26 to 50 of 50 SIEM Jobs in Central London

expertise: Windows Server, AD/Entra ID, Group Policy, O365, Intune Solid networking foundations: TCP/IP, VLANs, DNS, VPNs, Wi-Fi Security engineering knowledge: System hardening, endpoint security, SIEM, incident handling ISO27001, GDPR or PCI compliance exposure Certificates (SSL/TLS), WAF/DDoS, email security Azure engineering background: Governance, networking, identity and security configuration Ownership mindset and strong More ❯

and disaster recovery processes. Administer and monitor Active Directory, Azure Entra, and Intune environments. Manage compliance policies, conditional access, and mobile device management. Work with third-party providers supporting SIEM and threat analytics systems. Lead on implementing IT security best practices, standards, and access controls. Support infrastructure and security projects, including system upgrades and migrations. Create and maintain technical documentation More ❯

and packet (PCAP) analysis Familiarity with Windows and/or Linux investigations Clear and structured documentation of technical findings Desired Skills Basic scripting (e.g., Python, Bash, PowerShell) Experience creating SIEM rules or detection logic Exposure to cloud environments and related attack vectors Knowledge of threat hunting methods and MITRE ATT&CK Interest or experience in cross-functional collaboration (e.g., Threat More ❯

and packet (PCAP) analysis Familiarity with Windows and/or Linux investigations Clear and structured documentation of technical findings Desired Skills Basic scripting (e.g., Python, Bash, PowerShell) Experience creating SIEM rules or detection logic Exposure to cloud environments and related attack vectors Knowledge of threat hunting methods and MITRE ATT&CK Interest or experience in cross-functional collaboration (e.g., Threat More ❯

Azure A strong understanding of software development methodologies and practices Ability to Rapid Risk Assessment and Threat Modeling Other technical skills required: Azure Security Monitoring including Application Insights, and SIEM Excellent communication skills to guarantee stakeholder alignment and successful outcomes at all stages of Product delivery and ongoing support. This is a great opportunity and salary is dependent upon experience. More ❯

routing, and security protocols who can also present to non-technical audiences. Essential experience: L2–L4 networking: TCP/IP, switching, OSPF, BGP, VRRP Security: stateful firewalls, UTM, IPSec, SIEM, SOC Strong communication, presentation, and technical documentation skills Experience in customer-facing solution design and demos Excellent organisational and problem-solving abilities Ability to manage multiple projects under pressure CCNA More ❯

routing, and security protocols who can also present to non-technical audiences. Essential experience: L2–L4 networking: TCP/IP, switching, OSPF, BGP, VRRP Security: stateful firewalls, UTM, IPSec, SIEM, SOC Strong communication, presentation, and technical documentation skills Experience in customer-facing solution design and demos Excellent organisational and problem-solving abilities Ability to manage multiple projects under pressure CCNA More ❯

as CloudWatch, ELK, and Grafana Strong scripting skills in Bash, JavaScript or similar knowledge of SecDevOps security best practices and experience implementing security controls in a cloud environment including SIEM, Guard Duty, Shield, Inspector and Security Hub Experience with CI/CD pipeline development and management Best practice configuration of Identity and Access Management and IAM Identity Center Experience with More ❯

intelligence, cybersecurity operations, or penetration testing Proven ability to work collaboratively with Red/Blue teams and Security Operations Centres (SOC) Hands-on experience with TIPs (Threat Intelligence Platforms), SIEM tools, and threat data enrichment solutions Practical exposure to Breach & Attack Simulation (BAS) tools for threat scenario development Strong knowledge of adversary TTPs, MITRE ATT&CK, and modern threat modelling More ❯

Proven track record in CyberArk upgrades and custom integrations. Excellent communication and stakeholder engagement skills. Desirable Experience in financial services or banking environments. Familiarity with Sentinel, Defender XDR, and SIEM integrations. CyberArk Defender & Sentry certifications. Please apply within for further details - Matt Holmes, Harvey Nash More ❯

Azure A strong understanding of software development methodologies and practices Ability to Rapid Risk Assessment and Threat Modeling Other technical skills required: Azure Security Monitoring including Application Insights, and SIEM Excellent communication skills to guarantee stakeholder alignment and successful outcomes at all stages of Product delivery and ongoing support This is a great opportunity and salary is dependent upon experience. More ❯

Azure A strong understanding of software development methodologies and practices Ability to Rapid Risk Assessment and Threat Modeling Other technical skills required: Azure Security Monitoring including Application Insights, and SIEM Excellent communication skills to guarantee stakeholder alignment and successful outcomes at all stages of Product delivery and ongoing support. This is a great opportunity and salary is dependent upon experience. More ❯

ensuring that security operations stay one step ahead of emerging threats. What You’ll Do Lead the creation and optimization of detection rules, alerting logic, and use cases across SIEM, EDR, and SOAR platforms. Analyze and investigate alerts across cloud and on-prem infrastructures to identify real threats and eliminate false positives. Strengthen visibility across Azure, AWS, and GCP environments … improvement of detection strategies and mentor analysts to uplift overall team capability. What You’ll Bring Solid background in threat detection, SOC operations, or incident response. Deep understanding of SIEM, EDR, and cloud-native security tooling (e.g., Microsoft Sentinel, Defender, GuardDuty, Chronicle). Hands-on experience developing and tuning detection content for cloud and hybrid environments. Strong grasp of adversarial More ❯

ensuring that security operations stay one step ahead of emerging threats. What You’ll Do Lead the creation and optimization of detection rules, alerting logic, and use cases across SIEM, EDR, and SOAR platforms. Analyze and investigate alerts across cloud and on-prem infrastructures to identify real threats and eliminate false positives. Strengthen visibility across Azure, AWS, and GCP environments … improvement of detection strategies and mentor analysts to uplift overall team capability. What You’ll Bring Solid background in threat detection, SOC operations, or incident response. Deep understanding of SIEM, EDR, and cloud-native security tooling (e.g., Microsoft Sentinel, Defender, GuardDuty, Chronicle). Hands-on experience developing and tuning detection content for cloud and hybrid environments. Strong grasp of adversarial More ❯

New Zealand, and the Philippines, Orro is known for delivering future-ready solutions, backed by deep expertise, genuine human insight and lasting partnerships. What You’ll Be Doing Perform SIEM-based event analysis and triage potential threats, including recognising successful and unsuccessful intrusion attempts. Investigate phishing emails, suspicious domains, and IP addresses using OSINT and threat intelligence sources. Proactively monitor … great team spirit and a growing passion for cyber security. Ideally, your toolkit includes: 1–2 years of experience in a SOC or related cyber role. Exposure to AI SIEM, XDR or EDR platforms such as Splunk, Microsoft Sentinel or SentinelOne Experience with Microsoft Security platforms and Windows security fundamentals. Familiarity with Linux/Unix-based systems and basic scripting More ❯

New Zealand, and the Philippines, Orro is known for delivering future-ready solutions, backed by deep expertise, genuine human insight and lasting partnerships. What You’ll Be Doing Perform SIEM-based event analysis and triage potential threats, including recognising successful and unsuccessful intrusion attempts. Investigate phishing emails, suspicious domains, and IP addresses using OSINT and threat intelligence sources. Proactively monitor … great team spirit and a growing passion for cyber security. Ideally, your toolkit includes: 1–2 years of experience in a SOC or related cyber role. Exposure to AI SIEM, XDR or EDR platforms such as Splunk, Microsoft Sentinel or SentinelOne Experience with Microsoft Security platforms and Windows security fundamentals. Familiarity with Linux/Unix-based systems and basic scripting More ❯

for security solutions, ensuring alignment with enterprise architecture and security policies. Design and architect solutions across various security domains including: Data Loss Prevention (DLP) Security Information and Event Management (SIEM) Identity and Access Management (IAM) Endpoint Detection and Response (EDR), MDM, and Endpoint Management tools Cloud and On-Prem Security Solutions Collaborate with stakeholders such as IT operations, application teams … documentation. Maintain up-to-date knowledge of emerging security threats and best practices to continuously enhance solution designs. Qualifications - Proven experience designing security solutions across multiple domains including DLP, SIEM, IAM, and Endpoint Security. Bachelor’s degree in computer science, Cybersecurity, Information Systems, or related field (master’s preferred). Experience in cybersecurity with 3+ years in a security architect More ❯

for security solutions, ensuring alignment with enterprise architecture and security policies. Design and architect solutions across various security domains including: Data Loss Prevention (DLP) Security Information and Event Management (SIEM) Identity and Access Management (IAM) Endpoint Detection and Response (EDR), MDM, and Endpoint Management tools Cloud and On-Prem Security Solutions Collaborate with stakeholders such as IT operations, application teams … documentation. Maintain up-to-date knowledge of emerging security threats and best practices to continuously enhance solution designs. Qualifications - Proven experience designing security solutions across multiple domains including DLP, SIEM, IAM, and Endpoint Security. Bachelor’s degree in computer science, Cybersecurity, Information Systems, or related field (master’s preferred). Experience in cybersecurity with 3+ years in a security architect More ❯

landscape. Key Responsibilities: Design and deliver Microsoft 365 and Azure security solutions in line with best practices and industry standards. Implement and configure tools such as Microsoft Defender, Sentinel (SIEM/XDR), Entra, and Purview. Support internal and client environments post-deployment through troubleshooting, optimisation, and user training. Contribute to pre-sales engagements, including solution design, scoping, and client presentations. … relevant areas - Azure (AZ), Security (SC), Power Platform (PL), Modern Work (MS), or Copilot/AI. Strong consulting experience in the design and implementation of Microsoft Defender solutions and SIEM/XDR. Technical, hands-on expertise configuring and deploying Azure, Entra, and Purview. Proven ability to independently design and implement Microsoft 365 security technologies. Excellent communication, presentation, and documentation skills More ❯

analyzed, and responded to across the organization. You will: Design, build, and fine-tune detection rules in Splunk (SPL, ES, CIM, and log normalization). Develop, document, and maintain SIEM use cases that strengthen the organization’s detection framework. Lead and guide technical initiatives within the Threat Detection team to ensure continuous improvement. Advise on SIEM architecture and security tooling More ❯

analyzed, and responded to across the organization. You will: Design, build, and fine-tune detection rules in Splunk (SPL, ES, CIM, and log normalization). Develop, document, and maintain SIEM use cases that strengthen the organization’s detection framework. Lead and guide technical initiatives within the Threat Detection team to ensure continuous improvement. Advise on SIEM architecture and security tooling More ❯

work with the largest companies in the world, to conceptualize and implement new and inventive ways to integrate our products as well as our data within their systems (i.e. SIEM, TIP, SOAR technologies). As a Solutions Engineer, you will have a dual focus, developing net new relationships by supporting the Regional Sales Director as well as championing adoption with … industry. Understanding of common OS, Browser, OSI Stack, DNS, Domain Registration, TCP/IP and networking technologies. Good understanding of various firewall and web proxy technologies. Working knowledge of SIEM/TIP/SOAR platforms. Familiarity with JSON/RESTful API endpoints. Familiarity with Big Data concepts and the management of large on-premise datasets. More ❯

work with the largest companies in the world, to conceptualize and implement new and inventive ways to integrate our products as well as our data within their systems (i.e. SIEM, TIP, SOAR technologies). As a Solutions Engineer, you will have a dual focus, developing net new relationships by supporting the Regional Sales Director as well as championing adoption with … industry. Understanding of common OS, Browser, OSI Stack, DNS, Domain Registration, TCP/IP and networking technologies. Good understanding of various firewall and web proxy technologies. Working knowledge of SIEM/TIP/SOAR platforms. Familiarity with JSON/RESTful API endpoints. Familiarity with Big Data concepts and the management of large on-premise datasets. More ❯

assisting a client who operate in a regulated industry, financial services, who are currently embarking a programme of work focused on maturity/designing and implementing security posture utilising SIEM tools such as Google Chronicle & implementing UEBA/SOAR (Security Orchestration, Automation, and Response/User and Entity Behaviour Analytics) built on GCP/Google Cloud so Google SecOps/… Security Operations experience is highly desirable. Key Responsibilities; - Enable and validate UEBA alerting within Chronicle SIEM, based on log sources - Deliver a minimum viable UEBA capability with tested detection logic - Provide engineering support to accelerate onboarding of log sources required for UEBA enrichment and detection fidelity - Demonstrate the ability to work with Google Chronicle and SecOps APIs, specifically for the … Design and implement detection use cases aligned to MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs - BindPlane - MITRE ATT&CK - Strong SOC background - SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December, possibly longer - Hybrid More ❯

assisting a client who operate in a regulated industry, financial services, who are currently embarking a programme of work focused on maturity/designing and implementing security posture utilising SIEM tools such as Google Chronicle & implementing UEBA/SOAR (Security Orchestration, Automation, and Response/User and Entity Behaviour Analytics) built on GCP/Google Cloud so Google SecOps/… Security Operations experience is highly desirable. Key Responsibilities; - Enable and validate UEBA alerting within Chronicle SIEM, based on log sources - Deliver a minimum viable UEBA capability with tested detection logic - Provide engineering support to accelerate onboarding of log sources required for UEBA enrichment and detection fidelity - Demonstrate the ability to work with Google Chronicle and SecOps APIs, specifically for the … Design and implement detection use cases aligned to MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs - BindPlane - MITRE ATT&CK - Strong SOC background - SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December, possibly longer - Hybrid More ❯