126 to 150 of 179 SIEM Jobs in England

Orchestrator (VRO) workflows for automating provisioning, deployment, and management tasks, along with ESXi host life cycle management. -Strong understanding of infrastructure architecture, including close collaboration with Network, Storage, and SIEM Architects, along with experience in working with NFS and iSCSI storage solutions. -Experience in using CI/CD pipelines to automate infrastructure buildouts and facilitate efficient changes throughout the deployment More ❯

client leads to resolve escalated incidents. Patching and Maintenance of test and live environments to include installing Anti-Virus, WSUS, RHEL & other product updates Working with PKI Certificates and SIEM tooling Providing support to Engineering & Test teams AD Administration activities accounts, groups, memberships, permissions etc. Participating in rota for On-Call to ensure 24/7/365 support is More ❯

Knowledge of IAM concepts including MFA, RBAC and conditional access Familiarity with regulatory and compliance frameworks such as NIST, CIS Controls, ISO 27001 and Cyber Essentials Plus Experience with SIEM, logging, monitoring and threat detection platforms Understanding of data classification, encryption and secure storage Ability to collaborate with engineers to enforce secure configurations and hardening standards Experience with endpoint protection … consent for us to process and submit (subject to required skills) your application to our client in conjunction with this vacancy only. KEY SKILLS Cyber Security Engineer, Microsoft Security, SIEM, IAM, Vulnerability Management, Network Security, Security Architecture, Incident Response, Hybrid Cloud, Threat Modelling, Compliance, NSD More ❯

incident response efforts, from initial detection through containment, remediation, and post-incident analysis. A key part of the role involves managing and fine-tuning security monitoring tools such as SIEM platforms to ensure optimal visibility and threat detection. The Security Operations Manager collaborates with IT, infrastructure, and platform teams to coordinate responses to vulnerabilities and ensure swift resolution of incidents. … Own and maintain the organisation's Cyber Incident Response Plan, coordinating major incident responses and ensuring lessons learned translate into stronger defences. Manage and optimise key technical controls, including SIEM, SOAR, PKI, and email security tools, to maintain robust detection and response capabilities. Collaborate with delivery partners and internal teams to improve service quality, mitigate risks, and enhance security posture. … colleagues, internal customers and external suppliers Significant experience in Security Operations and Incident Response Broad technical competence in IT and Cyber Broad technical competence in OT Solid understanding of SIEM/SOAR especially Sentinel Why Apply? At Anglian Water, we play a vital role in safeguarding one of life's most essential resources - and protecting the systems that keep it More ❯

combines engineering depth with real client interaction ideal for someone who enjoys both hands-on work and architectural thinking. What You Will Be Doing Design, configure, and deliver Sentinel SIEM solutions for enterprise clients. Develop and optimise automation rules, playbooks, and runbooks using Logic Apps and Power Automate. Write and fine-tune Kusto Query Language (KQL) queries to analyse and … and ISO 27001 alignment. Act as an escalation point within the SOC and mentor junior engineers. What We Are Looking For 3+ years’ experience as a Microsoft Sentinel or SIEM Engineer. Strong technical background across Microsoft 365, Azure, networking, and cybersecurity. Hands-on experience with KQL, PowerShell, and ideally Python. Proven experience automating processes using Logic Apps, Playbooks, or Terraform. More ❯

combines engineering depth with real client interaction ideal for someone who enjoys both hands-on work and architectural thinking. What You Will Be Doing Design, configure, and deliver Sentinel SIEM solutions for enterprise clients. Develop and optimise automation rules, playbooks, and runbooks using Logic Apps and Power Automate. Write and fine-tune Kusto Query Language (KQL) queries to analyse and … and ISO 27001 alignment. Act as an escalation point within the SOC and mentor junior engineers. What We Are Looking For 3+ years’ experience as a Microsoft Sentinel or SIEM Engineer. Strong technical background across Microsoft 365, Azure, networking, and cybersecurity. Hands-on experience with KQL, PowerShell, and ideally Python. Proven experience automating processes using Logic Apps, Playbooks, or Terraform. More ❯

In 2022 we built out an exciting SIEM/SOAR and ManagedDetection and Response service called SEP2.security, built upon Google CloudSecurity's Chronicle stack. Due to customer demand, we are now looking to hire aPrincipal Cyber Security Engineer to join this every growing team. The Security Intelligence Services team, that this role issituated in, provides security monitoring and use case … quickly with colleagues and customers. Competentand confident in customer facing situations. Qualifications and Experience Experienceas a Cyber SOC Analyst/or similar role. Provenexperience in deploying SIEM (Security Information and Event Management)and SOAR (Security orchestration, automation, and response) solutions toachieve positive outcomes. Our tools include Google ChronicleSIEM/Siemplify SOAR and LogRhythm, but experience with other platformssuch as Microsoft More ❯

such as CISSP, CISM, or CompTIA Security+ are essential. What Sets You Apart: Experience with cloud security (AWS, Azure). Hands-on experience with Security Information and Event Management (SIEM) systems. Ability to guide and advise in incident response situations. Inspires and guides people with clarity and confidence, making smart decisions that bring everyone together toward shared goals. Why Breedon More ❯

include: Assisting in monitoring network traffic and security alerts to identify potential threats. Supporting investigations into security incidents, gathering evidence and documenting findings. Using Security Information and Event Management (SIEM) tools to detect and analyse suspicious activities. Collaborating with the cyber security team to respond to incidents and implement mitigation strategies. Helping maintain and update incident response documentation and procedures. More ❯

Security Engineer who enjoys building, optimising, and automating SOC infrastructure. This role sits within a growing Cyber Defence operation where you’ll help design and maintain the platforms behind SIEM, EDR, SOAR, and threat intelligence tooling, improving detection coverage and enabling analysts to respond faster. Key responsibilities: Engineer and maintain SIEM, EDR, SOAR, and logging platforms. Develop automation and integrations More ❯

Please note this role does require the postholder to be based from our office in Derbyshire circa 3 days per week. Reporting to the IT Security Manager the postholder will monitor, analyse, and respond to security threats, ensuring the integrity More ❯

per week presence. The successful candidate will play a vital role in monitoring, analysing, and responding to security threats using tools such as Splunk, Flexera, and other industry-standard SIEM platforms. You'll investigate security incidents, coordinate with other IT and security teams, and support continuous improvement of threat detection and response processes. Key Requirements: Previous experience in a SOC … Analyst or similar cybersecurity role Strong expertise in Splunk or similar SIEM tools Familiarity with Flexera for vulnerability management Understanding of firewalls, network protocols, intrusion detection/prevention systems Relevant certifications (e.g., CISSP, CEH, Splunk) advantageous Must be eligible for Developed Vetting (DV) clearance , requiring 10 years continuous UK residency Please Note: All offers will be subject to standard pre More ❯

to cyber threats across diverse client environments, mentoring junior analysts, improving detection content, and helping drive SOC maturity. What you’ll do: Lead complex investigations and incident response. Develop SIEM/EDR use cases and correlation rules. Perform proactive threat hunting and support automation initiatives. Produce incident reports and guide remediation activities. Help coach and upskill junior analysts. You should … bring: 2–4 years’ experience in a SOC, CSIRT, or cyber defence environment. Solid knowledge of SIEM and EDR platforms (Sentinel, Splunk, Defender, CrowdStrike, etc.). Understanding of MITRE ATT&CK and network/cloud security principles. Strong analytical and communication skills. Bonus points for: Scripting or automation experience (KQL, PowerShell, Python). Background in threat hunting or vulnerability management. More ❯

Job Title: SIEM Engineer (Security Cleared) Location: United Kingdom (Must hold active Security Clearance) Job Type: Contract/Permanent Overview: We are seeking an experienced Security Information & Event Monitoring (SIEM) Engineer with active Security Clearance to join our cybersecurity team. The ideal candidate will be responsible for maintaining, developing, and optimizing the SIEM platform — ensuring effective log management, threat detection … and automation across complex IT and OT environments. Key Responsibilities: Manage, maintain, and enhance the SIEM platform ensuring optimal performance and scalability. Onboard and integrate new log sources, create custom parsers, and develop analytic rules. Design and maintain detection rulesets, scope, plan, and track log integrations. Develop automation for alert triage and incident remediation through SOAR tools. Collaborate with Threat … Detection & Response teams to ensure the SIEM platform aligns with security monitoring requirements. Participate in infrastructure projects and security tool integrations. Lead and mentor junior SIEM engineers, fostering a culture of continuous improvement. Key Skills & Experience: Active UK Security Clearance – Essential . Proven hands-on experience as a SIEM Engineer . Strong understanding of security log management across multiple domains More ❯

to detail. Proven experience with OT and IT security technologies, including firewalls, intrusion detection systems (IDS), vulnerability detection, network discovery, log collection systems, and security information and event management (SIEM) solutions. UK Driving Licence. About Us Affinity Water is the UKs largest water-only supplier , providing sustainable, high-quality water to 3.85million customers across the Southeast of England. We are More ❯

Scripting experience (python, powershell, Unix shell) Demonstrated experience working in all phases of the SDLC Deep understanding and experience using cyber security operations, security monitoring, endpoint (EDR), Network, and SIEM Tools. Prior SOC experience a plus Extensive knowledge of network and server security protocols, technologies, and products. Industry recognized certifications (CISSP, GCIH, GCFA, OSCP, etc) preferred Strong oral and written … quickly and leverage prior experiences to effectively solve current security challenges. Refusing to accept the status quo Qualifications Combination of the following: Degree in Information Technology, Engineering or similar SIEM management - Desirable to have some advanced Certification from SIEM vendor on products such as ArcSight , MS Sentinel or Logrhythem Skills Network Protocols Cyber Security Tools/Products Cyber Security Policy More ❯

Role Assisting in monitoring network traffic and security alerts to identify potential threats. Supporting investigations into security incidents, gathering evidence and documenting findings. Using Security Information and Event Management (SIEM) tools to detect and analyse suspicious activities. Collaborating with the cyber security team to respond to incidents and implement mitigation strategies. Helping maintain and update incident response documentation and procedures. More ❯

Security (SIEM) Architect Location: Warwick, Hybrid IR Status: TBC Rate: £600 - £800 Length : 6-12 months, TBC Clearance: Must have active SC clearance. An exciting opportunity has emerged with an organisaiton supplying complex architectural, technical and delivery solutions across the UK Secure Government and Public Sectors. They are looking to bring in a specialist security archietct, with demonstrable experience of … having architected a SIEM capability ustiling the Elasticsearch toolset. There has been an initial scoping, you will come in and provide a full-scale holistic solution and will have the support of the architetural team that provided the initial scope. Architecture & Design Define and implement SIEM architecture using Elastic Stack (Elasticsearch, Logstash, Kibana, Beats). Design log ingestion pipelines, data … models, and correlation rules for security monitoring. Develop observability frameworks integrating logs, metrics, and traces. Implementation & Engineering Deploy and configure ElasticSearch clusters, Kibana dashboards, and Logstash pipelines. Integrate SIEM with cloud-native observability tools (AWS CloudWatch, Azure Monitor, GCP Operations Suite). Automate log collection and enrichment using Beats, OpenTelemetry, and scripting. Security Use Cases & Threat Detection Build and maintain More ❯

our cybersecurity operations-monitoring threats, investigating incidents, and safeguarding critical systems. Key Responsibilities Operate within a Security Operations Centre (SOC) or equivalent environment Monitor and respond to incidents using SIEM platforms Conduct system log analysis and threat detection Assist in vulnerability assessments and management Support incident resolution and reporting Required Skills & Experience At least 2 years' experience in a dedicated … Security Analyst role Hands-on experience with: SOC operations SIEM tools Vulnerability management Incident response and investigation Log and event analysis Preferred Qualifications Industry certifications such as CompTIA Security+ or equivalent (desirable) Practical experience preferred over formal education Security Clearance Requirements UK Nationals only Current SC clearance required DV preferred - or must be DV-eligible (as DV clearance will be More ❯

the fundamental Cloud Security Domains - Governance, Risk and Control (GRC), Identity and Access Management, Cloud Network and Compute Infrastructure Security, Data Protection (at-rest/in-transit), Workload Security, SIEM, Logging and Monitoring. Experience with Cloud Security Frameworks e.g. AWS Well-Architected, Google Cloud Security Foundations, and/or Open Architecture Frameworks e.g. TOGAF. AI Security Assurance for Cloud-based …/or architecture experience in the fundamental Cloud Security Domains - Identity and Access Management, Cloud Network and Compute Infrastructure Security, Data Protection (at-rest/in-transit), Workload Security, SIEM, Logging and Monitoring. In depth knowledge of various Cloud Models - IaaS, PaaS, SaaS, hybrid and multi-cloud models. Familiar with common industry cloud providers - AWS, GCP, Azure, OCI. Practical understanding More ❯

Role: Security Information & Event Monitoring (SIEM) Engineer – **Security Cleared** Location: Reading/Havant – UK Mode: Hybrid (2 days office) Language: English Mandatory - **Clearance: Must be Security Cleared (Active SC)** Job Summary: Looking for an experienced SIEM Engineer to maintain and enhance the Security Monitoring platform. Responsible for log onboarding, custom parsers, rule creation, automation for triage and remediation, and integration … with other security tools. Key Responsibilities: Develop and manage the SIEM platform ensuring scalability and performance. Plan and implement solutions for security monitoring. Design and maintain detection rules. Lead and mentor SIEM team. Work closely with Threat Detection & Response team to support incident handling. Required Skills: Proven hands-on experience in SIEM engineering. Strong understanding of security logs across domains More ❯

for security solutions, ensuring alignment with enterprise architecture and security policies. Design and architect solutions across various security domains including: Data Loss Prevention (DLP) Security Information and Event Management (SIEM) Identity and Access Management (IAM) Endpoint Detection and Response (EDR), MDM, and Endpoint Management tools Cloud and On-Prem Security Solutions Collaborate with stakeholders such as IT operations, application teams … documentation. Maintain up-to-date knowledge of emerging security threats and best practices to continuously enhance solution designs. Qualifications - Proven experience designing security solutions across multiple domains including DLP, SIEM, IAM, and Endpoint Security. Bachelor's degree in computer science, Cybersecurity, Information Systems, or related field (master's preferred). Experience in cybersecurity with 3+ years in a security architect More ❯

and have a solid background in Cyber Security Engineering working within a high-threat government environment, with the following skills and experience: Proficiency in Security Information and Event Management (SIEM), including tools such as Splunk, Defender, Sentinel, ELK, and Tenable Threat Modelling System solutions, as well as with IDS/IPS and vulnerability scanners. Experience in Protective Monitoring & SOC operation More ❯

Management: Plan and execute major database upgrades and periodic patching to maintain system stability. Database Logging & Monitoring: Configure and manage database logs for integration into a SIEM (Security information and event management) solution for monitoring and security compliance. High Availability & Failover Management: Monitor, maintain and orchestrate manual failover and failback procedures to maintain uptime. Automation & Scripting: Develop scripts using SQL More ❯

is operational and hands-on, maintaining and enhancing existing tools and controls, monitoring vulnerabilities and ensuring systems are patched and secure. Responsibilities: * Managing and optimising security tools and platforms (SIEM, XDR, IDAM policies etc.) * Monitoring vulnerabilities, investigating incidents and implementing corrective actions * Supporting patching compliance and vulnerability remediation * Ensuring security best practices are applied across networks, applications and systems * Participating … network engineering * Some exposure to, or a growing focus on, cybersecurity and vulnerability management * Understanding of network devices, configurations and security principles * Familiarity with common tools and concepts (e.g. SIEM, DLP, endpoint protection, firewalls, Cisco Secure Connect, etc.) * Confidence to identify issues, suggest improvements and work collaboratively across teams * A genuine passion for cyber security * Certifications such as CISSP, SC More ❯