126 to 150 of 337 SIEM Jobs in England

and liaise with the custiomer and the Service Delivery Manager as well and ensuring the actions of the SOC Analysts follow best practice. Job Duties Security Monitoring: & Investigation: Monitoring SIEM tools to assure high a level of security operations delivery function Oversee and enhance security monitoring systems to detect and analyse potential security incidents. Conduct real-time analysis of security … vulnerabilities, integrating threat intelligence into security monitoring processes. Contribute to the development of threat intelligence feeds to enhance proactive threat detection. Proactively hunt for threats within enterprise environments using SIEM and EDR solutions. Fine-tune SIEM detection rules, correlation alerts, and log sources to reduce false positives. Analyse threat intelligence feeds, map findings to MITRE ATT&CK framework, and provide … mechanisms. Conduct adversary simulation exercises to test and improve detection capabilities. Generate detailed reports on emerging threats, attack trends, and security posture improvements. Monitored and analysed security logs from SIEM platforms to identify suspicious activity. Security Tool Management: Manage and optimise SIEM tools, ensuring they are properly configured and updated to maximize effectiveness. Own the development and implementation of SOC More ❯

experience navigating and understanding Windows, macOS, and Linux operating systems. Experience analyzing network and host-based security events. Professional experience using a wide range of investigative tools including EDR, SIEM/SOAR, UBA. Knowledge of networking technologies, specifically TCP/IP and related protocols. Experience with attacker tactics, techniques, and procedures. Experience making important decisions independently and multi-tasking under More ❯

applications, and infrastructure. Security Operations : Oversee the management of security technologies and controls, including but not limited to, firewalls, intrusion detection/prevention systems, security information and event management (SIEM), data loss prevention (DLP), vulnerability management tools, and application security testing tools. Secure Software Development Lifecycle (SSDLC) : Integrate security best practices into the software development lifecycle. Work closely with development More ❯

security concepts to technical and non-technical stakeholders, fostering a collaborative security culture. Proficiency in evaluating, integrating, and optimizing a wide range of security tools and technologies, such as SIEM, WAF, DLP, and CSPM solutions. About the job This role is pivotal for proactively securing our platform and applications for Google's public sector customers, moving beyond reactive measures to More ❯

Azure A strong understanding of software development methodologies and practices Ability to Rapid Risk Assessment and Threat Modeling Other technical skills required: Azure Security Monitoring including Application Insights, and SIEM Excellent communication skills to guarantee stakeholder alignment and successful outcomes at all stages of Product delivery and ongoing support. This is a great opportunity and salary is dependent upon experience. More ❯

preferred. Compliance knowledge required in ISO27001, PCI and GDPR. Possibly a certified ethical hacker Knowledge of Security technologies is essential, such as network appliances, firewall administration, AD, IAM, PAM, SIEM, UEBA, AV, IDS/IPS and MDM solutions Understanding of common frameworks, such as ITIL or LEAN is preferred Good exposure of user environment management, including desktops/laptops, profile More ❯

readiness and security visibility across critical systems. About You: Extensive experience leading security operations functions, including incident response, threat detection, and security monitoring at scale. Strong technical expertise in SIEM, logging infrastructure, and cloud security (AWS, Kubernetes, serverless architectures). Proven leadership in mentoring and managing Security Operations Engineers, fostering a high-performance security team. Deep understanding of security automation More ❯

on technical expertise in building AWS cloud security capabilities in code and deploying infrastructure in code - Implementation experience with enterprise security solutions such as WAF, IPS, Anti-DDOS, and SIEM - Experience in supporting internal and external customers. You understand what it means to draw out critical customer needs and focus your knowledge and creativity to deliver practical outcomes addressing those More ❯

ISO 27001:22 (preferred), NIST CSF or SOC2), including internal and external auditing. Have a track record of motivating and organising technical teams. Understand Networks, Security, Firewall, Vulnerability Management, SIEM and EDR technologies. This role would benefit from exposure to the following: Jira, Confluence, Google Workspace, Google Cloud Platform, Azure, Slack, and ITIL framework. More ❯

processes Deliver a gap analysis and propose a strategic roadmap Define operating models for SOC, red teaming, and internal security ownership Advise on cloud security (AWS/GCP), tooling (SIEM, SOAR, EDR), and DevSecOps practices Engage senior stakeholders to align security recommendations with business goals Required Skills & Experience Proven experience in senior security consultancy or architecture roles Strong understanding of More ❯

new logo customers across a range of services and multi vendor solutions, including Microsoft security, compliance and identity services. Managed SOC Managed XDR Cloud Security (M365, Azure, AWS) Managed SIEM (Sentinel + multi vendor) Security Professional Services Pen Testing Red Teaming ISO27001/Cyber Essential Plus Apps/Infra testing You role will be to drive sales across through a More ❯

Azure A strong understanding of software development methodologies and practices Ability to Rapid Risk Assessment and Threat Modeling Other technical skills required: Azure Security Monitoring including Application Insights, and SIEM Excellent communication skills to guarantee stakeholder alignment and successful outcomes at all stages of Product delivery and ongoing support This is a great opportunity and salary is dependent upon experience. More ❯

ll serve as the technical lead, drive key security initiatives, and play a pivotal role in mentoring junior team members. Key Responsibilities Monitor, manage, and respond to threats via SIEM, SOAR, and EDR platforms Conduct vulnerability scans and support remediation and risk mitigation efforts Oversee WAF, DDoS, VPN, and perimeter firewalls Manage Email and Web Security Gateways Administer MFA, SSO More ❯

ll serve as the technical lead, drive key security initiatives, and play a pivotal role in mentoring junior team members. Key Responsibilities Monitor, manage, and respond to threats via SIEM, SOAR, and EDR platforms Conduct vulnerability scans and support remediation and risk mitigation efforts Oversee WAF, DDoS, VPN, and perimeter firewalls Manage Email and Web Security Gateways Administer MFA, SSO More ❯

attack simulation across our environment. Your technical breadth will span modern cloud-native stacks (Azure, GCP), serverless and containerised architectures, and a wide range of security tooling including DLP, SIEM, CNAPP, and XDR, and tools such as Wiz, Darktrace, Microsoft Defender, Intune, and Sentinel. You will also bring hands-on experience in threat hunting, log analysis, red/blue team More ❯

ON THE TEAM) Lab 1: Cloud Enterprise and Computer Security Data & Analytics (KQL/SQL or BigQuery for GCP) Kubernetes (K8s) Power Platform and PowerShell Lab 2: Security Operations SIEM management Advanced logging Cyber Defence Centre tooling DLP technical policy development Ability to build and train machine learning models to address business needs Lab 3: Modern Workplace Security Power Platform More ❯

build, install, and upgrade IT/EPOS hardware and software Desirable Skills/Knowledge or willingness to develop Hyper-V & Failover Cluster environments Endpoint protection tools, firewalls, antivirus/SIEM/EDR solutions Knowledge of SAN technologies SQL Server & T-SQL understanding Linux server administration Experience with resort management tools Knowledge of Google Workspace environment Day-to-day duties Lead More ❯

VPC/VPN Route 53 AWS Organisations S3 (Storage Tiers, Lifecycles) CloudFront distribution Experience with proactive management and team ownership of cloud infrastructure Beneficial Experience: AWS certifications Familiarity with SIEM solutions and Security Incident Management Cybersecurity awareness or certification Data engineering familiarity (EMR, ETL) Coaching or mentoring experience Key Behaviours: Excellent problem-solving skills Flexibility to experiment and adapt quickly More ❯

ISO 27001:22 (preferred), NIST CSF or SOC2), including internal and external auditing. Have a track record of motivating and organising technical teams. Understand Networks, Security, Firewall, Vulnerability Management, SIEM and EDR technologies. This role would benefit from exposure to the following: Jira, Confluence, Google Workspace, Google Cloud Platform, Azure, Slack, and ITIL framework. Improbable Candidate Privacy Policy More ❯

HAVE (DEPENDING ON THE TEAM) Lab 1: Cloud Enterprise and Computer Security Data & Analytics (KQL/SQL or BigQuery for GCP) Power Platform and PowerShell Lab 2: Security Operations SIEM management Advanced logging DLP technical policy development Ability to build and train machine learning models to address business needs Power Platform and PowerShell WORKING WITH US We're proud to More ❯

Cloud & Modern Workplace: Microsoft 365, Azure AD, Intune, Teams, Conditional Access - On-Premise Infrastructure: Windows Server, VMware, Hyper-V, DNS, DHCP, Active Directory - Security & Compliance: Cyber Essentials+, ISO27001, Firewalls, SIEM, EDR, VPN - Remote Monitoring & Management (RMM): Patch Management, NAble, Proactive Monitoring - Licensing Models: Microsoft CSP, NCE, OV, SPLA, Volume Licensing This is a brilliant opportunity for a results-driven IT More ❯

escalated cases. • Proven leadership capability with experience line managing analysts, conducting performance reviews, and overseeing HR-related duties. • Experience providing ticket quality assurance and training delivery. • Familiarity with leading SIEM, endpoint and XDR security platforms, in multi-tenant MSSP environments. • Willingness to obtain or hold relevant security certifications, such as SBT BTL2 and CREST CRIA. More ❯

components including Networking, Identity Management, Cloud Services, Virtualization and OS Windows/Linux/Mac. Technical understanding of security tools and strategies. E.g., security frameworks, security operations, incident response, SIEM, XDR, EDR/EPP, IPS/IDS/NDR, etc. Ability to articulate and demonstrate the business application and value of the Arctic Wolf technology to all audiences, ranging from More ❯

requirements. Excellent communication and stakeholder management skills. Comfortable working in a fast-paced, iterative, and agile environment. Preferred Experience: Solid understanding of cyber security concepts such as threat detection, SIEM, anomaly detection, and incident response. Experience with tools for tracking ML models in production (e.g., MLflow). We encourage you to apply even if your experience is not a More ❯

Ability to lead and mentor teams on secure coding, threat modelling, and secure architecture patterns. Experience with monitoring, logging, and security telemetry platforms (e.g., Prometheus, Loki, ELK, XDR/SIEM integrations). Please note candidates must hold or be willing to undergo SC clearance. More ❯