18 of 18 SIEM Jobs in the East of England

the engineering teams to ensure systems remain at the required security posture against baseline requirements Work with the Security Monitoring engineering team to ensure logs are forward to the SIEM capability Work with the customer and appropriate agencies to develop new policies, design processes, and procedures, and develop technical designs Assess system vulnerabilities, implement risk mitigation strategies, validate secure systems More ❯

Infrastructure/Information Systems). It will cover analysis, monitoring, reporting, alerting and investigation activity utilising a wide variety of security platforms including AI/ML and behavioural analytics, SIEM (Security Information Event Management), Network Packet Capture platform, Anti Malicious Code, Threat Detection technologies and platforms across the UK Network Perimeter working with the best standard technologies. The MBDA SOC More ❯

Compliance, vulnerability management and patching. Entra ID management and improvements. Understanding of a broad range of security tools using Microsoft security tooling where possible, including but not limited to SIEM, Email Security, DLP. Delivering new cybersecurity toolsets and capability as required Investigating cybersecurity incidents and undertaking reporting/remedial action as required. Maintaining risk, issue and change registers for cybersecurity More ❯

with complicated security-related concepts to technical and non-technical audiences. Proficient in the use of PowerBI or a similar dashboarding application. Knowledge of security systems (including working with SIEM data). SQL or database knowledge would be desirable. Relevant certifications such as CISSP, CISM, or CRISC (or equivalent) are preferred. Proven experience in managing and delivering technical projects and More ❯

and log management. Experience analysing log data and network security events. Desirable Skills: Understanding of static malware analysis and reverse engineering. CREST Practitioner Intrusion Analyst certification. Familiarity with additional SIEM tools such as QRadar. DV Clearance Eligibility Benefits: 25 days annual leave, with the option to purchase more Health cash plan Life assurance Pension scheme Generous flexible benefits fund Salary More ❯

engineering. DV Clearance. Programming and scripting such as Python, Perl, Bash, PowerShell, C++. CREST Practitioner Intrusion Analyst/Blue Teams Level 1 or other SOC related certifications. Experience with SIEM technologies, namely Sentinel and Splunk, with some experience with QRadar. If you are interested in this role but not sure if your skills and experience are exactly what were looking More ❯

engineering. DV Clearance. Programming and scripting such as Python, Perl, Bash, PowerShell, C++. CREST Practitioner Intrusion Analyst/Blue Teams Level 1 or other SOC related certifications. Experience with SIEM technologies, namely Sentinel and Splunk, with some experience with QRadar. If you are interested in this role but not sure if your skills and experience are exactly what we’re More ❯

environment. A solid grasp of the OSI model and network protocols like DNS, HTTP/S, SSL, SMTP, FTP/S, and LDAP/S. Hands-on experience with SIEM tools and/or packet capture tools. You must hold SC clearance and be willing and able to undertake DV If you want to step up, lead from the front More ❯

Security: Implement and monitor DNS security solutions to prevent cyber threats. Incident Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. Monitor, audit, and improve infrastructure security posture using automated tooling. Policy & Procedures: Define and enforce security policies, incident response strategies, and structured … with Terraform for IaC security automation. Knowledge of DevOps pipelines (CI/CD) and security hardening. Deep understanding of PCI DSS compliance, security frameworks, and audit processes. Familiarity with SIEM solutions, security orchestration platforms, and log management. Strong experience with incident response planning, threat detection, and mitigation. Ability to define security policies, procedures, and structured action plans for compliance and More ❯

automation, alert enrichment and detections Knowledge of adversary tactics, techniques, and procedures (TTPs) and MITRE ATT&CK principles Comfortable with macOS, Windows & Linux operating systems Domain experience working with SIEM and SOAR platforms Experience developing tools and automation using common DevOps toolsets and programming languages Understanding of malware functionality and persistence mechanisms Ability to analyse endpoint, network, and application logs More ❯

principles Hands-on experience with data analysis, modeling, and correlation at scale Operating systems internals and forensics experience for macOS, Windows & Linux Domain experience managing and working with current SIEM and SOAR platforms Experience developing tools and automation using common DevOps toolsets and programming languages Understanding of malware functionality and persistence mechanisms Ability to analyze endpoint, network, and application logs More ❯

security posture to meet baseline compliance and operational requirements Partner with engineering teams, customers, and government agencies to develop security policies, operational processes, technical designs, and ensure integration with SIEM and monitoring systems. Demonstrated proficiency in network/system security (Firewalls, IDS/IPS, micro-segmentation), IAM (RBAC, ABAC, JWT), secure coding practices (OWASP, SANS), and hands-on experience with More ❯

security posture to meet baseline compliance and operational requirements Partner with engineering teams, customers, and government agencies to develop security policies, operational processes, technical designs, and ensure integration with SIEM and monitoring systems. Demonstrated proficiency in network/system security (firewalls, IDS/IPS, micro-segmentation), IAM (RBAC, ABAC, JWT), secure coding practices (OWASP, SANS), and hands-on experience with More ❯

involve the following: * Endpoint monitoring and analysis. * Incident readiness and handling as part of the Computer Security Incident Response (CSIRT) team. * Monitor and administer Security Information and Event Management (SIEM). * Malware analysis and forensics research. * Understanding/differentiation of intrusion attempts and false positives. * Investigation tracking and threat resolution. * Vulnerability identification & mitigation/remediation. * Compose security alert notifications. * Advise More ❯

the tools needed to scale our detection and response capabilities across all threats to our Studio and gaming environments. What you'll be doing: Build security automations, logging, and SIEM detections to improve efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline operations, including incident response, threat hunting, cyber threat intelligence, and vulnerability … with analysts to identify repetitive tasks and automate them to improve operational efficiency. Work with Threat Intelligence, Incident Response, and Attack Surface Management teams to build and tune robust SIEM detections for proactive and reactive response actions. Continuously evaluate automation solutions for performance, reliability, and scalability, making improvements as necessary. Partner with third-party vendors and service providers to leverage … looking for: At least 3 years of experience in cybersecurity in a security operations or security software development role. Solid understanding of security operations, automation processes, detection engineering, and SIEM management. Experience with cloud security tools and platforms (e.g., Azure, AWS, Google Cloud) and their integration into SOC operations. Experience contributing to large-scale, sprint-based security automation and detection More ❯

that we need to scale our detection and response capability across all threats to our Studio and gaming environments. What you'll be doing: Build security automations, logging, and SIEM detections to improve the efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline operations, including incident response, threat hunting, cyber threat intelligence and … Collaborate with analysts to identify repetitive tasks and automate them to improve operational efficiency. Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions. Continuously evaluate automation solutions for performance, reliability, and scalability, making improvements, as necessary. Collaborate with third-party vendors and service providers to … with at least 3 years in a technical role in security operations and/or security software development. Solid understanding of security operations, automations standard processes, detection engineering and SIEM management. Experience with cloud security tools and platforms (e.g. Azure, AWS Google Cloud) and their integration into SOC operations. Experience contributing to large-scale, sprint-based, security automation and detection More ❯

nights (6pm6am), 4 days off . Essential Skills and Experience: Proven experience in a Security Operations Centre (SOC) environment Previous people management or line management experience Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk Knowledge and use of the Mitre Att&ck Framework for detection and threat analysis In-depth understanding of: Client-server applications and multi-tier … Active DV Clearance Scripting or programming with Python , Perl , Bash , PowerShell , or C++ Recognised certifications such as CREST Practitioner Intrusion Analyst or Blue Team Level 1 Familiarity with additional SIEM technologies, especially QRadar Role & Responsibilities As a SOC Shift Lead , you will ensure the smooth operation and continual enhancement of SOC processes and personnel. You will play a pivotal role More ❯

improve how we detect, respond to, and recover from threats. Streamline processes across threat intel, incident response, and vulnerability management by eliminating repetitive manual tasks. Design and fine-tune SIEM detections that surface real signals and support both proactive and reactive actions. Collaborate across multiple cyber disciplines and work with third-party tools and partners to create seamless integrations. Drive … Tooling What you'll bring: Proven experience in a technical cyber role, with a focus on Security Automation and Tools Hands-on experience with security automation tools, scripting, and SIEM platforms. Strong understanding of cloud environments (Azure, AWS, GCP) and how to secure them at scale. What's in it for you? This is a high-impact role in a More ❯