201 to 225 of 265 SIEM Jobs in England

hold an active Security Clearance, this is essential. Experience in a Security Operations Centre (SOC) or similar operational cybersecurity role. Hands-on experience with SIEM platforms, specifically Elastic SIEM/Elastic Stack. Strong analytical and investigative skills; able to manage incidents from detection to resolution. Understanding of attacker behaviours, common ...

adoption within the security strategy. Apply foundational security principles to new technologies and unconventional scenarios while enabling organisational objectives. What We're Looking For SIEM/SOAR: Proficiency in SIEM concepts, data source integration, and creating SOAR runbooks. Security Stack : Hands-on with EDR, XDR, WAF, and email security solutions. ...

Assessment Papers, Risk Treatment Plans, Risk Business Cases, and Security Management Plans. Knowledge and experience with security architecture and Security Information and Event Management (SIEM) tools, such as Splunk, Defender, Sentinel, ELK, and Tenable Threat Modelling System solutions. Extensive understanding of cybersecurity threats, attack vectors, vulnerabilities, and security controls. Demonstrable ...

Join a team that’s expanding, investing in new capabilities, and empowering analysts to grow Key Responsibilities: Deliver excellent and thorough security analysis, taking SIEM output and actioning it accordingly Push for improvements across the overall monitoring capability Engage with a wide range of stakeholders, with varying levels of technical … internal security posture Be proactive with client requirements, offering guidance and input to highly technical challenges Essential Skills: Experience working with SIEM tools such as ArcSight, Splunk, LogRhythm, or AlienVault Understanding of how to get the best from available tooling Exposure to building capability and consulting with customers to change ...

internal or external threats Conducting privileged account reviews Performing vulnerability and risk assessments Analysing security breaches to determine root cause Contributing to enhancing the SIEM platform Supporting continuous improvement across CSOC operations What you bring: Basic understanding of security threats and compromise methods Knowledge of servers, clients, and network technologies … management, and expectation management skills Desirable SC-200, CompTIA Security+, or related certifications Previous SOC experience Hands-on cyber incident response experience Experience with SIEM platforms, vulnerability assessments or antivirus tooling What can we offer you? Through our one of a kind training programme, the Littlefish Academy, you can increase ...

incidents, overseeing team members and ensuring technical excellence throughout delivery. Support detection engineering and SecOps enhancement initiatives, including identifying coverage gaps in EDR/SIEM tooling and contributing to orchestration and automation playbooks. Work directly with client technical teams, acting as a trusted advisor and primary point of contact during … least two of the following areas: Digital forensics and technical incident response Enterprise security operations tooling and processes Detection engineering within EDR/SIEM environments, including addressing ATT&CK TTP coverage gaps Enterprise IT networks and Active Directory Cloud platforms such as Microsoft 365, Azure, AWS or GCP You will ...

technology and career development. Skills required: Microsoft Certified: Security Operations Analyst Associate Certification (SC200) is a mandatory requirement for role fulfilment Experience working with SIEM technologies and security tooling An understanding of IT Infrastructure and Networking An understanding of vulnerability and threat management An understanding of the incident response lifecycle … responsible for providing Protective Monitoring Services across a range of Secure Customers. They will be responsible for the day-to-day monitoring using various SIEM Tools (Qradar, Sentinel & LogRhythm). Some of the responsibilities that come along with this role include the following: Security Analytics Incident investigation, triage and escalation ...

technology and career development. Skills required: Microsoft Certified: Security Operations Analyst Associate Certification (SC200) is a mandatory requirement for role fulfilment Experience working with SIEM technologies and security tooling An understanding of IT Infrastructure and Networking An understanding of vulnerability and threat management An understanding of the incident response lifecycle … responsible for providing Protective Monitoring Services across a range of Secure Customers. They will be responsible for the day-to-day monitoring using various SIEM Tools (Qradar, Sentinel & LogRhythm). Some of the responsibilities that come along with this role include the following: Security Analytics Incident investigation, triage and escalation ...

across multiple SOC platforms and customer environments Oversee the full incident lifecycle detection, response, escalation, post-incident review Ensure effective use and optimisation of SIEM and SOAR platforms (Splunk, Sentinel, QRadar) Drive operational consistency using ITIL-aligned processes and CREST-aligned best practices Act as the senior point of contact … development Experience operating SOC services across multiple customers and security environments Deep understanding of incident management, escalation, and service delivery under pressure Knowledge of SIEM/SOAR tooling, ideally Splunk and/or Microsoft Sentinel Strong working knowledge of NIST, MITRE ATT&CK, ISO 27001, CREST, and ITIL Confident communicator ...

Delivery Own end-to-end technical design for Network Security services, including: Zero Trust Network Access (ZTNA) NGFW, NAC, IDS/IPS Proxy services SIEM/SOAR integrations Define and assure non-functional requirements (availability, scalability, performance, security, operability) Maintain architecture diagrams, security workflows, threat models, and integration contracts aligned … building, and operating enterprise network security platforms Deep hands-on expertise in one or more of: ZTNA, NGFW, NAC, IDS/IPS Proxy services SIEM/SOAR integrations Strong understanding of Zero Trust Architecture and policy-based access control Proven DevSecOps, IaC, and CI/CD experience Solid grounding ...

scale. Key Responsibilities Strategic Platform & Automation Leadership Lead and support the selection, design, and transition from fragmented security tooling to a unified SIEM platform and security data lake . Drive a fundamental shift from incident-focused, task-based workflows to preventative security activities and platform optimisation . Proactive Threat Focus … months, ideally in regulated or high-availability environments. End-to-End Programme Ownership Full lifecycle ownership of major initiatives including MDR consolidation, SIEM, SOAR, and security data lake deployments , delivering measurable business outcomes. Formal RFP & Vendor Management Expertise Proven experience authoring RFPs, evaluating vendors, and overseeing complex onboarding and integration. ...

services over multiple years. Drive the deployment of best-in-class security technologies, including Endpoint Detection & Response (EDR) and Security Information and Event Management (SIEM) solutions. Collaborate with Cyber Security, IT, and business stakeholders to ensure alignment, adoption, and smooth transition to business-as-usual operations. Support M&A activities … enabling rapid onboarding/offboarding of businesses into the SOC environment. What we're looking for: Proven experience leading SOC consolidation programmes and EDR/SIEM implementations Strong knowledge of cyber security operations, frameworks, and standards Excellent programme and stakeholder management skills Ability to oversee complex, multi-year workstreams, balancing ...

platforms are correctly configured to report into centralised tooling such as Tufin and Splunk. Automate firewall-related processes and integrate with orchestration tools and SIEM platforms. Enhance operational metrics, reporting, and risk visibility across firewall estates. Your Approach: Review existing firewall policies and rule sets to identify gaps, inconsistencies, and … with enterprise firewall platforms such as Cisco and Check Point (or equivalent). Familiarity with firewall management, reporting, and analytics tools (e.g. Tufin, Splunk, SIEM platforms). Knowledge of automation and orchestration tools for security operations. Strong communication skills with the ability to document standards and engage technical and ...

collaborating with the Security Lead and technical teams to secure cutting-edge technology solutions. The role is technically diverse and challenging, covering vulnerability management, SIEM and security tooling, secure system deployment, incident support, and the application of modern security practices across CI/CD and operational environments. Experience required: Hands … experience working with SIEM technologies and security monitoring Awareness of modern threat models (eg. MITRE ATT&CK) Understanding of CI/CD pipelines and security controls within DevOps environments Building and maintaining SOC detections and use cases Working knowledge and understanding of MOD security policies and frameworks Outstanding communication and ...

Enhance operational metrics, reporting, and overall risk visibility across IT and OT estates. Automate vulnerability management processes and integrate outputs with orchestration tools and SIEM platforms. Your Approach: Assess existing vulnerability management processes and identify gaps in coverage, prioritisation, and reporting. Apply risk context to vulnerability data to support meaningful … including DMZ architectures and segmentation principles. Familiarity with security frameworks such as NIST and their application in operational environments. Experience integrating vulnerability tools with SIEM and orchestration platforms. Strong communication skills, with the ability to translate technical risk into operational insight. Willingness to engage with sites directly, including on-site ...

Duration: 18/12/2026 Rate £646 MUST BE PAYE THROUGH UMBRELLA Role Description: Own a component area (e.g., segmentation, NAC, DDI, egress, SIEM detections, runbook automation) within the pod. Refine epics into stories with clear acceptance tests; manage dependencies and keep delivery flow unblocked. Responsibilities Story elaboration: translate … domains; excellent story writing and backlog hygiene. Comfortable with config/policy artefacts (firewall baselines, ISE/NAC policy, DDI plans, proxy/ZTNA, SIEM rules). ITIL change fluency; ServiceNow request/change models. Preferred Certifications PSPO/CSPO; ITIL 4 Foundation; vendor fundamentals in one or more stacks ...

working with a rapidly scaling, high-integrity UK cybersecurity services provider that delivers: 24/7 Managed SOC MDR/XDR Managed SIEM Threat Intelligence Incident Response Pen Testing & Consultancy Co-managed security services for mid-market and enterprise organisations They've recently secured new investment, strengthened their leadership team … sale. What We're Looking For 5–10+ years selling cybersecurity services (SaaS + MSSP strongly preferred). Experience selling: SOC, MDR/XDR, SIEM, threat intel, IR or pen-testing. Strong track record in regulated sectors: FS, energy, SaaS, education, critical infrastructure. Confident engaging C-suite, boards & multi-stakeholder ...

Budget planning & vendor procurement to ensure cost-efficiency. Produce and present performance metrics to senior leadership. Implement and optimise monitoring, detection, and investigative tools (SIEM, etc.) Ideal Experience C5yrs+ years in either (or both) network and security operations — ideally with at least 3-5 years in a managerial/leadership … technical teams. Broad expertise in network infrastructure: routing, switching, firewalls, VPNs, load balancers, cloud networks. Deep understanding of security monitoring and incident response tools (SIEM, etc.) Side notes Hybrid working; 2-3 days office based in Bolton MSP experience is highly desirable ...

Site Reliability Engineer (Elastic/SIEM) We are seeking an experienced Site Reliability Engineer (4+ years) to design and maintain scalable, reliable infrastructure . The role focuses on Elastic Stack (Elasticsearch, Logstash, Kibana) , SIEM management , system monitoring, automation, and incident response. Key Skills & Technologies Elastic Stack (ELK) SIEM technologies Docker ...

Role: SIEM Application Engineer Type: Contract (3 Months) Location: Birmingham/Manchester, UK (Hybrid 3 days a week) Payrate: £450 - £550 per day INSIDE IR35 Umbrella Elastic Stack Mastery: 5+ years of cybersecurity engineering experience, specializing in the end-to-end delivery, optimization, and operation of the Elastic Stack ...

Role: SIEM Application Engineer Type: Contract (3 Months) Location: Birmingham/Manchester, UK (Hybrid 3 days a week) Payrate: £450 - £550 per day INSIDE IR35 Umbrella Elastic Stack Mastery: 5+ years of cybersecurity engineering experience, specializing in the end-to-end delivery, optimization, and operation of the Elastic Stack ...

Role: SIEM Application Engineer Type: Contract (3 Months) Location: Birmingham/Manchester, UK (Hybrid 3 days a week) Payrate: £450 - £550 per day INSIDE IR35 Umbrella Elastic Stack Mastery: 5+ years of cybersecurity engineering experience, specializing in the end-to-end delivery, optimization, and operation of the Elastic Stack ...

seeking a Network Component Product Owner to lead delivery across a defined network or security capability area (e.g., segmentation, NAC, DDI, egress, SIEM detections, or runbook automation). You will translate technical and risk requirements into actionable delivery outcomes, manage dependencies across technology towers, and ensure smooth, continuous delivery within … user stories and maintaining healthy backlogs. Familiarity with configuration and policy artefacts such as firewall baselines, NAC policies, DDI plans, proxy/ZTNA, and SIEM rules. Working knowledge of ITIL change processes and ServiceNow request/change models. Preferred Certifications PSPO or CSPO ITIL 4 Foundation Vendor fundamentals across ...

Working closely with SEs and leadership to win competitive deals Essential Requirements (Must-Have) Proven experience selling a cyber platform or closely aligned SIEM/SOC/security analytics solutions Demonstrated success in cybersecurity SaaS sales within the UK market Strong track record of quota attainment Comfortable selling technical, value … and run a UK territory independently Strong understanding of the UK cyber landscape (channel ecosystem, MSSPs, major enterprise accounts) Experience selling into SOC, MDR, SIEM, NDR, XDR, or cloud security environments Channel or partner-led sales exposure Background in high-growth or scale-up vendors Why This Role? Clear ...

Working closely with SEs and leadership to win competitive deals Essential Requirements (Must-Have) Proven experience selling a cyber platform or closely aligned SIEM/SOC/security analytics solutions Demonstrated success in cybersecurity SaaS sales within the UK market Strong track record of quota attainment Comfortable selling technical, value … and run a UK territory independently Strong understanding of the UK cyber landscape (channel ecosystem, MSSPs, major enterprise accounts) Experience selling into SOC, MDR, SIEM, NDR, XDR, or cloud security environments Channel or partner-led sales exposure Background in high-growth or scale-up vendors Why This Role? Clear ...