1 to 25 of 45 SIEM Jobs in Berkshire

will play a critical role in detecting, responding to, and mitigating security threats across enterprise environment. Responsibilities will include: Monitor, analyze, and respond to security events and incidents using SIEM and other security tools. Develop and maintain detection rules, playbooks, and automation scripts to improve incident response efficiency. Perform threat hunting and forensic investigations across IT environment. Collaborate with infrastructure More ❯

Smartsheet, Monday.com, etc. Microsoft O365 products (Excel, PowerPoint, etc.) Collaboration and communication skills across multiple teams and businesses. Good-to-Have Skills Palo Alto Firewall, F5 LTM, F5 GTM SIEM and SOAR tools (Splunk, Cribl, PAN Cortex) Powershell Python Scripting Power BI and Power Automate. More ❯

certification or willingness to achieve it Within commuting distance (~1 hour) of Canary Wharf, London Technical Skills Strong KQL skills for threat hunting and incident forensics Experience with SIEM, IDS/IPS and threat intelligence platforms Familiarity with incident response frameworks and security best practice Experience with scripting and automation (e.g. Azure Logic Apps) Soft Skills Problem-Solving: Identify, troubleshoot More ❯

solutions (e.g., CyberArk, BeyondTrust, Delinea) Implement least privilege access models and enforce secure credential management Monitor and audit privileged access activities across systems and applications Integrate PAM tools with SIEM, IAM, and other security platforms Develop and maintain policies, procedures, and documentation for PAM operations Conduct regular access reviews, privilege audits, and risk assessments Collaborate with IT, DevOps, and Security More ❯

Conduct regular security audits and assessments to identify and remediate risks. Apply industry frameworks such as NIST Cybersecurity Framework, ISO 27001, CIS Controls . Oversee and enhance security technologies: SIEM, vulnerability management, cloud security (OCI/Azure/AWS), PKI, cryptography, web/email security, logging and monitoring . Monitor network traffic for anomalies and potential breaches. Collaborate with IT More ❯

solutions (e.g., CyberArk, BeyondTrust, Delinea) Implement least privilege access models and enforce secure credential management Monitor and audit privileged access activities across systems and applications Integrate PAM tools with SIEM, IAM, and other security platforms Develop and maintain policies, procedures, and documentation for PAM operations Conduct regular access reviews, privilege audits, and risk assessments Collaborate with IT, DevOps, and Security More ❯

solutions (e.g., CyberArk, BeyondTrust, Delinea) Implement least privilege access models and enforce secure credential management Monitor and audit privileged access activities across systems and applications Integrate PAM tools with SIEM, IAM, and other security platforms Develop and maintain policies, procedures, and documentation for PAM operations Conduct regular access reviews, privilege audits, and risk assessments Collaborate with IT, DevOps, and Security More ❯

solutions (e.g., CyberArk, BeyondTrust, Delinea) Implement least privilege access models and enforce secure credential management Monitor and audit privileged access activities across systems and applications Integrate PAM tools with SIEM, IAM, and other security platforms Develop and maintain policies, procedures, and documentation for PAM operations Conduct regular access reviews, privilege audits, and risk assessments Collaborate with IT, DevOps, and Security More ❯

and solution-level security architectures in hybrid and cloud (AWS/Azure) environments. Strong hands-on expertise with enterprise security platforms – including Endpoint Protection, Cloud Security, Network Security, DevSecOps, SIEM/SOAR, and vulnerability management. Deep understanding of secure design principles, IAM, encryption, API security, and application security. Experience performing threat modelling, security risk assessments, and control design validation. In More ❯

incident response Strong background in forensic analysis across Windows, MacOS, and Unix systems Experience in large-scale corporate environments, ideally with Microsoft Azure Proficiency in tools like EDR, SOAR, SIEM, and scripting languages (Python, PowerShell) Calm, analytical mindset with the ability to lead technical investigations under pressure Bonus: Experience with static and dynamic file/malware triage Why Tesco? At More ❯

BeyondTrust, or Delinea . Implement least privilege access models and enforce secure credential management practices. Monitor and audit privileged access activities across systems and applications. Integrate PAM tools with SIEM, IAM, and cloud security platforms. Develop and maintain policies, documentation, and access procedures . Conduct regular access reviews, privilege audits, and risk assessments . Work closely with IT, DevOps, and More ❯

BeyondTrust, or Delinea . Implement least privilege access models and enforce secure credential management practices. Monitor and audit privileged access activities across systems and applications. Integrate PAM tools with SIEM, IAM, and cloud security platforms. Develop and maintain policies, documentation, and access procedures . Conduct regular access reviews, privilege audits, and risk assessments . Work closely with IT, DevOps, and More ❯

DDoS protection, and encryption. Mentor junior engineers, elevate best practices, and help us on our journey to ISO 27001 certification. What You Bring Deep hands-on expertise across EDR, SIEM, NAC, MFA, PAM, and cloud security environments. Proven experience with security frameworks such as ISO 27001, NIST, CIS, and PCI-DSS. Certifications like CISSP, CPSA, or Palo Alto Certified Security More ❯

in the storm, guiding teams through complex challenges with clarity and confidence. What you'll need to succeed You're a seasoned security professional with hands-on experience across SIEM, SOC, Azure, Microsoft 365 and enterprise network environments. You've led incident response, managed third-party suppliers and implemented threat detection strategies in hybrid organisations. Certifications such as CISSP, CEH More ❯

incident response , and vulnerability management . Expertise in ServiceNow workflows , scripting , CMDB , Discovery , and system integrations (REST/SOAP, MID Server). Experience integrating ServiceNow with cybersecurity tools (e.g., SIEM, EDR, SOAR). Strong stakeholder management and communication skills. Background supporting critical infrastructure , preferably within the energy or utilities sector . Knowledge of security frameworks and compliance mandates (e.g., NIST More ❯

frameworks. Knowledge of Rapid7's Platform and its components, including Managed Detection and Response (MDR), Exposure Management (Surface Command, Exposure Command, Exposure Command ADVANCED), Attack Surface Management, Next-Gen SIEM, Cloud Security, Vulnerability Management, and Threat Intelligence. Strong understanding of the Microsoft Security Stack and how to drive business value alongside this through partnering. Deep knowledge of the UK & Ireland More ❯

including carrying out reviews and supporting improvements across technical and procedural controls. Strong skills in documentation, analysis, and reporting. Technical knowledge of cybersecurity concepts and practices. (Desirable) Familiarity with SIEM, vulnerability assessment, incident detection, and system hardening. (Desirable) Exposure to tools such as Microsoft Sentinel, Darktrace, Carbon Black, or Qualys. General IT knowledge, with an understanding of IT operations and More ❯

oversight, you will also act as technical lead on several high-impact initiatives, including but not limited to: Global EDR consolidation (Microsoft Defender) MFA rollout Implementation of a new SIEM platform Key Responsibilities Lead the delivery of cyber security projects such as endpoint protection, vulnerability management, identity & access management, and network security. Develop and manage project plans, milestones, risks, and More ❯

including: Security Incident Response (SIR) Vulnerability Response (VR) Threat Intelligence Configuration Compliance Define secure processes and automation across vulnerability management and incident response. Integrate ServiceNow SecOps with cybersecurity platforms (SIEM, SOAR, EDR, CMDB, threat intel, OT/ICS security tools). Establish SecOps roadmap, standards, and best practices across business units. Ensure scalable, secure, reusable architecture aligned with enterprise and More ❯

and execute the enterprise PAM strategy and governance framework. Lead the deployment, configuration, and optimisation of PAM tools (e.g. CyberArk, BeyondTrust, Thycotic/Delinea ). Integrate PAM with IAM, SIEM, and IT infrastructure platforms. Implement automation around credential rotation, just-in-time (JIT) access, and session monitoring. Conduct regular audits and risk reviews to maintain compliance and reduce privileged access More ❯

Microsoft certifications (relating to Azure-AZ, Security-SC, Power Platform-PL, Modern Work-MS and Copilot/AI). Excellent consulting, design and delivery of Microsoft Defender suite and SIEM/XDR. Effective technical hands-on experience configuring/implementing products such as Microsoft Azure, Entra & Purview. Accomplished in designing and implementing M365 security technologies, based on above, with little More ❯

cyber security engineering or related roles, with a strong understanding of network security principles, protocols and technologies. Experience with security tools such as firewalls, intrusion detection/prevention systems, SIEM solutions (i.e. Splunk, Exabeam, Sentinel, Chronicle) and endpoint security platforms to the level of administration and deployment. Exposure to SOAR tools, observability tools and data stream processing tools Hands-on More ❯

of 5 years of experience in a presales, solution architect, or similar role within the cybersecurity industry. Extensive knowledge of cybersecurity technologies and solutions (e.g., network security, endpoint protection, SIEM, cloud security). Strong business acumen with the ability to align technical solutions with business objectives. Excellent presentation, communication, and negotiation skills. Proven experience in designing and articulating complex technical More ❯

expertise: Windows Server, AD/Entra ID, Group Policy, O365, Intune Solid networking foundations: TCP/IP, VLANs, DNS, VPNs, Wi-Fi Security engineering knowledge: System hardening, endpoint security, SIEM, incident handling ISO27001, GDPR or PCI compliance exposure Certificates (SSL/TLS), WAF/DDoS, email security Azure engineering background: Governance, networking, identity and security configuration Ownership mindset and strong More ❯

and packet (PCAP) analysis Familiarity with Windows and/or Linux investigations Clear and structured documentation of technical findings Desired Skills Basic scripting (e.g., Python, Bash, PowerShell) Experience creating SIEM rules or detection logic Exposure to cloud environments and related attack vectors Knowledge of threat hunting methods and MITRE ATT&CK Interest or experience in cross-functional collaboration (e.g., Threat More ❯