126 to 150 of 170 SIEM Jobs in England

rules, dashboards, and reports for our Security Information and Event Management (SIEM) systems. This role requires a strong understanding of security procedures and experience working with SIEM platforms and within an MSSP environments where you may be working across multiple operational customers and projects. Hybrid Variable: Working in Hemel Hempstead … Clearance. What you'll be doing: Develop, deploy, and uphold security content (including rules, dashboards, and reports) for our SIEM system. Continuously monitor and analyse SIEM data to identify and respond to potential security threats. Collaborate with SOC Analysts, Architects, Project Managers & Engineers to improve the precision and efficiency ...

audits, and ensure compliance with GDPR and ISO 27001. Oversee security operations, including monitoring, threat detection, and incident response. Manage security tools and processes: SIEM (Azure Sentinel), firewalls, endpoint protection, and identity management. Ensure secure configuration, patch management, and vulnerability remediation. Lead incident response and recovery, including investigations and post … cybersecurity, IT security, or risk management. Strong knowledge of cybersecurity frameworks (Cyber Essentials, ISO 27001). Hands-on experience with: Azure Sentinel and other SIEM tools Microsoft 365 security Azure-hosted environments Proven ability in incident response, compliance programs, and risk management. ...

Experience Strong background in security architecture & engineering Deep technical infrastructure knowledge (network, OS, cloud, IAM) Financial Services cyber security experience Zero Trust, NDR, EDR, SIEM, IAM exposure Strong stakeholder and governance skills ...

Skills: Proven Presales experience working for a Solutions Provider Strong Cyber Security Technical background. Cisco/Palo/Fortinet/Crowdstrike/Tenable Siem/XDR/MDR/SSE/SASE/Zerotrust Gather requirements, RFI's, RFP's Produce exceptional High level Solution Design. ...

Experience Strong background in security architecture & engineering Deep technical infrastructure knowledge (network, OS, cloud, IAM) Financial Services cyber security experience Zero Trust, NDR, EDR, SIEM, IAM exposure Strong stakeholder and governance skills ...

similar certification are a significant bonus to the role Key Responsibilities Continuous Monitoring: You will monitor security tools, including Security Information and Event Management (SIEM) systems, to detect suspicious activity. You will be the first to see potential threats and will need to be efficient and professional response against defined ...

Common cyber attack techniques Any Cyber security certifications would be desirable. Responsibilities include: You will monitor security tools, including Security Information and Event Management (SIEM) systems, to detect suspicious activity. Analyse alerts and logs to determine if an event is a genuine security incident or a false positive. You will ...

understand and proactively manage risk across the technology estate at both the national and force level. Key Responsibilities Development, maintenance, and deployment of SIEM detection rules for complex technical environments. Working alongside wider NMC functions, maintain knowledge of the threat landscape and TTPs employed by threat actors. Work across wider … Optimization of log collection to align with detection requirements. Maintain documentation for detection rules to be used by analysts. Scoping, testing and implementing new SIEM data connectors. Working with wider NMC teams, contributing to Continual Service Improvement and innovations. Support with the creation of automation and analyst playbooks What ...

role will cover analysis, monitoring, reporting, alerting and investigation activity utilising a wide variety of security platforms including AI/ML and behavioural analytics, SIEM (Security Information Event Management), Network Packet Capture platform, Anti Malicious Code, Threat Detection technologies and platforms across the UK Network Perimeter working with the best … cause analysis and leading T2 incident investigations Process/Playbook/Runbook development Working knowledge of detection engineering, false positive improvements Capability to tune SIEM rules or create custom detections Scripted automation experience e.g. Python, SOAR, PowerShell Threat modelling and Hunting methodologies Note, shift patterns applicable. (The shift pattern rotates ...

effective cyber incident detection, response, and threat mitigation across cloud, endpoint, and network environments. Key Responsibilities: Develop, maintain, and enhance security detection content for SIEM platforms (e.g., Splunk) to detect threats across diverse environments. Collaborate with security teams to identify gaps in detection, logging, and alerting based on business risks … . Required Experience & Skills: Strong technical expertise in cybersecurity, including threat hunting, attacker tactics, monitoring, alerting, and incident response. Experience with detection engineering and SIEM alert development. Solid understanding of core cybersecurity concepts: network security, cloud security, cryptography, and forensics. Familiarity with scripting or programming (Python, Bash, C/C++ ...

senior security leaders, with the ability to diagnose challenges and deliver strategic recommendations 10+ years of hands-on experience in deploying and integrating SIEM/security analytics solutions within large enterprise environments 8+ years of experience with Security Operations Center (SOC) tooling, processes, and workflows Hands-on technical mastery across … SIEM, SOAR, EDR, cloud security, and threat intelligence Ability to conceive, architect, and develop effective correlation and detection rules Familiarity with a range of SIEM technologies, such as Splunk and IBM QRadar, is a plus. Strong expertise in Regular Expressions (Regex) Relevant bachelor's degree or industry-recognized qualifications (CISSP ...

senior security leaders, with the ability to diagnose challenges and deliver strategic recommendations 10+ years of hands-on experience in deploying and integrating SIEM/security analytics solutions within large enterprise environments 8+ years of experience with Security Operations Center (SOC) tooling, processes, and workflows Hands-on technical mastery across … SIEM, SOAR, EDR, cloud security, and threat intelligence Ability to conceive, architect, and develop effective correlation and detection rules Familiarity with a range of SIEM technologies, such as Splunk and IBM QRadar, is a plus. Strong expertise in Regular Expressions (Regex) Relevant bachelor's degree or industry-recognized qualifications (CISSP ...

cyber-attacks. Configuration and maintenance of the NMC central Microsoft Azure, Lighthouse and Sentinel platform. Development, maintenance, and deployment of detection rules and other SIEM content. Creation of custom solutions using both low-code and traditional development approaches. Providing support to forces for the configuration of Sentinel and log sources. … Leveraging Microsoft support for technical assistance and information regarding roadmap features. What you need to succeed in the role Experience of supporting and developing SIEM platforms in the context of a Security Operations Centre. Experience of log source configuration and parsing, as part of a SIEM implementation, including experience ...

team, providing frontline defence and hands-on technical support across a modern IT environment. What you'll do Monitor and triage security alerts from SIEM and endpoint protection tools. Investigate potential threats and escalate complex incidents where needed. Support vulnerability management and patching processes. Apply hardening techniques to Linux systems … and/or cloud platforms (Azure or AWS). Familiarity with scripting (PowerShell, Bash, or Python) is a plus. Any experience with security tooling (SIEM, EDR, vulnerability scanners) is beneficial. Why join? Structured training plan with funded certifications (e.g., Security+, SC-900, AZ-900). Clear progression path into advanced ...

complex security incidents. Your day will include: Leading incident response activities: investigating alerts, conducting threat hunting, and managing escalations. Tuning and configuring Splunk SIEM to reduce false positives and enhance detection accuracy. Handling advanced security investigations, including malware analysis, forensic reviews and sensitive internal cases. Correlating logs across multiple systems … excellent communication and stakeholder engagement. Youll bring: Strong background in SOC operations, ideally with experience in networking or infrastructure. Hands-on experience with Splunk SIEM, including configuration, tuning and creating meaningful detection use cases. Proven experience in incident response, threat hunting and malware investigation. Exposure to digital forensics and ...

and analysis. * Incident readiness and handling as part of the Computer Security Incident Response (CSIRT) team. * Monitor and administer Security Information and Event Management (SIEM). * Malware analysis and forensics research. * Understanding/differentiation of intrusion attempts and false positives. * Investigation tracking and threat resolution. * Vulnerability identification & mitigation/remediation. ...

class incident response functions to detect, protect, respond, and sustain operations within cyberspace. What you will do: Support SOC Manager to deliver the following SIEM, IR tools platform management including all design, implementation and administration activities , Use cases preparation and implementation, connector deployment, maintenance & health checks Responsible for operational activities … shell) Demonstrated experience working in all phases of the SDLC Deep understanding and experience using cyber security operations, security monitoring, endpoint (EDR), Network, and SIEM Tools. Prior SOC experience a plus Extensive knowledge of network and server security protocols, technologies, and products. Industry recognized certifications (CISSP, GCIH, GCFA, OSCP ...

auditor, security auditor, or GRC analyst. Excellent planning, prioritization, and documentation skills. Broad technical knowledge of IT systems (OS, databases, firewalls, SIEM, DLP). Cloud Platforms: AWS and Azure. AI Knowledge: Understanding of AI principles and security implications. Solutions/Technical Network Architecture: Ability to design secure technical solutions and … network architectures. Controls Experience: Strong background in implementing and assessing security controls. Splunk Knowledge: Familiarity with SIEM tools and log analysis. CyberArk: Experience with privileged access management solutions. Package Salary: Up to £120,000 Up to 20% Bonus Hybrid, with travel to London Career Development Opportunities Benefits: Pension scheme, professional ...

Assessment Papers, Risk Treatment Plans, Risk Business Cases, and Security Management Plans. Knowledge and experience in security architecture and Security Information and Event Management (SIEM) tools, including Splunk, Defender, Sentinel, ELK, and Tenable Threat Modeling System solutions. Demonstrable knowledge of cybersecurity frameworks and standards, including the NCSC Cyber Assessment Framework ...

investigation Naturally inquisitive mindset Understanding of the Cyber Kill Chain and the phases of security incident response Responsibilities Analyse and investigate alerts generated by SIEM platforms Support the day to day maintenance and tuning of SIEM and Next Gen UBA tools, including rules, alerts, and reports Take ownership ...

technical work and mentoring others. Senior SOC Analyst essential skills Proven experience working within a SOC environment, ideally 3+ years Strong knowledge of SIEM, incident management and threat intelligence Experience with cloud security, networking and information security principles Understanding of IDAM, RBAC and joiners, movers and leavers processes Ability … consent for your application to be processed and submitted to the client in conjunction with this vacancy only. Key skills: Senior SOC Analyst, SOC, SIEM, Incident Response, Cloud Security, Threat Intelligence, IDAM, ISO 27001, Team Leadership ...

looking for a Managing Security Engineer (SIEM), you will lead the design, implementation and documentation of security monitoring platforms. You will ensure the right tooling is in place to protect and monitor our clients, working closely with cross-functional teams to assess risk, design security controls and define testing requirements. … . Advanced knowledge of SPL, KQL and EQL, focused on detection quality and noise reduction. Experience with automation and Infrastructure-as-Code in SIEM environments. Deep understanding of SIEM platform operations, including clustering, high availability, disaster recovery, scaling and performance optimisation. Strong problem-solving skills with a proactive approach ...

responding to complex cyber threats across cloud, endpoint, and network environments. Key responsibilities: Develop, maintain, and enhance detection rules and alerts, primarily within Splunk SIEM, to identify threats across diverse platforms. Analyse triggered alerts, triage incidents, and respond to security events on a rota basis, including on-call duties. Conduct … ideally from engineering or a hands-on IT/security role. Proficient in scripting or programming (Python, Bash, or similar). Practical experience with SIEM platforms (preferably Splunk), cloud environments, endpoints, and network monitoring. Familiarity with detection engineering, threat intelligence, and modern attacker techniques (TTPs). Sole British National with ...

malware, ransomware, data breaches, and APT activity Take ownership of escalations from SOC L1 and drive incidents through to resolution Perform detailed analysis using SIEM and EDR tools such as Splunk and Microsoft Defender Conduct forensic analysis to determine root cause, scope, and impact Support containment, eradication, and recovery activities … Strong experience operating as a SOC L2 or equivalent CERT role Proven incident response capability in enterprise or MSSP environments Hands-on experience with SIEM platforms, ideally Splunk Experience with EDR technologies, preferably Microsoft Defender Solid understanding of network, endpoint, and cloud security fundamentals Experience investigating complex threats including ransomware ...

keep up with demand. In this varied role, you will act as a key member of the digital estate, monitoring real-time outputs from SIEM and endpoint protection systems while playing a hands-on role in incident management. Your work will bridge the gap between daily operations and long-term … join a market-leading business at an exciting time of growth with the opportunity to further develop your career. The Role: Daily analysis of SIEM, email security, and endpoint protection outputs. Investigation and reporting of security incidents and technical issues. Regular vulnerability scans and supporting internal/external audits. Creation ...