1 to 25 of 247 SIEM Jobs in England

highly technical engineering role, where you'll be hands-on developing and maintaining our security operations tooling. Key Responsibilities: Security Infrastructure & Engineering Architect, implement, and manage security technologies including: SIEM (Sentinel) Microsoft Defender suite (Cloud, Endpoint and Identity), Microsoft Sentinel, Purview and Azure infrastructure (including RBAC, PIM, NSGs and identity protections). Firewalls, IDS/IPS, WAF, VPN, and network More ❯

Linux, and Unix environments Encryption: Familiarity with encryption protocols and technologies Penetration Testing: Ability to assess and interpret penetration test results to guide remediation Security Tools: Hands-on with SIEM, SOAR, EDR, UTM, and honeypots. Cloud Security: Understanding of cloud platform security measures (AWS, Azure, etc.) Security Frameworks: Advanced knowledge of frameworks such as MITRE ATT&CK, NIST, etc. Consulting More ❯

posture and make a measurable impact, we'd love to have you on the team. What you will do: Operate and optimise a wide range of security platforms, including SIEM, XDR, EDR, IAM, DLP, PAM, ZTNA, and vulnerability management tools Take ownership of the detection and response lifecycle - triaging alerts, investigating incidents, identifying root causes, and coordinating response actions Implement More ❯

and vulnerability management, anti-virus management, security monitoring etc. Helping design and deliver improved security tooling across all areas of cyber security (DR design and testing, End user tooling, SIEM tooling and event ingestion etc.) Supporting the Technology team to keep information security infrastructure up to date with emerging threats and vulnerabilities, including advising on architecture and design of internal More ❯

Essentials Plus). Experience aligning infrastructure builds with cyber security standards such as NCSC guidance, CIS benchmarks, or Microsoft Security Baselines. Experience implementing monitoring, logging, and alerting toolsets including SIEM and threat detection platforms. Understanding of data classification, encryption, and secure storage/access principles. Familiarity with endpoint protection platforms and vulnerability management tools. Experience securing hybrid identity solutions and More ❯

detection and DevSecOps practices, ensuring security is embedded within operational workflows and cloud-native architectures. What you will do: Operate and optimise core cyber security tools and platforms, including SIEM, XDR, EDR, DLP, IAM, PAM, ZTNA and vulnerability management solutions Lead or support the detection and response lifecycle, including triage of alerts, investigation of incidents, root cause analysis, and coordination More ❯

etc.) UK data protection and compliance frameworks (GDPR, ICO guidance) Identity federation, SSO, and role-based access control Network segmentation and firewall configuration in cloud environments. Logging, monitoring, and SIEM integration (e.g. Splunk, Chronicle) Experience with Infrastructure as Code (Terraform, Deployment Manager). Desirable: Google Cloud Professional Cloud Security Engineer certification. Experience with UK public sector or regulated industries (e.g. More ❯

or solutions architecture role. Background working with or for a VAR, Systems Integrator, or Security Vendor highly desirable . Technical Expertise Strong understanding of enterprise security technologies, including firewalls, SIEM/SOAR, IAM, DLP, SASE, Zero Trust, and cloud security. Working knowledge of AWS, Azure, and GCP security services. Broad understanding of networking, virtualisation, and enterprise infrastructure. CISSP, CCSP, or More ❯

of security investigations best practice including the use of Microsoft Purview and computer forensics an advantage. Experience of utilising and monitoring Information Security solutions e.g. email/web gateways, SIEM, Endpoint protection etc. Strong awareness of Cloud services and supporting security solutions & standards. Good understanding of cloud native and devops practices including pipelines and associated processes Hands on experience of More ❯

and frameworks like NIST Cybersecurity Framework, ISO 27001, and CIS Critical Security Controls. Familiarity with the use of standard security technology solutions and processes such as user provisioning, directory, SIEM, vulnerability management, Cloud Security (OCI/Azure/AWS), Web Security, Email Security, Logging and Monitoring, General PKI and Cryptography. Evaluate and recommend security technologies, tools, and methodologies to enhance More ❯

a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response via SOC and MSSPs. Manage security tools like SIEM and endpoint protection. Lead incident response and post-incident analysis. Enforce policies for data privacy (GDPR & NIST). Conduct regular security audits. Manage vendor relationships and negotiate contracts. Report service More ❯

a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response via SOC and MSSPs. Manage security tools like SIEM and endpoint protection. Lead incident response and post-incident analysis. Enforce policies for data privacy (GDPR & NIST). Conduct regular security audits. Manage vendor relationships and negotiate contracts. Report service More ❯

a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response via SOC and MSSPs. Manage security tools like SIEM and endpoint protection. Lead incident response and post-incident analysis. Enforce policies for data privacy (GDPR & NIST). Conduct regular security audits. Manage vendor relationships and negotiate contracts. Report service More ❯

a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response via SOC and MSSPs. Manage security tools like SIEM and endpoint protection. Lead incident response and post-incident analysis. Enforce policies for data privacy (GDPR & NIST). Conduct regular security audits. Manage vendor relationships and negotiate contracts. Report service More ❯

a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response via SOC and MSSPs. Manage security tools like SIEM and endpoint protection. Lead incident response and post-incident analysis. Enforce policies for data privacy (GDPR & NIST). Conduct regular security audits. Manage vendor relationships and negotiate contracts. Report service More ❯

threat intelligence, and incident readiness and response. Qualifications Key responsibilities of the role are summarised below: Detection engineering - Develop, maintain, and enhance security detection content primarily for the Splunk SIEM, to enable the detection of threats across diverse platforms (e.g. cloud, endpoints, and networks) Collaborate with the extended security team to identify gaps in detection coverage, log ingestion and alerting More ❯

programming language - Demonstrable experience in using SOAR tooling and its application - Application of data science against large datasets involving unstructured data and designing data models - Knowledge of using SIEM platforms to identify suspected security events and creating content to enhance the platform - Knowledge of custom API's to leverage the SOAR's functionality - Ability to communicate to other stakeholders across More ❯

programming language - Demonstrable experience in using SOAR tooling and its application - Application of data science against large datasets involving unstructured data and designing data models - Knowledge of using SIEM platforms to identify suspected security events and creating content to enhance the platform - Knowledge of custom API's to leverage the SOAR's functionality - Ability to communicate to other stakeholders across More ❯

AD) Microsoft Purview Microsoft Intune Azure Security Center Information Security (On-Premise): Firewalls (e.g. Palo Alto, Fortinet) Intrusion Detection/Prevention Systems (IDS/IPS) Endpoint Protection Platforms (EPP) SIEM tools (on-prem or hybrid) Identity & Access Management (IAM) Patch management and vulnerability scanning Data Loss Prevention (DLP) Candidate Profile Proven experience delivering large-scale cyber and information security programmes More ❯

of: Corestream (GRC Business Assurance tool) End-point protection Email Protection Encryption Technologies Web Filtering Application control Data Leakage Mobile Device Management Vulnerability Testing Penetration Testing Phishing simulation campaigns SIEM and logging systems Cyber Incident Response OWASP top 10 compliance analysis Forensic Investigation/Breaches Managerial Duties Please see job description for full details of responsibilities Person Specification QUALIFICATIONS/ More ❯

PowerShell and automation. Consulting experience across IT and digital teams. Flexibility for occasional travel and out-of-hours support. Exposure to MxDR/SOC environments and advanced security protocols (SIEM, IDS/IPS, firewalls). Knowledge of GDPR, Cyber Essentials+, PCI-DSS, and other compliance standards. Strong grasp of data protection legislation (e.g., GDPR, Data Protection Act). Global Impact More ❯

Teams, SharePoint, Intune, Azure) Windows Server/Active Directory, Networking fundamentals (DNS, DHCP, VPNs, firewalls). Security tools, vulnerability management, and incident response Security technologies (firewalls, IDS/IPS, SIEM, vulnerability scanners) Familiarity with Microsoft Defender and Mimecast. Strong analytical and troubleshooting skills across complex IT environments. Experience of Compliance, IT Governance, Change Management etc Any relevant professional certifications would More ❯

knowledge of network protocols (TCP/IP) and security practices (IPSec, SSL-VPN, NAT, GRE) Hands-on experience with cloud infrastructure operations and troubleshooting customer tech stacks. Familiarity with SIEM tools, vulnerability management, malware analysis, and firewall configurations Ability to communicate complex technical solutions to a wide range of audiences, both technical and non-technical Skilled in Python, JSON, YAML More ❯

knowledge of network protocols (TCP/IP) and security practices (IPSec, SSL-VPN, NAT, GRE) Hands-on experience with cloud infrastructure operations and troubleshooting customer tech stacks. Familiarity with SIEM tools, vulnerability management, malware analysis, and firewall configurations Ability to communicate complex technical solutions to a wide range of audiences, both technical and non-technical Skilled in Python, JSON, YAML More ❯

and collaboratively with cross-functional teams. Understanding of Microsoft Azure, Entra ID, Conditional Access, and Intune. Experience with Active Directory, DNS/DHCP, Group Policy, and VPNs. Familiarity with SIEM/XDR platforms, endpoint protection, and incident response tools. Ability to work independently and collaboratively across teams. Preferred Experience: Minimum 3 years' experience in a technical support role with exposure More ❯