26 to 41 of 41 SIEM Jobs in Berkshire

including Copilot, Azure OpenAI, and agentic systems—ensuring proper guardrails, risk assessments, and data protection. Participate in cloud monitoring, detection & incident response, working with SIEM/XDR tooling and platform/application teams. Collaborate closely with data governance to ensure appropriate classification, labelling, access control, and lifecycle management of sensitive … using Microsoft Purview. Practically skilled in AI security, including risk identification, secure integration patterns, and AI governance models. Experience with cloud monitoring, incident response, SIEM/XDR operations. Ability to translate complex security risks into clear business language and actionable recommendations. DESIRABLE SKILLS Experience with secure data platforms (Azure Data ...

senior security leaders, with the ability to diagnose challenges and deliver strategic recommendations 10+ years of hands-on experience in deploying and integrating SIEM/security analytics solutions within large enterprise environments 8+ years of experience with Security Operations Center (SOC) tooling, processes, and workflows Hands-on technical mastery across … SIEM, SOAR, EDR, cloud security, and threat intelligence Ability to conceive, architect, and develop effective correlation and detection rules Familiarity with a range of SIEM technologies, such as Splunk and IBM QRadar, is a plus. Strong expertise in Regular Expressions (Regex) Relevant bachelor's degree or industry-recognized qualifications (CISSP ...

senior security leaders, with the ability to diagnose challenges and deliver strategic recommendations 10+ years of hands-on experience in deploying and integrating SIEM/security analytics solutions within large enterprise environments 8+ years of experience with Security Operations Center (SOC) tooling, processes, and workflows Hands-on technical mastery across … SIEM, SOAR, EDR, cloud security, and threat intelligence Ability to conceive, architect, and develop effective correlation and detection rules Familiarity with a range of SIEM technologies, such as Splunk and IBM QRadar, is a plus. Strong expertise in Regular Expressions (Regex) Relevant bachelor's degree or industry-recognized qualifications (CISSP ...

experience within an MSP environment. Strong Microsoft Azure expertise (IaaS/PaaS, governance, identity, networking, landing zones). Security experience across MDR, threat detection, SIEM/SOAR or security monitoring. Solid understanding of hybrid cloud, integrations, networking and resilient design. Ability to articulate complex technical concepts to technical and … architectural documentation and NFRs (security, performance, compliance). Desirable MSP service design/service offering experience. Hands-on knowledge of Microsoft Sentinel or other SIEM/SOAR platforms. Familiarity with security frameworks (NIST, ISO 27001). Relevant Azure certifications (AZ-305, AZ-500, etc.). Please apply now if this ...

experience within an MSP environment. Strong Microsoft Azure expertise (IaaS/PaaS, governance, identity, networking, landing zones). Security experience across MDR, threat detection, SIEM/SOAR or security monitoring. Solid understanding of hybrid cloud, integrations, networking and resilient design. Ability to articulate complex technical concepts to technical and … architectural documentation and NFRs (security, performance, compliance). Desirable MSP service design/service offering experience. Hands-on knowledge of Microsoft Sentinel or other SIEM/SOAR platforms. Familiarity with security frameworks (NIST, ISO 27001). Relevant Azure certifications (AZ-305, AZ-500, etc.). Please apply now if this ...

across the enterprise Lead and coordinate incident response activities, including containment, eradication, and post-incident reviews Perform advanced threat hunting and proactive investigations using SIEM, EDR, and cloud telemetry Develop, tune, and optimise detection rules aligned to MITRE ATT&CK Work extensively with the Microsoft Security stack, including Sentinel, Defender … with the Microsoft security ecosystem (Sentinel, Defender, MDE, MDI) Deep understanding of incident response, attacker TTPs, and kill-chain methodologies Experience creating and tuning SIEM detections and alerts Strong knowledge of Windows environments, Active Directory, Azure, and M365 Experience with threat hunting and forensic investigation techniques Comfortable working ...

Will Need to Succeed: Minimum 3+ years of experience working in 24x7 enterprise operations, preferably security operations Minimum 1+ years of experience working with SIEM, including running investigations (correlating events on different aspects such as source/destination addresses, usernames, and process names) Demonstrable comprehension of Information Security including malware … investigate trends and identify errors Network, Security, or Platform certification(s) (S+, N+, MCSP, CNA) is a plus. Ideal candidates have strong experience with SIEM tools and security event processes. Compensation Estimated Pay Range: Exact compensation and offers of employment are dependent on circumstances of each case and will ...

Will Need to Succeed: Minimum 3+ years of experience working in 24x7 enterprise operations, preferably security operations Minimum 1+ years of experience working with SIEM, including running investigations (correlating events on different aspects such as source/destination addresses, usernames, and process names) Demonstrable comprehension of Information Security including malware … investigate trends and identify errors Network, Security, or Platform certification(s) (S+, N+, MCSP, CNA) is a plus. Ideal candidates have strong experience with SIEM tools and security event processes. Compensation Estimated Pay Range: Exact compensation and offers of employment are dependent on circumstances of each case and will ...

work with security platforms, scripting tasks, and collaborating with experienced security professionals. Key Areas of Work Enhancing alert logic and monitoring use cases within SIEM platforms Building and maintaining automation workflows using Python Reviewing security events and log data to spot unusual activity Supporting the design of detections aligned … adversarial behaviours Assisting investigations and contributing to continuous improvements within the SOC What You'll Bring Experience using one or more SIEM technologies (e.g., Sentinel, Splunk, ELK, Rapid7, LogRhythm) Python skills for scripting or automation Understanding of SOAR concepts or exposure to automated playbooks Familiarity with threat frameworks such ...

SIEM Architect - SC Cleared Whitehall Resources are looking for a SIEM Architect - SC Cleared. This role is hybrid working with 1-2 days per week onsite in Wokingham and the remainder remote working, for an initial 1-2 month contract. ***Client requires Active SC Clearance*** ***Inside IR35*** Job Description: - SIEM … experience for improvements. - Splunk SaaS experience and expertise as a lead architect and/or engineer - Experience of defining improvements within Cyber departments, particularly, SIEM improvements within Cyber Security Operations Centre (CSOC) functions that result in an increase in SIEM Maturity Levels. - Experience of the lifecycle of SIEM delivery, including ...

SIEM Architect - SC Cleared Whitehall Resources are looking for a SIEM Architect - SC Cleared. This role is hybrid working with 1-2 days per week onsite in Wokingham and the remainder remote working, for an initial 1-2 month contract. ***Client requires Active SC Clearance*** ***Inside IR35*** Job Description: - SIEM … experience for improvements. - Splunk SaaS experience and expertise as a lead architect and/or engineer - Experience of defining improvements within Cyber departments, particularly, SIEM improvements within Cyber Security Operations Centre (CSOC) functions that result in an increase in SIEM Maturity Levels. - Experience of the lifecycle of SIEM delivery, including ...

posture. Key Responsibilities: Handle and respond to cyber security incidents and tickets across customer environments. Monitor, investigate, and respond to alerts from MDR and SIEM platforms. Administer and support Microsoft Defender (Endpoint, Identity, Office 365, Cloud Apps). Support ITDR initiatives, identity protection, and endpoint security controls. Assist customers with … support/infrastructure background, ideally within an MSP. Cyber Security Experience: Managing cyber security alerts and incidents. MDR platforms and security operations processes. SIEM monitoring and investigation. ITDR tools and concepts. Microsoft Defender suite experience. Knowledge of Cyber Essentials/CE+ requirements. IT/Infrastructure Foundation: Microsoft 365 administration and ...

/OpenShift Multi-cloud platforms Collaborate with security, DevOps and infrastructure teams to integrate CyberArk with AD/LDAP, SAML/OIDC identity providers, SIEM (e.g. Splunk), ITSM, and MFA solutions. Lead installation, configuration, testing and handover of CyberArk secrets-management solutions into Run & Maintain teams. Provide architectural leadership … integrating CyberArk Conjur/Credential Provider for application and DevOps secrets. Demonstrable experience integrating CyberArk with: AD/LDAP SAML/OIDC identity providers SIEM tools ITSM/ticketing systems At least one MFA platform Solid understanding of DevOps and cloud-native ecosystems, including Kubernetes, OpenShift, containers, Jenkins, CI/ ...

intelligence to support SOC, incident response, and risk teams Track emerging threats affecting IT, OT, SCADA, and critical infrastructure Correlate intelligence from internal telemetry, SIEM, and external intelligence feeds Support incident response and post-incident analysis with threat context Maintain threat models aligned to MITRE ATT&CK (IT & OT) Brief … critical infrastructure environments Understanding of IT and OT security, including SCADA systems Familiarity with MITRE ATT&CK, kill chain, and adversary techniques Experience using SIEM, threat intelligence platforms, and OSINT Strong analytical and written communication skills Desirable Experience with NIS2, NERC CIP, or similar utilities regulations Background supporting ...

hiring Elasticsearch Consultant or Architect (Observability OR Security (SIEM) or Search (Data)) to join our team. This pivotal role requires a deep subject matter expert in the Elastic Stack, responsible for designing, implementing, and optimizing complex Elasticsearch environments tailored to critical business functions in either Observability, Security (SIEM), or Search … Logstash for comprehensive data collection. Designing APM services, setting up synthetic monitoring, and creating advanced Kibana dashboards for holistic operational visibility. OR Elastic Security (SIEM) Proven ability to deploy and manage Elastic SIEM, including endpoint security integration. Expertise in using security data (logs, events) to create custom detection rules, conduct ...

hiring Elasticsearch Consultant or Architect (Observability OR Security (SIEM) or Search (Data)) to join our team. This pivotal role requires a deep subject matter expert in the Elastic Stack, responsible for designing, implementing, and optimizing complex Elasticsearch environments tailored to critical business functions in either Observability, Security (SIEM), or Search … Logstash for comprehensive data collection. Designing APM services, setting up synthetic monitoring, and creating advanced Kibana dashboards for holistic operational visibility. OR Elastic Security (SIEM) Proven ability to deploy and manage Elastic SIEM, including endpoint security integration. Expertise in using security data (logs, events) to create custom detection rules, conduct ...