1 to 25 of 26 SIEM Jobs in the City of London

a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response via SOC and MSSPs. Manage security tools like SIEM and endpoint protection. Lead incident response and post-incident analysis. Enforce policies for data privacy (GDPR & NIST). Conduct regular security audits. Manage vendor relationships and negotiate contracts. Report service More ❯

a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response via SOC and MSSPs. Manage security tools like SIEM and endpoint protection. Lead incident response and post-incident analysis. Enforce policies for data privacy (GDPR & NIST). Conduct regular security audits. Manage vendor relationships and negotiate contracts. Report service More ❯

solution design input. Staying ahead of emerging threats and technologies to continuously improve SOC capabilities . What You’ll Bring: Strong experience in designing and implementing SOC platforms (e.g., SIEM, SOAR, EDR). Deep understanding of security operations workflows, threat intelligence, and incident response. Hands-on experience with tools like Splunk, Sentinel, QRadar, or similar. Ability to engage with both More ❯

solution design input. Staying ahead of emerging threats and technologies to continuously improve SOC capabilities . What You’ll Bring: Strong experience in designing and implementing SOC platforms (e.g., SIEM, SOAR, EDR). Deep understanding of security operations workflows, threat intelligence, and incident response. Hands-on experience with tools like Splunk, Sentinel, QRadar, or similar. Ability to engage with both More ❯

Systems, or related field 📜 Certifications such as CISSP, CISM, CEH, or CompTIA Security+ (desirable) 🧠 Strong analytical mindset and attention to detail 🧮 Proficient in operating systems, firewalls, encryption, VPNs, and SIEM tools 🗣️ Excellent communicator, able to engage both technical and non-technical audiences 🚀 Proactive, curious, and passionate about staying ahead of cyber threats 🧬 Culture Snapshot 🏢 Hybrid working (Tues & Thurs in-office More ❯

Systems, or related field 📜 Certifications such as CISSP, CISM, CEH, or CompTIA Security+ (desirable) 🧠 Strong analytical mindset and attention to detail 🧮 Proficient in operating systems, firewalls, encryption, VPNs, and SIEM tools 🗣️ Excellent communicator, able to engage both technical and non-technical audiences 🚀 Proactive, curious, and passionate about staying ahead of cyber threats 🧬 Culture Snapshot 🏢 Hybrid working (Tues & Thurs in-office More ❯

global operations Required Experience: Experience: 2-4 years in a corporate environment with 200+ users Education: Degree or certifications in Cyber/Information Security Technical Skills: Proficiency in firewalls, SIEM, Azure, and Active Directory Abilities: Strong problem-solving skills and collaborative mindset This is an exciting opportunity to join a progressive team within a dynamic work environment where there are More ❯

Qualifications Required: 5+ years in cyber security leadership with a strong technical security background. Expertise in Microsoft & Azure security environments (cloud, hybrid, on-prem). Hands-on experience with SIEM, EDR, and XDR solutions for security monitoring. Certifications preferred: CISSP, CISM, AZ-500, SC-200, SC-100. Strong knowledge of ISO 27001, NIST, CIS benchmarks, and security governance. Experience leading More ❯

Qualifications Required: 5+ years in cyber security leadership with a strong technical security background. Expertise in Microsoft & Azure security environments (cloud, hybrid, on-prem). Hands-on experience with SIEM, EDR, and XDR solutions for security monitoring. Certifications preferred: CISSP, CISM, AZ-500, SC-200, SC-100. Strong knowledge of ISO 27001, NIST, CIS benchmarks, and security governance. Experience leading More ❯

Essentials+ certification. Administrative requirements of PAM tool. (CyberArk) Experience Experience administrating PAM solutions, such as CyberArk - MANDATORY Working understanding of security operations, threat detection, and incident response. Experience using SIEM and security tooling for triage and log analysis. Experience tracking and managing vulnerabilities using industry frameworks. Familiarity with enterprise systems including Microsoft 365 and Azure AD. Experience working in a More ❯

degree in Cybersecurity, Information Technology, Computer Science, or a related field. •Basic knowledge of cybersecurity principles, including threat detection, risk management, and incident response. •Familiarity with security tools like SIEM systems, firewalls, or endpoint protection is a plus. •Strong analytical and problem-solving skills. •Excellent communication skills with the ability to explain technical concepts to non-technical audiences. •A proactive More ❯

systems. The Role The Principal Security Analyst will support busy pods on more complex issues, lead and coordinate threat hunting activities, perform and lead vulnerability assessment activities and perform SIEM-based event analysis, incident triage and coordinate incident response activities. Furthermore, the Principal Security Analyst will actively collaborate with other analysts and enhance the teams effectiveness through ownership of relevant More ❯

in either network engineering or infrastructure engineering that has then progressed into Cyber Security. Core responsibilities: - Overall management and maintenance of the CrowdStrike platform, including configuring EDR policies, tuning SIEM rules, and optimizing the system for performance - Leading or participating in incident response efforts, conducting root cause analysis, and developing runbooks for incident handling - Monitoring for security threats, analysing alerts More ❯

upgrades, VDI rollouts, Office 365/M365 migrations. Network & security upgrades - WAN/LAN refresh, SD-WAN, firewall/security infrastructure enhancements. Cybersecurity initiatives - IAM (Identity and Access Management), SIEM integration, encryption, vulnerability management. Infrastructure for regulatory change programmes (e.g. Basel III, MiFID II support). DevOps enablement projects - CI/CD pipelines, tooling standardisation. Skills & Experience Required Strong track More ❯

implementing a robust and trustworthy security configuration for various devices, ensuring that all security protocols are effectively set up to protect against unauthorised access and potential threats • Proficient with SIEM, IDS/IPS, vulnerability scanners, and Azure security tools. • Experience of leading on technical vulnerability assessments and regular penetration testing of IT systems and processes to identify potential vulnerabilities and More ❯

and SOC teams globally. Provide subject matter expertise, training, and mentorship on secure design. Essential Skills and Requirements: 7+ years’ experience in security architecture. Proven hands-on experience with SIEM, Proxy, EDR, DLP, and SEG implementations. Strong expertise across cloud (AWS, Azure, GCP), networks, and applications. Familiarity with DevSecOps, zero trust, secure SDLC, and threat modelling. In-depth knowledge of More ❯

cyber resilience Skills & Experience 3+ years in penetration testing/ethical hacking/red teaming Strong understanding of cyber threats, APTs, threat actor tactics, and exploit development Familiar with SIEM, defensive security monitoring, incident response, and detection engineering Deep knowledge of network, web application, and enterprise architecture security Excellent communication skills to present cyber risk insights to stakeholders Hybrid working More ❯

security concepts and how to realise these in an ever-enhancing environment Hands on experience and knowledge of Microsoft Azure IaaS Microsoft Defender for Cloud Microsoft Azure RBAC LogRhythm SIEM technologies VMWare VSphere Nutanix HCI Ability to communicate technical concepts and analytical outputs to a diverse set of stakeholders. Creation of adaptable/horizon-based roadmaps for technology components. Previous More ❯

response strategies. This is a hands-on engineering role focused on IBM QRadar, playbook automation, and advanced threat modelling to deliver cutting-edge security solutions. What you'll do: SIEM Engineering & Management: Deploy, configure, and optimise QRadar. Onboard log sources from cloud/on-prem environments. Build detection and anomaly rules. Playbook Development & Automation: Design and implement automated response playbooks … essential). Expertise with IBM QRadar (configuration, rule development, playbooks). 3-5 years+ experience in IT security (SOC/NOC environment preferred). Strong knowledge of log parsing, SIEM query languages (KQL, SPL, AQL), and automation with Python/PowerShell. Deep understanding of incident response, threat detection, and frameworks (MITRE, NIST, CIS). Knowledge of vulnerability scanning, penetration testing More ❯

Working closely with the SOC Manager across daily activities of the Security Operations Center (SOC) to ensure Service Level Objectives are achieved. Continuously monitoring security alerts and incidents using SIEM tools and other security technologies. Creating detection use cases in the SIEM, analysing security event data for proactive threat hunting, and conducting research on the latest threats and vulnerabilities to … CISM, GCIA, GCIH, GCFE, GCFA, GREM, Splunk Power User and/or similar certifications is preferred. Verifiable experience in Security Operations and Incident Response. Experience in performing analysis with SIEM technologies such as Splunk and/or Google Chronicle. Experience in performing proactive and reactive threat hunting using MITRE ATT&CK or similar frameworks. In-depth understanding and working knowledge More ❯

Working closely with the SOC Manager across daily activities of the Security Operations Center (SOC) to ensure Service Level Objectives are achieved. Continuously monitoring security alerts and incidents using SIEM tools and other security technologies. Creating detection use cases in the SIEM, analysing security event data for proactive threat hunting, and conducting research on the latest threats and vulnerabilities to … CISM, GCIA, GCIH, GCFE, GCFA, GREM, Splunk Power User and/or similar certifications is preferred. Verifiable experience in Security Operations and Incident Response. Experience in performing analysis with SIEM technologies such as Splunk and/or Google Chronicle. Experience in performing proactive and reactive threat hunting using MITRE ATT&CK or similar frameworks. In-depth understanding and working knowledge More ❯

and response processes, and play a key role in stakeholder engagement. Key responsibilities include: Analysing advanced security incidents, determining root cause and attack paths. Leading incident response activities across SIEM, EDR/XDR, networks, and cloud platforms. Producing clear, business-focused incident reports and updates for senior stakeholders. Advising on SOC tooling and ensuring effective integration of incident response requirements. …/or AWS) environments. Strong communication skills with the ability to translate technical threats into business terms. Tools & Technologies - You will work with a modern SOC technology stack, including: SIEM: Microsoft Sentinel EDR/XDR: Microsoft Defender for Endpoint Threat Intel: Recorded Future Network Analysis: Wireshark/tcpdump SOAR & Automation: Palo Alto Cortex XSOAR, ServiceNow SecOps Vulnerability Management: Tenable Nessus More ❯

team operations. Strong understanding of APT tactics, evasion techniques, and system architecture. Experience with red/purple team tools and automated testing platforms. Solid grasp of blue team strategies, SIEM tools, and incident response. Skilled in writing concise reports for both technical and non-technical audiences. Knowledge of cyber risk frameworks, regulations, and best practices. Package: Circa £75,000 + More ❯

to be better, be more and ultimately, be more fulfilled. SOC Consultant Hybrid-3 days onsite Requirement: 10+ years of experience in Cyber security Designing & implementation on Network Security, SIEM, SOAR & Threat Intelligence. Key Responsibilities: Lead Sentinel Deployment for OT SOC Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response. Log Source Integration … the OT landscape. Incident Response Automation Design and implement playbooks using Logic Apps to automate incident response workflows for common OT security events. Execution of the use cases on SIEM, SOAR & Threat Intelligence Build custom workbooks and dashboards to visualize OT security posture, threat trends, and SOC performance metrics. More ❯

to be better, be more and ultimately, be more fulfilled. SOC Consultant Hybrid-3 days onsite Requirement: 10+ years of experience in Cyber security Designing & implementation on Network Security, SIEM, SOAR & Threat Intelligence. Key Responsibilities: Lead Sentinel Deployment for OT SOC Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response. Log Source Integration … the OT landscape. Incident Response Automation Design and implement playbooks using Logic Apps to automate incident response workflows for common OT security events. Execution of the use cases on SIEM, SOAR & Threat Intelligence Build custom workbooks and dashboards to visualize OT security posture, threat trends, and SOC performance metrics. More ❯