76 to 99 of 99 SIEM Jobs in Berkshire

Password Vault Web Access) PSM (Privileged Session Manager) AAM (Application Access Manager) Conjur (Secrets Management) Integrate CyberArk with other security tools and platforms (e.g., SIEM, IAM, ITSM). Configure and manage safes, platforms, and policies within CyberArk. 3. Operational Management: Monitor and maintain the CyberArk environment to ensure optimal performance … PVWA, PSM, AAM, Conjur). Strong understanding of privileged access management concepts and best practices. Experience with integrating CyberArk with other security tools (e.g., SIEM, IAM, ITSM). Proficiency in scripting languages (e.g., PowerShell, Python) for automation and customization. Excellent problem-solving and troubleshooting skills. Preferred: Experience with cloud platforms More ❯

Password Vault Web Access) PSM (Privileged Session Manager) AAM (Application Access Manager) Conjur (Secrets Management) Integrate CyberArk with other security tools and platforms (e.g., SIEM, IAM, ITSM). Configure and manage safes, platforms, and policies within CyberArk. 3. Operational Management: Monitor and maintain the CyberArk environment to ensure optimal performance … PVWA, PSM, AAM, Conjur). Strong understanding of privileged access management concepts and best practices. Experience with integrating CyberArk with other security tools (e.g., SIEM, IAM, ITSM). Proficiency in scripting languages (e.g., PowerShell, Python) for automation and customization. Excellent problem-solving and troubleshooting skills. Preferred: Experience with cloud platforms More ❯

across the SOC EDR-Centric Response – Work extensively with EDR tools (primary alert source) to detect and analyse modern threats Fine-Tuning & Reporting – Tune SIEM and SOAR systems for accuracy, and deliver clear, actionable incident reports Technical Threat Intelligence – Stay ahead of emerging attack vectors, especially those identified via EDR … severity incidents with analytical precision and attention to detail In-depth understanding of modern attack vectors , especially those surfaced via EDR platforms Proficiency with SIEM (e.g., Splunk, ArcSight), EDR (e.g., Defender, FireEye) , and supporting security tools Strong technical knowledge of TCP/IP, OSI model, Windows/Linux , and cloud More ❯

across the SOC EDR-Centric Response – Work extensively with EDR tools (primary alert source) to detect and analyse modern threats Fine-Tuning & Reporting – Tune SIEM and SOAR systems for accuracy, and deliver clear, actionable incident reports Technical Threat Intelligence – Stay ahead of emerging attack vectors, especially those identified via EDR … severity incidents with analytical precision and attention to detail In-depth understanding of modern attack vectors , especially those surfaced via EDR platforms Proficiency with SIEM (e.g., Splunk, ArcSight), EDR (e.g., Defender, FireEye) , and supporting security tools Strong technical knowledge of TCP/IP, OSI model, Windows/Linux , and cloud More ❯

department to do the relative jobs, reports, support internal and external networks, including VPN setup, DNS management, AP management, firewall configuration, WAF (e.g. Akaimai),SIEM(e.g. IBM QRada),etc. (4) Familiar with IP network, familiar with Cisco and Juniper, etc. equipment’s maintenance and configuration. (5) Experience with the Linux … of IP network protocols, maintenance and configuration, firewall management, and data security practices. Experience with VOIP telephony systems, VPN technologies, DNS management, WAF administration, SIEM management. Familiarity with automated deployment tools, disaster recovery practices, and endpoint protection solutions. Excellent troubleshooting skills and the ability to resolve complex technical issues efficiently. More ❯

strength, and actionable recommendations. Key Responsibilities Threat modelling and simulation Vulnerability assessments Ethical hacking of networks, operating systems, and web application Utilise tools for SIEM, Data Loss Prevention, and endpoint detection Collaborate with third-party vendors The role is open for applications from 19/05 and the application period More ❯

Permanent Salary : Up to £60,000 Overview: A growing cyber consultancy is seeking a client-facing Cyber Security Consultant to lead risk assessments, drive SIEM/XDR implementation, and guide customers through threat detection and governance improvements. This role is Ideal for individuals with an outgoing personality, confident speaking with … to frameworks (e.g., NIST, NIS2). Manage and grow client relationships through strategic engagement, consulting with C suite executives and external security leaders. Oversee SIEM/XDR deployments and incident response workflows. Conduct posture reviews, environment audits, and gap analyses. Present security findings and recommendations to stakeholders through meetings and … reports. Provide guidance on threat detection best practices. Technical Skills & Experience: Proficient with SIEM/XDR tools (QRadar, Sentinel, Defender XDR). Strong knowledge of NIST CSF, NCSC CAF, and cloud security (AWS, Azure, GCP). Experienced in risk methodologies (e.g., NIST 800-30). Preferred Certifications: CompTIA Security+, CySA+ More ❯

security operations and agile delivery workflows Define detection rules and thresholds aligned to business risk and threat profiles Advise on triage processes, integration with SIEM tooling, and use of GuardDuty findings for incident investigation Support wider AWS security efforts including posture management, governance, and compliance monitoring Essential Skills & Experience: Extensive … documentation and communication skills with experience presenting findings and recommendations to technical and non-technical stakeholders Desirable: Hands-on experience integrating AWS logs into SIEM platforms (e.g., Splunk, ELK) for correlation and alerting Familiarity with containerised workloads and security for EKS or similar environments Relevant AWS certifications (e.g., AWS Certified More ❯

and access controls. Lead threat modelling exercises to identify, assess and mitigate risks in systems and applications. Lead the design, implementation and optimisation of SIEM solutions (e.g. Splunk, Sentinel). Integrate SIEM systems with other security tools like EDR, SOAR and threat intelligence feeds. Skills Extensive experience in Cyber Security … threat modelling. Proficiency in cloud platforms and services (AWS, Azure, GCP) with deep knowledge of native security tools. Hands-on experience designing and implementing SIEM solutions in enterprise environments. Skilled in scripting and automation (e.g., Python, PowerShell) for security processes. Familiarity with tools for threat modelling, vulnerability management, and incident … response. SIEM-specific certifications like Splunk Certified Architect, Sentinel Expert, or equivalent. IAM certifications (e.g., Okta Certified Consultant, SailPoint IdentityNow, or CyberArk Defender) are highly desirable. More ❯

Job Title: SIEM Engineer Location: Remote Salary: £40,000 - £50,000 The Company An exciting opportunity has arisen at an award-winning Microsoft Partner for a SIEM Engineer. The business is a fast-growing, industry-leading managed service and managed security service provider, delivering to mid-sized and large enterprise … clients. This is a fantastic opportunity for a SIEM Engineer to continue developing their expertise in security platforms at an established Microsoft Partner. The company places strong emphasis on staff development, offering support for training and professional certifications. You’ll also gain exposure to cutting-edge technologies, working across security More ❯

Job Title: SIEM Engineer Location: Remote Salary: £40,000 - £50,000 The Company An exciting opportunity has arisen at an award-winning Microsoft Partner for a SIEM Engineer. The business is a fast-growing, industry-leading managed service and managed security service provider, delivering to mid-sized and large enterprise … clients. This is a fantastic opportunity for a SIEM Engineer to continue developing their expertise in security platforms at an established Microsoft Partner. The company places strong emphasis on staff development, offering support for training and professional certifications. You’ll also gain exposure to cutting-edge technologies, working across security More ❯

this role you will be providing detailed risk assessments, implementing industry-standard security frameworks including NIST, NCSC, and NIS2 as well as actively managing SIEM tools such as QRadar and/or Sentinel. You’ll be working closely with end customer stakeholders, undertaking proactive risk management, and threat detection consulting. … Lead comprehensive security risk assessments inline with industry standards and conduct environment reviews ensuring compliance with NIST Frameworks and related standards Oversee and implement SIEM/XDR deployments, custom rule development, and incident response processes acting as a point of escalation and point of contact for internal and external stakeholders … cybersecurity frameworks (NIST CSF, NCSC CAF, NIS2, NIST 800-30) Confident in using risk assessment methodologies (NIST 800-30). Hands-on experience with SIEM/XDR solutions (QRadar, Sentinel, Defender XDR) Familiarity with cloud security principles across AWS, Azure, and GCP, ideally within a managed services environment Ideal candidates More ❯

Role Lead the design, deployment and tuning of enterprise-grade SIEM platforms (e.g. Splunk, Azure Sentinel etc.) Collaborate with stakeholders to define logging requirements, use cases, detection rules and dashboards Oversee integration of data sources from cloud, on-prem, endpoint, network and application layers Create and maintain detection rules, correlation … logic and alerts tailored to specific threat scenarios Provide technical leadership and mentorship to team members Work closely with SOC teams to align SIEM capabilities with business objectives Conduct SIEM health checks, performance tuning and capacity planning Skills Expertise in SIEM design, deployment and optimisation Hands-on expertise with one … or more major SIEM platforms (e.g. Splunk, Sentinel etc.) Deep understanding of log ingestion, parsing, normalisation and enrichment Strong grasp of MITRE ATT&CK framework, threat detection and alert logic Solid scripting/automation skills (e.g., Python, PowerShell, Bash) Experience with cloud logging and monitoring (AWS CloudTrail, Azure Monitor, GCP More ❯

You'll own and optimise enterprise-wide log onboarding into Microsoft Sentinel – deploying standard and custom connectors, Function Apps, and parsers to build tailored SIEM solutions that drive real-world threat detection and response. Log ingestion at scale across numerous hybrid and multi-cloud environments Enhance custom Function Apps and … Experience building and integrating complex Microsoft Sentinel at SMC and enterprise Understanding of security telemetry across identity, endpoint, cloud, and network layers Experience in SIEM content development, including KQL, analytics rules, and custom data connectors Scripting and engineering skills – Python, PowerShell, APIs, Function Apps A background in cyber threat detection More ❯

You'll own and optimise enterprise-wide log onboarding into Microsoft Sentinel – deploying standard and custom connectors, Function Apps, and parsers to build tailored SIEM solutions that drive real-world threat detection and response. Log ingestion at scale across numerous hybrid and multi-cloud environments Enhance custom Function Apps and … Experience building and integrating complex Microsoft Sentinel at SMC and enterprise Understanding of security telemetry across identity, endpoint, cloud, and network layers Experience in SIEM content development, including KQL, analytics rules, and custom data connectors Scripting and engineering skills – Python, PowerShell, APIs, Function Apps A background in cyber threat detection More ❯

technologies. Create and maintain detection rules and logic to identify suspicious activity and potential security threats. Participate in the creation, implementation, and optimisation of SIEM event correlation rules, logic, and content to filter out security events associated with known network behaviour, false positives, and errors. Support the transition of project … technologies such as NDR/content filtering/FW/IPS/IDS/DDOS, EDR/MDR, DAST/SAST, Identity Access Management, SIEM & SOAR, log management. Preferable experience in Azure, AWS, Defender, Darktrace. Experience and technical knowledge in multiple areas of cyber defence operations. Experience as a Cyber More ❯

technologies. Create and maintain detection rules and logic to identify suspicious activity and potential security threats. Participate in the creation, implementation, and optimisation of SIEM event correlation rules, logic, and content to filter out security events associated with known network behaviour, false positives, and errors. Support the transition of project … technologies such as NDR/content filtering/FW/IPS/IDS/DDOS, EDR/MDR, DAST/SAST, Identity Access Management, SIEM & SOAR, log management. Preferable experience in Azure, AWS, Defender, Darktrace. Experience and technical knowledge in multiple areas of cyber defence operations. Experience as a Cyber More ❯

contract XSIAM Engineer with deep expertise in Palo Alto Networks technologies , ideally coming from an XSOAR background , and possessing strong experience across XDR and SIEM environments. This is a key role within our security operations function, focused on enhancing detection, automation, and response capabilities. *For this role you must be … and manage security automation workflows , drawing from previous XSOAR experience Integrate and optimize XDR capabilities to support proactive threat detection Set up and maintain SIEM-style log ingestion , correlation rules, and enrichment pipelines Build custom dashboards and reporting tools for real-time security insights Troubleshoot complex issues related to XSIAM … XSIAM in real-world environments but will consider strong XSOAR Consultants who want to evolve into XSIAM. Strong understanding of Security Operations, XDR , and SIEM principles Proficient in scripting and automation (e.g., Python, PowerShell) Solid experience with log analysis , event correlation, and alert tuning Needs to be eligible for SC More ❯

contract XSIAM Engineer with deep expertise in Palo Alto Networks technologies , ideally coming from an XSOAR background , and possessing strong experience across XDR and SIEM environments. This is a key role within our security operations function, focused on enhancing detection, automation, and response capabilities. *For this role you must be … and manage security automation workflows , drawing from previous XSOAR experience Integrate and optimize XDR capabilities to support proactive threat detection Set up and maintain SIEM-style log ingestion , correlation rules, and enrichment pipelines Build custom dashboards and reporting tools for real-time security insights Troubleshoot complex issues related to XSIAM … XSIAM in real-world environments but will consider strong XSOAR Consultants who want to evolve into XSIAM. Strong understanding of Security Operations, XDR , and SIEM principles Proficient in scripting and automation (e.g., Python, PowerShell) Solid experience with log analysis , event correlation, and alert tuning Needs to be eligible for SC More ❯

e.g. NIST, ISO 27001, CIS). Partner with compliance, audit, and internal stakeholders to address regulatory requirements and support evidence gathering for audits. Leverage SIEM and monitoring tools to inform risk posture and ensure control effectiveness. Produce high-quality documentation, dashboards, and risk reports for senior stakeholders. What We’re … CSF, ISO 27001, CIS, etc. Experience with security risk assessments, controls design, and compliance monitoring. Familiarity with vulnerability management practices and tools. Exposure to SIEM platforms and their role in risk and control monitoring. Strong stakeholder management and communication skills—capable of translating technical risk into business impact. Experience within More ❯

I am currently supporting a business engaged in the setup and deployment of a new Security Information and Event Management (SIEM) solution. The scope of work includes replacing the existing Trend Micro infrastructure and rolling out CrowdStrike across all server environments to enhance threat detection and response capabilities. Job Title … Job Type: 3 month Contract Contract: Outside I35 Location: Remote Responsibilities: Collaborate with delivery teams and the client to develop SOC playbooks supporting both SIEM and SOC operations. Design and implement SOAR workflows to automate incident response processes. Configure correlation searches and alerting mechanisms, optimising rules to minimise false positives. … Serve as the Subject Matter Expert (SME) for SIEM deployment, supporting data ingestion from sources such as AWS and Qualys. Assist in the integration of SIEM alerts with Jira, enabling streamlined alert tracking and incident management. Define and configure alert severity levels within SIEM, SOAR, and Jira to align with More ❯

I am currently supporting a business engaged in the setup and deployment of a new Security Information and Event Management (SIEM) solution. The scope of work includes replacing the existing Trend Micro infrastructure and rolling out CrowdStrike across all server environments to enhance threat detection and response capabilities. Job Title … Job Type: 3 month Contract Contract: Outside I35 Location: Remote Responsibilities: Collaborate with delivery teams and the client to develop SOC playbooks supporting both SIEM and SOC operations. Design and implement SOAR workflows to automate incident response processes. Configure correlation searches and alerting mechanisms, optimising rules to minimise false positives. … Serve as the Subject Matter Expert (SME) for SIEM deployment, supporting data ingestion from sources such as AWS and Qualys. Assist in the integration of SIEM alerts with Jira, enabling streamlined alert tracking and incident management. Define and configure alert severity levels within SIEM, SOAR, and Jira to align with More ❯

DNS filtering, HTTP inspection, etc.) for secure browsing and egress control Integrate Cloudflare services with: Entra ID/Azure Active Directory for identity management SIEM platforms (likely Microsoft Sentinel) for log forwarding and visibility Coordinate with the client’s Azure infrastructure partners to ensure smooth integration Produce documentation and operational … especially ZTNA and Gateway Proven experience implementing Zero Trust access policies in cloud environments Experience integrating Cloudflare with Azure AD/Entra ID and SIEM tools Understanding of secure cloud networking principles and Zero Trust architecture Experience in multi-cloud environments (Azure required) If this role sounds like it could More ❯

DNS filtering, HTTP inspection, etc.) for secure browsing and egress control Integrate Cloudflare services with: Entra ID/Azure Active Directory for identity management SIEM platforms (likely Microsoft Sentinel) for log forwarding and visibility Coordinate with the client’s Azure infrastructure partners to ensure smooth integration Produce documentation and operational … especially ZTNA and Gateway Proven experience implementing Zero Trust access policies in cloud environments Experience integrating Cloudflare with Azure AD/Entra ID and SIEM tools Understanding of secure cloud networking principles and Zero Trust architecture Experience in multi-cloud environments (Azure required) If this role sounds like it could More ❯