51 to 75 of 96 SIEM Jobs in Berkshire

What you’ll be doing: Designing and implementing SOC process automation to eliminate manual overhead in alert triage, response, and reporting Integrating security tooling (SIEM, SOAR, firewalls, etc.) Creating automated playbooks to drive consistency and speed across IR workflows Collaborating with SOC analysts, engineers, and third-party vendors to identify More ❯

security reports and advisories to key stakeholders. Residual Risk Assessment: Deliver post-incident analysis, technical lessons learned, and reporting to assess residual risk. Advanced SIEM Tuning: Refine and tune SIEM tools to reduce false positives and detect more sophisticated threats, ensuring optimal alert configurations. Automating Response Actions: Develop and improve … in security event analysis and incident response. Deep knowledge of IPv4/IPv6, TCP networking protocols, and the OSI model. Expertise in security tools: SIEM (ArcSight, Sentinel, QRadar, Splunk), EDR (Microsoft Defender, FireEye), IDS/IPS, firewalls, proxies, web application firewalls, and anti-virus technologies. Strong knowledge of Linux and More ❯

security reports and advisories to key stakeholders. Residual Risk Assessment: Deliver post-incident analysis, technical lessons learned, and reporting to assess residual risk. Advanced SIEM Tuning: Refine and tune SIEM tools to reduce false positives and detect more sophisticated threats, ensuring optimal alert configurations. Automating Response Actions: Develop and improve … in security event analysis and incident response. Deep knowledge of IPv4/IPv6, TCP networking protocols, and the OSI model. Expertise in security tools: SIEM (ArcSight, Sentinel, QRadar, Splunk), EDR (Microsoft Defender, FireEye), IDS/IPS, firewalls, proxies, web application firewalls, and anti-virus technologies. Strong knowledge of Linux and More ❯

Proven ability to manage relationships with internal and external stakeholders Experience working in a client-facing role Familiarity with security technologies such as firewalls, SIEM, endpoint protection and threat detection systems. Expertise in project management tools and methodologies (Agile, Waterfall) Strong understanding of cybersecurity best practices and risk management Certification More ❯

TrueSight Identity protection and corporate tools including AAIP, MDI, and MCAS PUAM systems, especially CyberArk Security logging and monitoring, preferably with PRISM or similar SIEM solutions Solid understanding of security frameworks (e.g., NIST, ISO 27001) and compliance requirements. Proven experience in low-level design (LLD) documentation and system integration. Our More ❯

TrueSight Identity protection and corporate tools including AAIP, MDI, and MCAS PUAM systems, especially CyberArk Security logging and monitoring, preferably with PRISM or similar SIEM solutions Solid understanding of security frameworks (e.g., NIST, ISO 27001) and compliance requirements. Proven experience in low-level design (LLD) documentation and system integration. Our More ❯

defence. What We’re Looking For: Extensive experience in cybersecurity operations, with a heavy focus on incident response and digital forensics. Deep understanding of SIEM/SEM tools and log analysis. Scripting or programming experience to support automation and investigation workflows. Practical expertise with operating systems, network protocols, and system More ❯

implementing custom scripts to automate current detection and response workflows. Requirements: Experience of threat detection and response methodologies Excellent background with tools such as SIEM & SOAR Excellent understanding of cyber security principles Good background with SOAR platforms such as Splunk Phantom, Siemplify & IBM Resilient Telecommunications background Further job details available More ❯

implement custom scripts to automate current detection and response workflows. Requirements: Experience of threat detection and response methodologies. Excellent background with tools such as SIEM & SOAR. Excellent understanding of cyber security principles. Good background with SOAR platforms such as Splunk Phantom, Siemplify & IBM Resilient. Telecommunications background. Further job details available More ❯

PowerShell OS & Tooling: Linux, Docker, Kubernetes, GitLab CI/CD testing & automation (GitLab, JMeter, PyTest) ✅ Domain Expertise: Security Products : OWASP, encryption (AES, RSA), PKI, SIEM Identity & Directory Tech : Active Directory, GPOs, IAM, SSO, OAuth2, SAML More ❯

scripting or programming languages. Practical knowledge and demonstrated experience in areas such as Data Loss Prevention (DLP), Data Privacy/Protection, DSPM/CSPM, SIEM, or vulnerability management is highly preferred. Proven success in a technical, customer-facing role within a software or SaaS company. Full spec available, please apply More ❯

scripting or programming languages. Practical knowledge and demonstrated experience in areas such as Data Loss Prevention (DLP), Data Privacy/Protection, DSPM/CSPM, SIEM, or vulnerability management is highly preferred. Proven success in a technical, customer-facing role within a software or SaaS company. Full spec available, please apply More ❯

Strong documentation skills (Microsoft Word, Project, Visio) and a grasp of Enterprise Architecture methods like TOGAF (desirable). Familiarity with secure Internet solutions (firewalls, SIEM), LAN environments, and cloud architectures (public/private) is a plus. Knowledge of sector-specific networks such as HSCN, PSN, or JANET is highly advantageous. More ❯

global business risk/objectives. This role is focused on technical operations and support of various information security tools including event/incident management (SIEM), cloud security, endpoint detection and response, email security, and vulnerability management. This position will be responsible for supporting the Director IT Security in reviewing and … will be done monthly. Deploy new information security tools, services, processes, and procedures to support the information security roadmap. Support information security services including SIEM, MDR, endpoint technology, secure email gateway, cloud security, certificate management, network security, and vulnerability management. Respond to critical incidents in a timely manner in partnership More ❯

global business risk/objectives. This role is focused on technical operations and support of various information security tools including event/incident management (SIEM), cloud security, endpoint detection and response, email security, and vulnerability management. This position will be responsible for supporting the Director IT Security in reviewing and … will be done monthly. Deploy new information security tools, services, processes, and procedures to support the information security roadmap. Support information security services including SIEM, MDR, endpoint technology, secure email gateway, cloud security, certificate management, network security, and vulnerability management. Respond to critical incidents in a timely manner in partnership More ❯

/Open API specs for vulnerabilities Advise on secure API design patterns Familiar with fallback controls such as WAF's, API gateways Experience using SIEM/logging tools to track API threats Familiarity with NIST, OWASP SAMM, or internal security frameworks Experience producing risk dashboards/reports for API's More ❯

/Open API specs for vulnerabilities Advise on secure API design patterns Familiar with fallback controls such as WAF's, API gateways Experience using SIEM/logging tools to track API threats Familiarity with NIST, OWASP SAMM, or internal security frameworks Experience producing risk dashboards/reports for API's More ❯

/Open API specs for vulnerabilities Advise on secure API design patterns Familiar with fallback controls such as WAF's, API gateways Experience using SIEM/logging tools to track API threats Familiarity with NIST, OWASP SAMM, or internal security frameworks Experience producing risk dashboards/reports for API's More ❯

This role offers an opportunity to work with market-leading vendors across networking (Cisco), data infrastructure (NetApp, IBM, cloud), and security solutions (NOC, SOC, SIEM) . While the focus is on new business development , there’s potential to inherit a small number of key accounts to support your success. What More ❯

This role offers an opportunity to work with market-leading vendors across networking (Cisco), data infrastructure (NetApp, IBM, cloud), and security solutions (NOC, SOC, SIEM) . While the focus is on new business development , there’s potential to inherit a small number of key accounts to support your success. What More ❯

Password Vault Web Access) PSM (Privileged Session Manager) AAM (Application Access Manager) Conjur (Secrets Management) Integrate CyberArk with other security tools and platforms (e.g., SIEM, IAM, ITSM). Configure and manage safes, platforms, and policies within CyberArk. 3. Operational Management: Monitor and maintain the CyberArk environment to ensure optimal performance … PVWA, PSM, AAM, Conjur). Strong understanding of privileged access management concepts and best practices. Experience with integrating CyberArk with other security tools (e.g., SIEM, IAM, ITSM). Proficiency in scripting languages (e.g., PowerShell, Python) for automation and customization. Excellent problem-solving and troubleshooting skills. Preferred: Experience with cloud platforms More ❯

Password Vault Web Access) PSM (Privileged Session Manager) AAM (Application Access Manager) Conjur (Secrets Management) Integrate CyberArk with other security tools and platforms (e.g., SIEM, IAM, ITSM). Configure and manage safes, platforms, and policies within CyberArk. 3. Operational Management: Monitor and maintain the CyberArk environment to ensure optimal performance … PVWA, PSM, AAM, Conjur). Strong understanding of privileged access management concepts and best practices. Experience with integrating CyberArk with other security tools (e.g., SIEM, IAM, ITSM). Proficiency in scripting languages (e.g., PowerShell, Python) for automation and customization. Excellent problem-solving and troubleshooting skills. Preferred: Experience with cloud platforms More ❯

across the SOC EDR-Centric Response – Work extensively with EDR tools (primary alert source) to detect and analyse modern threats Fine-Tuning & Reporting – Tune SIEM and SOAR systems for accuracy, and deliver clear, actionable incident reports Technical Threat Intelligence – Stay ahead of emerging attack vectors, especially those identified via EDR … severity incidents with analytical precision and attention to detail In-depth understanding of modern attack vectors , especially those surfaced via EDR platforms Proficiency with SIEM (e.g., Splunk, ArcSight), EDR (e.g., Defender, FireEye) , and supporting security tools Strong technical knowledge of TCP/IP, OSI model, Windows/Linux , and cloud More ❯

department to do the relative jobs, reports, support internal and external networks, including VPN setup, DNS management, AP management, firewall configuration, WAF (e.g. Akaimai),SIEM(e.g. IBM QRada),etc. (4) Familiar with IP network, familiar with Cisco and Juniper, etc. equipment’s maintenance and configuration. (5) Experience with the Linux … of IP network protocols, maintenance and configuration, firewall management, and data security practices. Experience with VOIP telephony systems, VPN technologies, DNS management, WAF administration, SIEM management. Familiarity with automated deployment tools, disaster recovery practices, and endpoint protection solutions. Excellent troubleshooting skills and the ability to resolve complex technical issues efficiently. More ❯

strength, and actionable recommendations. Key Responsibilities Threat modelling and simulation Vulnerability assessments Ethical hacking of networks, operating systems, and web application Utilise tools for SIEM, Data Loss Prevention, and endpoint detection Collaborate with third-party vendors The role is open for applications from 19/05 and the application period More ❯