176 to 200 of 246 SIEM Jobs in England

to deliver security operations Lead advance thread detection and incident resp0onse Onboard new customers Manage the transition of services into BAU support Your background: Hands-on experience with customers SIEM and EDR and automation tooling Deep understanding of delivering cyber security services in an MSP setting SC100 Cyber Security Architect certification is highly desirable If you fit these key requirements More ❯

SOC Engineer to join their Public Sector & Government business unit, supporting a major Highways programme . The role will involve engineering and enhancing SOC capabilities, integrating security tools, tuning SIEM use cases, and ensuring that monitoring, detection, and response functions are optimised to meet government security standards. Key Details: £530 per day (Inside IR35). 6-month contract, ending 27th More ❯

SOC Engineer to join their Public Sector & Government business unit, supporting a major Highways programme . The role will involve engineering and enhancing SOC capabilities, integrating security tools, tuning SIEM use cases, and ensuring that monitoring, detection, and response functions are optimised to meet government security standards. Key Details: £530 per day (Inside IR35). 6-month contract, ending 27th More ❯

from a variety of industry leaders Experienced at working on bids and large or complex changes Excellent understanding of a variety of networks and routing protocols Network management or SIEM designs, tooling or support This contract is based on-site in Baskingstoke, some travel may be required. This is a great opportunity for an experienced Pre-Sales Network Architect. Due More ❯

in the managed IT or telecoms sector. Solid knowledge of network principles (TCP/IP, routing protocols like OSPF & BGP, VRRP). Understanding of security concepts: firewalls, UTM, IPSec, SIEM, etc. Hands-on experience with at least two of the following: Networks, Cloud, Unified Communications, Cyber Security. Desirable: SD-WAN & SASE experience. Understanding of public/private cloud architecture. Technical More ❯

in the managed IT or telecoms sector. Solid knowledge of network principles (TCP/IP, routing protocols like OSPF & BGP, VRRP). Understanding of security concepts: firewalls, UTM, IPSec, SIEM, etc. Hands-on experience with at least two of the following: Networks, Cloud, Unified Communications, Cyber Security. Desirable: SD-WAN & SASE experience. Understanding of public/private cloud architecture. Technical More ❯

internal process improvement, customer-facing engagements, and knowledge sharing across the wider SOC team. Key Responsibilities Detection Engineering and Delivery – You will develop, test, and deploy detection rules across SIEM, XDR, and other SOC platforms, supporting comprehensive, customer-aligned threat coverage. Lifecycle Management and Optimisation – You will monitor detection performance, tune rules to reduce false positives, and remediate logic or More ❯

to lead complex projects and make a tangible impact? We're looking for a Senior Cyber Engineer, with experience in designing and deploying Rapid7 , SentinelOne, (or similar XDR, MDR, SIEM, ) in an AWS environment, for our clients growing team in Crawley click apply for full job details More ❯

have a large SOC team that can boast some very high profile clients within the Defence sector. Due to expansion, we have this new role for a Senior SOC SIEM Content Engineer with broad experience of Cyber. If you possess robust technical abilities and are eager to apply your expertise to the fullest extent, this opportunity is ideal for you. … maintaining security content such as rules, dashboards, and reports for our Security Information and Event Management (SIEM) systems. This role requires a strong understanding of security procedures and experience working with SIEM platforms and within an MSSP environments where you may be working across multiple operational customers and projects. Hybrid Variable: Working in Hemel Hempstead OR Farnborough 1 to … Cleared OR eligible for DV Clearance. What you'll be doing: Develop, deploy, and uphold security content (including rules, dashboards, and reports) for our SIEM system. Continuously monitor and analyse SIEM data to identify and respond to potential security threats. Collaborate with SOC Analysts, Architects, Project Managers & Engineers to improve the precision and efficiency of the SIEM materials. Stay up More ❯

guiding conversations from scoping through to delivery. Key experience Background in managed security services, including SOC operations and threat detection Strong knowledge of cloud and on-prem security tooling (SIEM, EDR, IAM) Penetration testing Proven ability to translate technical concepts into clear business value Confident in customer-facing engagements and pre-sales delivery Experience contributing to bids, proposals, and RFI More ❯

in-stream analytics without reliance on expensive indexing or hot storage. We specialize in comprehensive monitoring of logs, metrics, traces, and security events with features such as APM, RUM, SIEM, Kubernetes monitoring, and more-enhancing operational efficiency and reducing observability spend by up to 70%. We are seeking a highly motivated, experienced, and collaborative Team Lead, Onboarding Project Managers More ❯

technical delivery and ideally Cyber Transformation programmes. The role is inside IR35 and you would be paid PAYE through us here at Opus.Skills required: - Cyber security projects- PAM, IDAM, SIEM, Data protection projects- Ideally some experience of RFP/Tendering More ❯

team operations. Strong understanding of APT tactics, evasion techniques, and system architecture. Experience with red/purple team tools and automated testing platforms. Solid grasp of blue team strategies, SIEM tools, and incident response. Skilled in writing concise reports for both technical and non-technical audiences. Knowledge of cyber risk frameworks, regulations, and best practices. Package: Circa £75,000 + More ❯

team operations. Strong understanding of APT tactics, evasion techniques, and system architecture. Experience with red/purple team tools and automated testing platforms. Solid grasp of blue team strategies, SIEM tools, and incident response. Skilled in writing concise reports for both technical and non-technical audiences. Knowledge of cyber risk frameworks, regulations, and best practices. Package: Circa £75,000 + More ❯

while enabling the business to run smoothly. What you'll be doing: Implementing and maintaining security controls across network, cloud, endpoints, and core infrastructure Owning key technologies like firewalls, SIEM, EDR, VPN, NAC, and vulnerability scanners Driving vulnerability management and hardening across the estate Supporting and responding to security incidents across infrastructure services Embedding security into infrastructure changes (firewall rules … Strong background in infrastructure or network security within a complex enterprise environment Solid knowledge of: Firewalls, VPN, IDS/IPS, network security controls Endpoint security (EDR, anti-malware, DLP) SIEM tools (e.g. Splunk, Sentinel) Vulnerability management (e.g. Qualys, Tenable) Cloud (Azure and/or AWS) Hands-on experience supporting or responding to security incidents Familiarity with frameworks such as ISO More ❯

Develop SOC policies, technical standards, and procedure documentation aligned to industry best practice. Log Management: Work with MSSPs and service owners to ensure log sources are onboarded into the SIEM solution. Create use cases to correlate suspicious activities across endpoints, networks, applications, and both on-premises and cloud environments. Incident Response: Improve playbooks and processes, lead escalated security incidents, oversee … platform by producing workflows to automate responses to common attack types and enhance operational playbooks. Digital Forensics: Use forensic tools and techniques to analyse data sources such as logs, SIEM data, applications, and network traffic patterns, and recommend appropriate response actions to ensure threats are contained and eradicated. Cyber Crisis Testing: Participate in cyber-attack simulations and scenario exercises to … a degree in Computer Science, Cybersecurity, IT, or a related subject. Ideally hold recognised security qualifications such as CISSP, AZ-500, GIAC/GCIA/GCIH, CASP+, CEH, or SIEM certifications. Strong knowledge of log correlation, analysis, forensics, and chain of custody requirements. Familiarity with regulatory frameworks (NCSC CAF, ISO/IEC 27001/27002, GDPR, CIS, NIST). Practical More ❯

Develop SOC policies, technical standards, and procedure documentation aligned to industry best practice. Log Management: Work with MSSPs and service owners to ensure log sources are onboarded into the SIEM solution. Create use cases to correlate suspicious activities across endpoints, networks, applications, and both on-premises and cloud environments. Incident Response: Improve playbooks and processes, lead escalated security incidents, oversee … platform by producing workflows to automate responses to common attack types and enhance operational playbooks. Digital Forensics: Use forensic tools and techniques to analyse data sources such as logs, SIEM data, applications, and network traffic patterns, and recommend appropriate response actions to ensure threats are contained and eradicated. Cyber Crisis Testing: Participate in cyber-attack simulations and scenario exercises to … a degree in Computer Science, Cybersecurity, IT, or a related subject. Ideally hold recognised security qualifications such as CISSP, AZ-500, GIAC/GCIA/GCIH, CASP+, CEH, or SIEM certifications. Strong knowledge of log correlation, analysis, forensics, and chain of custody requirements. Familiarity with regulatory frameworks (NCSC CAF, ISO/IEC 27001/27002, GDPR, CIS, NIST). Practical More ❯

You will be involved in assisting in monitoring network traffic and using SIEM tools (e.g. FortiSIEM, Microsoft Sentinel) to detect suspicious activity and triage security risks and supporting incident reporting and response, including risk assessments and vulnerability scans. Role Assist in monitoring network traffic and using SIEM tools (e.g. FortiSIEM, Microsoft Sentinel) to detect suspicious activity and triage security risks. … within 48 hours. Handle walk-up incidents and participate in major incident responses. Support the ICT security incident response process and maintain the ICT Risk Register. Manage security dashboards (SIEM, FortiMail, FortiConsole, SOPHOS, Windows Defender). Oversee job assignments and SLA performance across teams. Support projects aligned with the Cyber Assessment Framework (CAF). Assist in updating and maintaining IT More ❯

Optimization Continuously review, update, and document SOC processes, playbooks, and standard operating procedures (SOPs) to improve operational effectiveness. Technology Oversight Ensure the reliability and performance of security tools, including SIEM and EDR platforms. Lead the evaluation, selection, and implementation of new security technologies and enhancements. Reporting & Analytics Develop and maintain KPIs and metrics to assess SOC performance. Deliver regular reports … a Security Operations Centre (SOC) or related cybersecurity environment. Industry-recognised certifications (preferred), such as a cybersecurity degree, Network+, Security+, or equivalent technical qualifications. Strong hands-on knowledge of SIEM and EDR platforms, including experience configuring and writing queries (eg, SQL, KQL). Familiarity with cloud platforms (AWS, Azure, etc.) and securing hybrid IT environments. Excellent communication skills, both verbal More ❯

Optimization Continuously review, update, and document SOC processes, playbooks, and standard operating procedures (SOPs) to improve operational effectiveness. Technology Oversight Ensure the reliability and performance of security tools, including SIEM and EDR platforms. Lead the evaluation, selection, and implementation of new security technologies and enhancements. Reporting & Analytics Develop and maintain KPIs and metrics to assess SOC performance. Deliver regular reports … a Security Operations Centre (SOC) or related cybersecurity environment. Industry-recognised certifications (preferred), such as a cybersecurity degree, Network+, Security+, or equivalent technical qualifications. Strong hands-on knowledge of SIEM and EDR platforms, including experience configuring and writing queries (eg, SQL, KQL). Familiarity with cloud platforms (AWS, Azure, etc.) and securing hybrid IT environments. Excellent communication skills, both verbal More ❯

detailed analysis and containment strategies. Perform malware analysis, reverse engineering, and develop detection signatures. Integrate threat intelligence into SOC operations, staying ahead of emerging attack techniques. Manage and optimise SIEM tools (Splunk, QRadar, Microsoft Sentinel). Develop SOC use cases, runbooks, and playbooks to improve response capability. Collaborate with IT, legal, and management teams during incident response. Support pre-sales … scoping for new opportunities. Contribute to continual service improvement and security tool enhancements Skills & Experience Strong background in incident response, SOC operations, and security investigations. Hands-on expertise with SIEM tools (Splunk, QRadar, Microsoft Sentinel). Deep understanding of network traffic analysis, vulnerability management, and penetration testing. Knowledge of DFIR principles, malware reverse engineering, and digital forensics. Familiarity with ITIL More ❯

ensuring that security operations stay one step ahead of emerging threats. What You'll Do Lead the creation and optimization of detection rules, alerting logic, and use cases across SIEM, EDR, and SOAR platforms. Analyze and investigate alerts across cloud and on-prem infrastructures to identify real threats and eliminate false positives. Strengthen visibility across Azure, AWS, and GCP environments … improvement of detection strategies and mentor analysts to uplift overall team capability. What You'll Bring Solid background in threat detection, SOC operations, or incident response. Deep understanding of SIEM, EDR, and cloud-native security tooling (eg, Microsoft Sentinel, Defender, GuardDuty, Chronicle). Hands-on experience developing and tuning detection content for cloud and hybrid environments. Strong grasp of adversarial More ❯

In 2022 we built out an exciting SIEM/SOAR and ManagedDetection and Response service called SEP2.security, built upon Google CloudSecurity's Chronicle stack. Due to customer demand, we are now looking to hire aPrincipal Cyber Security Engineer to join this every growing team. The Security Intelligence Services team, that this role issituated in, provides security monitoring and use case … quickly with colleagues and customers. Competentand confident in customer facing situations. Qualifications and Experience Experienceas a Cyber SOC Analyst/or similar role. Provenexperience in deploying SIEM (Security Information and Event Management)and SOAR (Security orchestration, automation, and response) solutions toachieve positive outcomes. Our tools include Google ChronicleSIEM/Siemplify SOAR and LogRhythm, but experience with other platformssuch as Microsoft More ❯

ideal candidates will possess an active Security clearance and have a solid background in Cyber Security, with the following skills and experience: Proficiency in Security Information and Event Management (SIEM), including tools such as Splunk, Defender, and Tenable Threat Modelling System solutions, as well as with IDS/IPS and vulnerability scanners. Experience in SOC operations, incident response, and forensic More ❯

platforms to onboard customers in live services Lifecycle Management – You support the full lifecycle of platform engineering, including patching, maintenance activities, upgrades, and coordinated service transitions Skills and Attributes SIEM and XDR Engineering experience Telemetry and Log Management experience Infrastructure Troubleshooting experience Automation & Integration experience Desirable (but not essential) MSSP Background Benefits At Claranet, we go the extra mile with More ❯