151 to 175 of 179 SIEM Jobs in England

part of a small, expert team responsible for protecting enterprise systems and data. This role offers hands-on involvement with a wide range of technologies-from endpoint detection and SIEM platforms to firewalls, MFA, and vulnerability management-providing a well-rounded foundation in enterprise security operations. You'll gain exposure to advanced security practices, assist in running and responding to … threat detection systems, and contribute to projects that strengthen security across the organisation. Key Responsibilities Monitor and respond to security alerts and incidents (EDR, SIEM, Identity Protection, SOAR). Assist in vulnerability scanning and remediation activities. Help manage systems such as email and web security gateways, VPNs, MFA, SSO, and mobile device security. Support the maintenance of security certificates, PAM More ❯

offers a great shift pattern, ensuring you regularly have 5 days off and at least 2 weekends off per month. Key Responsibilities: Deliver excellent and thorough security analysis, taking SIEM output and actioning it accordingly. Push for improvements across the overall monitoring capability. Engage with a wide range of stakeholders, with varying levels of technical understanding. Be flexible on location … wellbeing. Suggest ideas for improving CND’s own internal security posture. Be proactive with client requirements, offering guidance and input to highly technical challenges. Essential Skills: Experience working with SIEM tools such as ArcSight, Splunk, LogRhythm, or AlienVault. Understanding of how to get the best from available tooling. Exposure to building capability and consulting with customers to change their environment. More ❯

of greenfield Identity and Access Management and Privileged Access Management solutions. You'll provide hands-on technical leadership, ensure secure-by-design implementation, and contribute to the development of SIEM/SOC capabilities. Key Responsibilities Lead end-to-end IAM/PAM design and delivery. Integrate IAM/PAM telemetry into SIEM tooling. Provide technical oversight for MSPs and vendors. … OpenID Connect . Familiarity with ISO 27001, NIST CSF, CAF & GDPR . Experience leading or overseeing MSPs. Current SC clearance . Desirable: Knowledge of Microsoft Sentinel, Splunk, or Elastic SIEM . Experience in SOC build or cyber transformation projects. Degree/HND in a relevant STEM field. More ❯

days on, 4 days off rotation. RESPONSIBILITIES: • Triage security events and employ a methodical and coherent response to security incidents adopting playbooks where necessary.• Competently operate a chosen SIEM (e.g. Splunk/QRadar/LogRhythm) for incident investigations, or for the development of monitoring dashboards.• Utilise playbooks, existing knowledge and accurate online resources for guidance when responding to incidents.• Utilise … attacks.• Stay up to date with current vulnerabilities, attacks, and countermeasures.• Identify, respond and remediate cyber events generated through monitoring technologies. EXPERIENCE: • Preferred experience with operating or administrating a SIEM (e.g. Splunk/QRadar/LogRhythm).• Solid understanding of networks including the TCP/IP stack, typical organisation architectures, and common protocols abused by malware.• Experience in security event … paced and demanding environment while remaining calm.• Strong verbal and written communication and collaboration skills.• Security industry specific and core technical accreditations such as OSCP, GIAC, CCNA.• Certification demonstrating SIEM operational competences.• Proficient with one or more programming languages (e.g. Python, PowerShell, Java, C#).Join us and be part of a team that values innovation, quality, and continuous improvement. If More ❯

recommending enhancements where appropriate Key Requirements: Circa 5 years’ experience in a related IT role, with strong exposure to security operations Hands-on experience managing security products such as SIEM, TVM and PAM platforms CISSP certification (mandatory) Experience working with and overseeing outsourced security functions Strong technical skills across the E5/Microsoft 365/Defender suite Familiarity with technologies … such as SIEM, PAM, Endpoint Protection, EDR, IPS/IDS, MFA, Encryption and Next Gen Firewalls Experience supporting cyber security event triage, incident response and recovery Strong knowledge of operational security management and tooling This role offers the chance to work in a highly regulated, security-focused environment with genuine breadth across cloud, infrastructure and applications. You will gain exposure More ❯

council offers its employees development opportunities, as well as a fair and flexible workplace. The council is a Living Wage Employer. Responsibilities: Assist in monitoring network traffic and using SIEM tools (e.g. FortiSIEM, Microsoft Sentinel) to detect suspicious activity and triage security risks. Support incident reporting and response, including risk assessments and vulnerability scans. Gain hands-on experience managing firewalls … within 48 hours. Handle walk-up incidents and participate in major incident responses. Support the ICT security incident response process and maintain the ICT Risk Register. Manage security dashboards (SIEM, FortiMail, FortiConsole, SOPHOS, Windows Defender). Oversee job assignments and SLA performance across teams. Support projects aligned with the Cyber Assessment Framework (CAF). Assist in updating and maintaining IT More ❯

Candidate MUST BE SECURITY CLEARED As a Security Information & Event Monitoring (SIEM) Engineer, you are responsible for maintaining the SIEM platform. This includes onboarding log sources, creating custom parsers, developing analytic rules, creating automation for triage and remediation, and integrating with other Information Technology and Operational Technology SSE platforms at pace. You will: Develop the security monitoring platform, ensuring optimal … in infrastructure projects to develop, plan, and implement solutions for security monitoring. Design, implement, and maintain detection rulesets. Scope, plan, and track log integrations. Guide, develop, and grow the SIEM Engineering team. Collaborate with the wider Threat Detection & Response team to ensure the SIEM platform meets their day-to-day needs and support incidents as necessary. You have Proven hands … on SIEM Engineering background. Extensive experience working with security logs across multiple domains identity and access, network, system, data, application, cloud and multiple product types. Proficiency in data analysis and scripting languages (e.g., PowerShell, Python). Strong Security Orchestration, Automation and Response (SOAR) knowledge. Team leadership experience with great collaboration and stakeholder management skills JBRP1_UKTJ More ❯

Candidate MUST BE SECURITY CLEARED As a Security Information & Event Monitoring (SIEM) Engineer, you are responsible for maintaining the SIEM platform. This includes onboarding log sources, creating custom parsers, developing analytic rules, creating automation for triage and remediation, and integrating with other Information Technology and Operational Technology SSE platforms at pace. You will: Develop the security monitoring platform, ensuring optimal … in infrastructure projects to develop, plan, and implement solutions for security monitoring. Design, implement, and maintain detection rulesets. Scope, plan, and track log integrations. Guide, develop, and grow the SIEM Engineering team. Collaborate with the wider Threat Detection & Response team to ensure the SIEM platform meets their day-to-day needs and support incidents as necessary. You have Proven hands … on SIEM Engineering background. Extensive experience working with security logs across multiple domains identity and access, network, system, data, application, cloud and multiple product types. Proficiency in data analysis and scripting languages (e.g., PowerShell, Python). Strong Security Orchestration, Automation and Response (SOAR) knowledge. Team leadership experience with great collaboration and stakeholder management skills More ❯

information security strategy. Lead and mentor a small team of IT security professionals. Own ISO 27001 implementation and Cyber Essentials Plus certification. Manage operational security: endpoint protection, M365 security, SIEM/SOC, vulnerability management, and incident response. Lead security projects. Build strong relationships with stakeholders and deliver security awareness training. What We’re Looking For: Proven experience in information security … management, ideally in professional services. Hands-on experience with ISO 27001 and Cyber Essentials Plus. Strong technical knowledge: endpoint security, M365/Entra ID, SIEM, network security, encryption, backup/recovery. Certifications highly desirable: CISM, CISSP, ISO 27001 Lead Implementer . Excellent communicator, strategic thinker, and supportive team leader. Why Apply: This is your chance to shape the security strategy More ❯

and maintain positive working relationships with them Pre-requisites: Experience of more than 12 years in advanced security technologies Strong security professional skilled in Security Information and Event Management (SIEM), Vulnerability Management and Security Intelligence, IDAM, Digital Rights Management (DRM), Anti-APT, Data Leak Prevention (DLP), Phishing simulation tools etc Experience in managing P1 incidents Experience in managing shift roster More ❯

Month Initial | Inside IR35 | Fully Remote Opus are working with a key client on a Security Engineer contract to support the implementation of Defender XDR including hands on configuration, SIEM integration and related security solutions. This initial 3-month contract can be completed on a fully remote basis and is determined as Inside IR35, offering £500–£525 per day. Key … Skills : Microsoft Defender XDR: Endpoint, Identity, Office 365, Cloud Apps Microsoft Sentinel: KQL, playbook development, SIEM optimisation Privileged Identity Management (PIM) and change control workflows Advanced threat detection, incident response, and threat hunting Log collection via Azure Monitoring Agent and Firewall Management Centre Responsibilities: Configure and fine-tune Microsoft Defender XDR in line with approved designs Participate in Microsoft FastTrack … engagements Integrate Defender XDR with Sentinel SIEM for enhanced detection and response Develop Kusto queries and automation playbooks Support PoC setup for Microsoft Copilot for Security Connect syslogs from on-prem servers and firewalls to Sentinel If this Security Engineer role sounds like a good fit, please apply with your most up to date CV and I’ll be in More ❯

controls supporting risk mitigation and contributing to the continual improvement of the business's security composure. Responsibilities: * Provide expertise on application, network and infrastructure security * Monitor security solutions including SIEM, threat detection and data security, endpoint protection, network analytics for alerts * Provide documentation for technical standards to meet corporate security policies/industry best practice * Perform security reviews, identify gaps … root cause of security issues and design appropriate solutions Required Experience: * Prior experience working within the security industry, with a strong background in M365 infrastructure. * Experience of working with SIEM tools * Exposure to email security tools (Sophos, O365 etc) * Excellent patch management skills (Intune SCCM, MECM Endpoint Manager and WSUS) * Experience with vulnerability scanning and management (Insight VM) * Experience with More ❯

landscape. Key Responsibilities: Design and deliver Microsoft 365 and Azure security solutions in line with best practices and industry standards. Implement and configure tools such as Microsoft Defender, Sentinel (SIEM/XDR), Entra, and Purview. Support internal and client environments post-deployment through troubleshooting, optimisation, and user training. Contribute to pre-sales engagements, including solution design, scoping, and client presentations. … relevant areas - Azure (AZ), Security (SC), Power Platform (PL), Modern Work (MS), or Copilot/AI. Strong consulting experience in the design and implementation of Microsoft Defender solutions and SIEM/XDR. Technical, hands-on expertise configuring and deploying Azure, Entra, and Purview. Proven ability to independently design and implement Microsoft 365 security technologies. Excellent communication, presentation, and documentation skills More ❯

landscape. Key Responsibilities: Design and deliver Microsoft 365 and Azure security solutions in line with best practices and industry standards. Implement and configure tools such as Microsoft Defender, Sentinel (SIEM/XDR), Entra, and Purview. Support internal and client environments post-deployment through troubleshooting, optimisation, and user training. Contribute to pre-sales engagements, including solution design, scoping, and client presentations. … relevant areas - Azure (AZ), Security (SC), Power Platform (PL), Modern Work (MS), or Copilot/AI. Strong consulting experience in the design and implementation of Microsoft Defender solutions and SIEM/XDR. Technical, hands-on expertise configuring and deploying Azure, Entra, and Purview. Proven ability to independently design and implement Microsoft 365 security technologies. Excellent communication, presentation, and documentation skills More ❯

and policy enforcement. Define and measure KPIs, SLAs, and success metrics (e.g., threat coverage, latency impact, policy adherence). Ensure integration of SSE tools with identity providers (Azure AD), SIEM platforms (e.g., Splunk), and DevSecOps pipelines. Support change, readiness, and adoption across business and technical teams. Manage security vendor relationships and roadmap alignment during evaluation and rollout. Drive delivery in … Gatekeeper, Apigee, etc. a plus. ? Nice to Have Cloud certifications (Azure, AWS, GCP) Experience working in regulated environments (e.g., finance, government) SAFe Agile or Scrum certifications Prior experience with SIEM/SOAR integration, API security, or Identity Governance ?? Why Join Us Play a key role in shaping enterprise-wide secure access architecture Work with a forward-thinking, cross-functional security More ❯

and policy enforcement. Define and measure KPIs, SLAs, and success metrics (e.g., threat coverage, latency impact, policy adherence). Ensure integration of SSE tools with identity providers (Azure AD), SIEM platforms (e.g., Splunk), and DevSecOps pipelines. Support change, readiness, and adoption across business and technical teams. Manage security vendor relationships and roadmap alignment during evaluation and rollout. Drive delivery in … Gatekeeper, Apigee, etc. a plus. Nice to Have Cloud certifications (Azure, AWS, GCP) Experience working in regulated environments (e.g., finance, government) SAFe Agile or Scrum certifications Prior experience with SIEM/SOAR integration, API security, or Identity Governance Why Join Us Play a key role in shaping enterprise-wide secure access architecture Work with a forward-thinking, cross-functional security More ❯

day-to-day SOC operations, ensuring adherence to SLAs, KPIs, and compliance requirements Drive continuous improvement in security monitoring, detection, and response processes Ensure effective use and optimisation of SIEM, SOAR, EDR, and other security technologies Produce and deliver regular reporting on SOC performance, incident trends, and risk exposure to senior management Collaborate with threat intelligence teams to enhance detection … are integrated into processes and training Support compliance with industry standards, frameworks, and regulations Requirements Here are the key skills and experience relevant to this role: Strong knowledge of SIEM, SOAR, EDR, IDS/IPS, firewalls, and endpoint protection solutions Strong Knowledge in Incident response Familiarity with cloud security and hybrid environments Understanding of network protocols, operating systems (Windows/ More ❯

hoc travel to other sites/data centres. The Role The Cyber Security Engineer will be joining the internal security team, monitoring and analysing real-time security events using SIEM tools to detect and respond to potential threats. The Cyber Security Engineer will conduct regular vulnerability assessments and penetration tests to identify and mitigate security risks and breaches, and will … virtualisation, etc. Hands-on experience in the management of IDS/IPS, Firewalls, VPN, EDR/XDR, mail filtering and other security products Experience of Security Information Event Management (SIEM) tools Any experience or knowledge of ISO27001 as well as with penetration testing/vulnerability scanning would be highly advantageous The list above is important, but not as important as More ❯

incident response Designing and evolving secure architectures using defence in depth and threat modelling principles across cloud, networks and endpoints Driving vulnerability management and scaling tooling such as CSPM, SIEM, IAM and endpoint protection to manage risk effectively Contributing to compliance efforts including ISO27001, supplier security and data privacy, helping ensure we remain audit ready Building lightweight processes that make … and delivery Keeping pace with emerging threats and contributing to strategic conversations about how we evolve our approach Experience with vulnerability management Experience with scaling tools such as CSPM, SIEM, IAM and Endpoint protection You're hands on, curious and motivated by solving real problems You enjoy working closely with others to figure things out collaboratively You bring structure to More ❯

act as a senior analyst within the team while also providing direction, coordination, and mentorship to colleagues. You must have experience across the core Cyber Security domains, including TVM, SIEM, EDR, Incident Response, DLP, EASM, Cloud Security, Application Security, WAF, and User Access Management, along with a strong understanding of industry frameworks such as NIST and CIS . This role … DXC security models where feasible, or by designing and deploying new approaches within Luxoft. Support and contribute to the wider Cyber Security services delivered by the team, including TVM, SIEM, EDR, Incident Handling, DLP, EASM, Cloud Security, and WAF. Provide cover and support for team members during absence or workload peaks. Build strong working relationships across both DXC and Luxoft More ❯

Consultant, Configure & ensure availability of required logs into Sentinel (such as EDR, Qualys, Firewalls etc), crowd strike and dark trace. Sentinel platform admin Execution of the use cases on SIEM, SOAR & Threat Intelligence. Well versed in Design & Architecture, Cribl (Newly added by client) Deploy down selected(Nozomi) OT Security/IDS platform in the lab infra. Handle OEM communication Test … Consultant, Configure & ensure availability of required logs into Sentinel (such as EDR, Qualys, Firewalls etc), crowd strike and dark trace. Sentinel platform admin Execution of the use cases on SIEM, SOAR & Threat Intelligence. Well versed in Design & Architecture, Cribl (Newly added by client) Deploy down selected(Nozomi) OT Security/IDS platform in the lab infra. Handle OEM communication Test More ❯

MonthsInside IR35 My Client a leading telecoms company is looking for a Devops Engineer to join their Security Engineering team. This role is pivotal in delivering a strategic SIEM platform that supports client's infrastructure security and compliance requirements. You'll lead the implementation of automation strategies, manage Kubernetes-based infrastructure, and drive DevOps excellence across CI/CD pipelines. … Key Responsibilities Lead technical delivery of SIEM platform automation and infrastructure. Manage Kubernetes clusters and Elastic Stack deployments (ECK). Own CI/CD pipeline design, implementation, and troubleshooting. Collaborate with cross-functional teams to streamline software delivery. Act as product owner for sprint planning and backlog management. Mentor engineers and promote DevOps best practices. Essential Skills Strong experience with … GitLab CI, GitHub Actions). Proficient in Python, JavaScript, Golang. Experience with monitoring tools (Grafana, ELK). Agile delivery and JIRA proficiency. Excellent communication and documentation skills. Desirable Skills SIEM experience, particularly with Elastic Stack. Knowledge of ArgoCD, Terraform, Ansible, Jenkins. Familiarity with Kafka, RabbitMQ, and cloud platforms (OpenStack, Azure, AWS). Understanding of Telecoms Security Act (TSA) and regulatory More ❯

using Postfix. Interpret and implement Low-Level Design documentation. Ensure secure mail routing and compliance with enterprise security standards. Integrate Postfix with core enterprise solutions such as VCF, HPE, SIEM, and LDAP/AD. Troubleshoot mail delivery and server performance issues. Automate and monitor processes using scripting (e.g., Bash, Python). Produce comprehensive technical documentation. Required Skills & Experience: Extensive hands … Proficiency in Linux system administration (RHEL, CentOS, Ubuntu). Experience with TLS, SPF/DKIM/DMARC, and SASL protocols. Ability to integrate Postfix into enterprise systems (VCF, HPE, SIEM, LDAP/AD). Strong troubleshooting and problem-solving skills. Scripting experience for automation and monitoring (Bash, Python). Excellent technical documentation skills. Preferred Qualifications: Knowledge of high availability, load More ❯

using Postfix. Interpret and implement Low-Level Design documentation. Ensure secure mail routing and compliance with enterprise security standards. Integrate Postfix with core enterprise solutions such as VCF, HPE, SIEM, and LDAP/AD. Troubleshoot mail delivery and server performance issues. Automate and monitor processes using scripting (e.g., Bash, Python). Produce comprehensive technical documentation. Required Skills & Experience: Extensive hands … Proficiency in Linux system administration (RHEL, CentOS, Ubuntu). Experience with TLS, SPF/DKIM/DMARC, and SASL protocols. Ability to integrate Postfix into enterprise systems (VCF, HPE, SIEM, LDAP/AD). Strong troubleshooting and problem-solving skills. Scripting experience for automation and monitoring (Bash, Python). Excellent technical documentation skills. Preferred Qualifications: Knowledge of high availability, load More ❯

with the Cybersecurity Operations Centre (CSOC) and senior stakeholders to transition tools, operations, and people into a new operating model . Familiarity with security processes and tools such as SIEM and Microsoft Sentinel is essential. Location: London ( Hybrid - 1 day/week) Contract Length: Initial 3 months Rate: TBC (inside IR35) Start: ASAP Key Responsibilities Manage the transition of security … governance. Skills & Experience A strong understanding of security operations, frameworks and terminology is essential. Experience with CSOC is essential. Proven track record in operating model transitions . Familiarity with SIEM tools and Microsoft Sentinel . Excellent stakeholder management skills at senior levels. Telco industry experience. Experience in large-scale security programs. If you're interested in this role, click 'apply More ❯