

Do you have extensive experience with Splunk? Eligible for DV clearance? And can be based in either Gosport or Glasgow with some remote working? If yes to all of this then read on! As a Managing Security Engineer, you will more »

Do you have extensive experience with Splunk? Eligible for DV clearance? And can be based in either Gosport or Glasgow with some remote working? If yes to all of this then read on! As a Managing Security Engineer, you will more »

team and mentoring junior team members. Experience with tools for open-source investigation (WireShark, TCPDump, Netflow, etc.); network defence monitoring technologies (IDS/IPS, SIEM, Firewalls, etc.); and sandboxing technologies for static and dynamic malware analysis (IDA Pro, REMnux, etc.). more »

part in the offensive security research and tooling for this Globally recognised company. A key responsibility comes from this client undertaking an EDR and SIEM refresh and they are keen to ensure these tools are fit for purpose. (Current tools being used are Prelude, Cobalt Strike, and Vectr - but you more »

and engineering experience Experience of an enterprise Linux, preferably Red Hat Enterprise Linux, CentOS or Oracle Linux. Recent involvement in implementing IDAM, PAM or SIEM tooling. Experience with monitoring and reporting software – Prometheus, Nagios or similar. Solid scripting experience with one of the following: Python, Shell, Bash or Ruby Familiarity more »

Windows/Linux), to ensure optimal security posture. -Skills in leveraging application monitoring tools - AWS monitoring/alert tools (CloudTrail, Guardduty), Qualys tools and SIEM experience, to detect and respond to security events/incidents. -Demonstrable experience of managing security solutions (secure Code Scanning, SIEM, IPS, IDS, Vulnerability Scanning, Penetration more »

of different threat scenarios, investigations, incident response processes and remdiation techniques. • Good knowledge of cyber security systems and tooling • Reasonable knowledge of Security Information and Event Management systems • Reasonable knowledge of Firewall systems (Fortigate essential) • Foundational knowledge of Security Orchestration, Automation and Response (SOAR) systems • Good knowledge of common operating … equipment • Relevant certifications such as CompTIA Security+, CISSP, CISM, or equivalent are a plus; or a desire to progress towards these certificationsProficiency in using SIEM tools, log analysis platforms, and firewall management consoles (FortiGate experience preferred). • Good understanding of risk management, cybersecurity principles, best practices, and frameworks such as more »

The successful candidates will work in the Security Operations Centre on both reactive and proactive security engagements with regards to Security Information & Event Management (SIEM), Intrusion Detection Systems (IDS), Cyber Threat Intelligence (CTI) and Threat Mining (TM). Role Responsibilities Provide around the clock protective monitoring through the use of … industry leading SIEM, IDS and threat Intelligence Technologies. Provide advice and guidance to client targets of cyber-attacks and malicious activity to a high standard. Provide incident reporting capabilities ensuring that all information is provided in a timely, accurate and effective manner. Provide analytical support to other SOC team members … during security incidents and Threat Mining engagements. Assistance with onboarding process - deployment of SIEM , EDR and Vulnerability Management tools Assistance with active directory administration. Assistance with firewall management. Key Skills Experience in a SOC environment Excellent communication skills and comfortable in a client facing role. A keen interest in cyber more »

Monitor security logs and alerts from various sources, including intrusion detection systems, Endpoint Detection and Response (EDR) systems, and security information and event management (SIEM) tools. Investigate and analyse security incidents whether raised by our customer or internally to identify root cause and develop appropriate mitigation strategies. Execute security response more »

The successful candidates will work in the Security Operations Centre on both reactive and proactive security engagements with regards to Security Information & Event Management (SIEM), Intrusion Detection Systems (IDS), Cyber Threat Intelligence (CTI) and Threat Mining (TM). Role Responsibilities You will work alongside the SOC team to ensure the … effective delivery of the following: Provide around the clock protective monitoring through the use of industry leading SIEM, IDS and threat Intelligence Technologies. Provide advice and guidance to client target... more »