Basingstoke, Hampshire, South East, United Kingdom
Spectrum IT Recruitment
be occasional travel to other company offices/data centres. Essential experience: - IDS/IPS, Firewall, VPN, EDR/XDR - SecurityInformationEventManagement (SIEM) tools - TCP/IP - Network Troubleshooting - Penetration testing - ITIL If this sounds of interest please apply or contact/02380 765 286 Spectrum IT Recruitment more »
smoothly as well as ordering new equipment and improving existing processes. Main projects will include: Patch Management, Windows 10 Deployment, Cloud Migration, MDM Deployment, SIEM Deployment, Perimeter Security & WAN Management, Cyber Essentials Level 2 & ISO 2001 (Not Essential!) The Ideal Candidate For this role it is essential that you are more »
ll need: · Extensive experience of working within a SOC or adjacent role. · Experienced in responding to cyber incidents. · Conversant with common security tooling (E.g., SIEM, SOAR, EDR, NDR). · Understanding of threat actors, their tactics, techniques, and procedures. · Understanding of securityevent data, the value of different data sources andmore »
Responsibilities: Responding to threats and incidents. Developing security controls. Assessing vendor security. Analyzing trends and activities. Requirements: Practical knowledge of technical security controls (e.g. SIEM, EDR, AV, Web + Email Gateways) Strong knowledge of endpoint and server operating systems and networking ISO27001 experience preferred. Desirable Certifications: ISC2 CISSP, CCSP, or more »
securityand a keen eye for identifying and mitigating digital threats. Experience in monitoring, analysing, and responding to security events and incidents. Proficiency with SIEM tools and understanding of the latest cyber security trends and threat landscapes. A collaborative mindset and the ability to communicate effectively across various teams. Certifications more »
network architectures and technologies. . Working with frameworks and technologies that support data-intensive distributed applications. . Experience maintaining and administrating data analytical andSIEM platforms. . Experience using host and network-based IDS/IPS . Experience using packet capture solutions. . Skill in developing and deploying signatures. . more »
network architectures and technologies. . Working with frameworks and technologies that support data-intensive distributed applications. . Experience maintaining and administrating data analytical andSIEM platforms. . Experience using host and network-based IDS/IPS . Experience using packet capture solutions. . Skill in developing and deploying signatures. . more »
will also be given a great opportunity to develop your technical skills and grow in a dynamic, successful company. You will need: Knowledge of SIEM tools e.g Microsoft Sentinel, Google Chronicle. Excellent knowledge of EDR tools e.g CrowdStrike, SentinelOne, Microsoft Defender. Experience providing BAU support. Experience in a SOC environment. more »
cyber defence hardware. • Support Junior Analysts to manage SOC systems. • Previous experience of Enterprise ICS/network architectures and technologies • Experience and knowledge of SIEM solutions; having the ability to identify use cases and their creation, their deployment and tuning. • Experience as a mentor/coach to junior analysts Your … C2M2) • Excellent communication skills • Experience of writing Defence/Government documentation Desirable Qualifications: • Broad Spectrum Cyber Course (SANS SEC401 or SEC501 or equivalent) • SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent) • Advanced Analyst Course (SANS SEC503 or equivalent more »
Senior Security Operations Analyst London (Hybrid) Responsibilities: Overseeing the security of the technical infrastructure provided by third-party suppliers, addressing any identified security risks to the organization. Managing the remediation of operational risks to their conclusion and taking ownership of more »
of different threat scenarios, investigations, incident response processes and remdiation techniques. • Good knowledge of cyber security systems and tooling • Reasonable knowledge of SecurityInformationandEventManagement systems • Reasonable knowledge of Firewall systems (Fortigate essential) • Foundational knowledge of Security Orchestration, Automation and Response (SOAR) systems • Good knowledge of common operating … equipment • Relevant certifications such as CompTIA Security+, CISSP, CISM, or equivalent are a plus; or a desire to progress towards these certificationsProficiency in using SIEM tools, log analysis platforms, and firewall management consoles (FortiGate experience preferred). • Good understanding of risk management, cybersecurity principles, best practices, and frameworks such as more »
analyse, and respond to cyber threats. Understanding of networking technology Cyber security service trends compliance requirements in enterprise organisations Core cyber security products including SIEM, Zero Trust and NDR/XDR products. Core network routing and switching protocols. Knowledge of network performance and optimisation and services Please apply ASAP to more »
security tools. Familiarity with intrusion detection/prevention systems (IDS/IPS), firewalls, and anti-virus software. Experience with securityinformationandeventmanagement (SIEM) systems. Strong analytical and problem-solving skills. Excellent communication and teamwork abilities. Relevant certifications such as CISSP, CEH, or CompTIA Security+ are a plus. Preferred more »
Manchester Area, United Kingdom Hybrid / WFH Options
InfoSec People Ltd
etc Excellent understanding of cybersecurity trends Ability to interpret customer landscape and challenges Strong presentation and client-facing skills Desired Skills: Knowledge across EDR, SIEM, Vulnerability Management Operational experience with security technologies Existing relationships in Manchester area Self-motivation and ability to work autonomously Job Specifics: This is a hybrid more »
part in the offensive security research and tooling for this Globally recognised company. A key responsibility comes from this client undertaking an EDR andSIEM refresh and they are keen to ensure these tools are fit for purpose. (Current tools being used are Prelude, Cobalt Strike, and Vectr - but you more »
on bids and/or large and complex changes. Solid understanding of a variety of network and routing protocols. Experience with Network Management or SIEM designs, tooling or support. Demonstrable troubleshooting skills and approach to defect resolution. SDWAN experience is advantageous Working Pattern (Mon-Fri, Shifts, on-call) This is more »
of achieving and exceeding sales targets in the SaaS, technology, or software sectors. - Experience selling any of the following: Security Tooling such as Cyber, SIEM, Code Analysis, Cloud, such as Cloud Infra or Cloud monitoring, Developer Tools, CI/CD or Gitlab, Github etc or a range of other technical more »
in scripting languages such as BASH, PowerShell, and Python. Knowledge of databases like MySQL and PostgreSQL. Strong problem-solving and analytical skills. Understanding of SIEM solutions like Splunk. Familiarity with containerization and orchestration principles and tools such as Kubernetes, Docker Swarm, etc. Experience with automation tools like Ansible, Terraform, andmore »
to be on site 3 days a week in our Birmingham office. Why this job matters Your role as a Software Engineer in the SIEM Platform team, within Secure Development is to support the development, implementation, operation and support of BTs Strategic SIEM development. We are seeking a skilled Software … Engineer with expertise in Elasticsearch (or other SIEMand/or Data platforms) to join our dynamic team. As a Software Engineer you will play a critical role in designing, developing, and maintaining our securityinformationandeventmanagement (SIEM) system. Your focus will be on leveraging Elasticsearch and related … Enhance data enrichment by integrating threat intelligence feeds and contextual information. • SIEM Solution Development: o Collaborate with security analysts and architects to design and implement SIEM solutions using Elasticsearch. o Optimize SIEM rules, alerts, and dashboards for efficient threat detection. • Query Optimization and Performance Tuning: o Write efficient Elasticsearch queries more »
that critical business operations continue unhindered. Key Responsibilities Monitor and analyze security events and alerts from multiple sources, including securityinformationandeventmanagement (SIEM) software, network and host-based intrusion detection systems, firewall logs, and system logs (Windows and Unix), and databases Separate true threats from false positives using … Maintain a strong awareness of the current threat landscape Basic Qualifications Excellent teamwork skills Knowledge of and experience with intrusion detection/prevention systems andSIEM software Strong knowledge and understanding of network protocols and devices. Strong experience with Mac OS, Windows, and Unix systems. Ability to analyze event logs … recommendations for security tools to tool administrators. Familiarity with tools such as Wireshark, TCP Dump, Security Onion, and Splunk Strong knowledge of the following: SIEM Packet Analysis SSL Decryption Malware Detection HIDS/NIDS Network Monitoring Tools Case Management System Knowledge Base Web Security Gateway Email Security Data Loss Prevention more »
integrations. Deep understanding of Google Chronicle's capabilities and applications in threat intelligence, with knowledge of how to conduct analyses within SIEM (SecurityInformationandEventManagement) and SOAR (Security Orchestration, Automation, and Response) platforms. Strong foundation in cybersecurity principles, practices, and technologies, including data management specific to cybersecurity applications. … CISSP, GCIH, or Google Cloud Professional Security Engineer are desirable. Skills in data onboarding, quality control, and ensuring high-quality, non-duplicative data for SIEMand SOAR platforms. Preferred Qualifications Include: Master's degree in Cybersecurity, Computer Science, or related field preferred Advanced certifications such as CISSP, CISM, OSCP, andmore »
in requirements managementand associated tooling. Previous experience working on bids and/or large and complex change requests. Experience with Network Management or SIEM designs, tooling or support. Demonstrable experience owning a full technical solution from pre-sales stage through to delivery handover. Experience in presenting complex technical solutions more »
Nottingham, Nottinghamshire, East Midlands, United Kingdom Hybrid / WFH Options
Littlefish
payments will be made). Your main duties will include: Technical ownership of the Security Operations Centre (SOC) tooling, most notably the AlienVault & Sentinel SIEM platforms but including other supporting tooling as required, such as components of the Microsoft Defender XDR suite. Responsible for the implementation of the SIEM platform … in customer environments. Ranging from the initial ingestion and tuning of data feeds (from both a SIEM, log collector and source device perspective), and heightened support of the implementation. Ensure the progression of the engineering maintenance plan by assuring that all in scope solutions are reviewed by the engineering team … with agreed quality SLAs and KPIs and industry best practice. Required to work closely with the SOC post-implementation, to support and maintain the SIEM platform on behalf of the SOC, contributing to the ongoing development and maintenance of use cases and rulesets as required. Provide chargeable technical Cyber thought more »
and engineering experience Experience of an enterprise Linux, preferably Red Hat Enterprise Linux, CentOS or Oracle Linux. Recent involvement in implementing IDAM, PAM or SIEM tooling. Experience with monitoring and reporting software – Prometheus, Nagios or similar. Solid scripting experience with one of the following: Python, Shell, Bash or Ruby Familiarity more »
The successful candidates will work in the Security Operations Centre on both reactive and proactive security engagements with regards to SecurityInformation & EventManagement (SIEM), Intrusion Detection Systems (IDS), Cyber Threat Intelligence (CTI) and Threat Mining (TM). Role Responsibilities Provide around the clock protective monitoring through the use of … industry leading SIEM, IDS and threat Intelligence Technologies. Provide advice and guidance to client targets of cyber-attacks and malicious activity to a high standard. Provide incident reporting capabilities ensuring that all information is provided in a timely, accurate and effective manner. Provide analytical support to other SOC team members … during security incidents and Threat Mining engagements. Assistance with onboarding process - deployment of SIEM , EDR and Vulnerability Management tools Assistance with active directory administration. Assistance with firewall management. Key Skills Experience in a SOC environment Excellent communication skills and comfortable in a client facing role. A keen interest in cyber more »