20 of 20 SIEM Jobs in Bristol

/UAT; support incident response. Maintain SBOMs to support vulnerability management and supply-chain assurance. Integrate and enhance security monitoring, logging and alerting (including SIEM/threat detection). Create security documentation (designs, risk assessments, mitigation plans, ops procedures). Collaborate with project/programme managers and stakeholders to ensure ...

support incident response activities. Maintain SBOMs to support vulnerability management and supply-chain assurance. Integrate and enhance security monitoring, logging, and alerting (including SIEM/threat detection). Produce security documentation including designs, risk assessments, mitigation plans, and operational procedures. Collaborate with project/programme managers and wider stakeholders ...

communication and interpersonal skills, with the ability to convey complex security concepts to non-technical stakeholders Proficiency in security tools and technologies, such as SIEM, IDS/IPS, and vulnerability scanners Autonomy: Works under broad direction. Work is often self-initiated Influence: Influences organisation, customers, suppliers, partners, and peers ...

activities. Monitor security alerts and assist with investigating potential incidents. Help implement security best practices and policies to protect digital assets. Gain exposure to SIEM tools and security monitoring platforms. Assist with creating incident response documentation and security reports. Support compliance efforts and basic risk assessments aligned with industry standards. ...

activities. Monitor security alerts and assist with investigating potential incidents. Help implement security best practices and policies to protect digital assets. Gain exposure to SIEM tools and security monitoring platforms. Assist with creating incident response documentation and security reports. Support compliance efforts and basic risk assessments aligned with industry standards. ...

Certification Authority). Hands-on experience with virtualisation platforms (Hyper-V), network security appliances and MFA solutions. Understanding of vulnerability management, endpoint protection and SIEM operations. Excellent problem-solving skills and ability to work under pressure. Strong communication skills to engage stakeholders and influence technical decisions. Experience working ...

continuous detection & response improvements Providing expert security guidance to IT, engineering and systems owners Conducting security reviews of new suppliers, software and technologies Enhancing SIEM, detection rules, response automation and visibility across devices and infrastructure Improving IAM, device management, productivity tools and cloud security (AWS, Azure, Microsoft ecosystems) Ensuring effective ...

infrastructure builds with cyber security standards such as NCSC guidance, CIS benchmarks, or Microsoft Security Baselines. Experience implementing monitoring, logging, and alerting toolsets including SIEM and threat detection platforms. Understanding of data classification, encryption, and secure storage/access principles. Experience defining security configurations and collaborating with engineers to apply ...

Hands-on knowledge of Active Directory, Group Policy, WSUS and Certificate Services Experience with MFA, virtualisation and network security appliances Understanding of vulnerability management, SIEM and endpoint protection Familiarity with security frameworks (ISO 27001, NIST, CIS, Cyber Essentials) Hold SC or DV clearance. A great opportunity to work on complex ...

migrating firewall rules, designing segmentation at multiple layers (macro/meso/micro), and integrating identity‐based controls. Strong background in logging/monitoring, SIEM/SOAR integration, and building operational metrics. Proficiency with capacity planning, performance tuning, and platform visibility tooling. Excellent documentation skills; able to produce architecture artefacts ...

proactive, self-starting individual with strong technical knowledge across on-prem and cloud environments, and ideally experience in areas such as: Network security, IAM, SIEM, and threat detection Compliance frameworks (e.g. NIST, ISO 27001, CIS Controls) Security automation and scripting Producing security artefacts and documentation Experience in Operational Technology would ...

provisioning and compliance. Integration knowledge across Microsoft Exchange, M365, VMware and enterprise IT ecosystems. Understanding of Zero Trust architecture, identity threat detection, and SIEM integration. Strong stakeholder management, influencing, and communication skills. Ability to translate complex technical challenges into executive-level decisions and investment cases Our company: Peace ...

enterprise identity and access protection Secure virtualisation platforms (Hyper-V, VMware) and implement endpoint security (EDR, anti-malware, DLP) Operate and optimise SIEM tools (Splunk, Microsoft Sentinel) for threat detection and incident response Perform vulnerability assessments using Qualys and Tenable, driving remediation and continuous improvement Align security controls with … knowledge of Microsoft technologies (Windows Server/Desktop, Active Directory, Group Policy) Hands-on experience with MFA, virtualisation, and network security appliances Understanding of SIEM operations, vulnerability management, and endpoint protection Familiarity with recognised security frameworks (ISO 27001, NIST, CIS, Cyber Essentials) Excellent problem-solving and communication skills DV cleared. ...

resided continuously in the UK for the past five years, due to Security Clearance requirements. Key Responsibilities: Lead investigations of security incidents raised by SIEM and CNAPP tooling. Drive improvements in cloud security posture using Microsoft Defender for Cloud. Guide project teams on remediation steps and ensure alignment with security … best practices. Support WebOps activities including deployment and configuration of SIEM and CNAPP tools. Oversee vulnerability management processes and ensure timely remediation. Manage and maintain LogicMonitor for cloud platform monitoring: Create and update logicmodules Configure alert rules and escalation chains Manage ServiceNow integration for incident handling Build and maintain dashboards ...

candidates from general SOC or InfoSec backgrounds, sector experience is a bonus, not a requirement. What you'll be doing: Operate, tune and configure SIEM tools Monitor and triage security alerts, applying custom queries (e.g. KQL) and correlation rules to detect suspicious activity. Investigate security incidents across endpoints, networks, and … and security posture improvements. What we're looking for: Strong working knowledge of Microsoft security stack (e.g. Sentinel, Defender) and hands-on experience with SIEM tooling, alerts triage, detection logic, and security incident workflows. Ability to write and optimise detection queries (e.g. in KQL), review firewall and security logs, manage ...

RBAC and conditional access Familiarity with regulatory and compliance frameworks such as NIST, CIS Controls, ISO 27001 and Cyber Essentials Plus Experience with SIEM, logging, monitoring and threat detection platforms Understanding of data classification, encryption and secure storage Ability to collaborate with engineers to enforce secure configurations and hardening standards … and submit (subject to required skills) your application to our client in conjunction with this vacancy only. KEY SKILLS Cyber Security Engineer, Microsoft Security, SIEM, IAM, Vulnerability Management, Network Security, Security Architecture, Incident Response, Hybrid Cloud, Threat Modelling, Compliance ...

senior security leaders, with the ability to diagnose challenges and deliver strategic recommendations 10+ years of hands-on experience in deploying and integrating SIEM/security analytics solutions within large enterprise environments 8+ years of experience with Security Operations Center (SOC) tooling, processes, and workflows Hands-on technical mastery across … SIEM, SOAR, EDR, cloud security, and threat intelligence Ability to conceive, architect, and develop effective correlation and detection rules Familiarity with a range of SIEM technologies, such as Splunk and IBM QRadar, is a plus. Strong expertise in Regular Expressions (Regex) Relevant bachelor's degree or industry-recognized qualifications (CISSP ...

Will Need to Succeed: Minimum 3+ years of experience working in 24x7 enterprise operations, preferably security operations Minimum 1+ years of experience working with SIEM, including running investigations (correlating events on different aspects such as source/destination addresses, usernames, and process names) Demonstrable comprehension of Information Security including malware … investigate trends and identify errors Network, Security, or Platform certification(s) (S+, N+, MCSP, CNA) is a plus. Ideal candidates have strong experience with SIEM tools and security event processes. Compensation Estimated Pay Range: Exact compensation and offers of employment are dependent on circumstances of each case and will ...

work with security platforms, scripting tasks, and collaborating with experienced security professionals. Key Areas of Work Enhancing alert logic and monitoring use cases within SIEM platforms Building and maintaining automation workflows using Python Reviewing security events and log data to spot unusual activity Supporting the design of detections aligned … adversarial behaviours Assisting investigations and contributing to continuous improvements within the SOC What You'll Bring Experience using one or more SIEM technologies (e.g., Sentinel, Splunk, ELK, Rapid7, LogRhythm) Python skills for scripting or automation Understanding of SOAR concepts or exposure to automated playbooks Familiarity with threat frameworks such ...

hiring Elasticsearch Consultant or Architect (Observability OR Security (SIEM) or Search (Data)) to join our team. This pivotal role requires a deep subject matter expert in the Elastic Stack, responsible for designing, implementing, and optimizing complex Elasticsearch environments tailored to critical business functions in either Observability, Security (SIEM), or Search … Logstash for comprehensive data collection. Designing APM services, setting up synthetic monitoring, and creating advanced Kibana dashboards for holistic operational visibility. OR Elastic Security (SIEM) Proven ability to deploy and manage Elastic SIEM, including endpoint security integration. Expertise in using security data (logs, events) to create custom detection rules, conduct ...