226 to 245 of 245 SIEM Jobs in England

to be better, be more and ultimately, be more fulfilled. SOC Consultant Hybrid-3 days onsite Requirement: 10+ years of experience in Cyber security Designing & implementation on Network Security, SIEM, SOAR & Threat Intelligence. Key Responsibilities: Lead Sentinel Deployment for OT SOC Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response. Log Source Integration … the OT landscape. Incident Response Automation Design and implement playbooks using Logic Apps to automate incident response workflows for common OT security events. Execution of the use cases on SIEM, SOAR & Threat Intelligence Build custom workbooks and dashboards to visualize OT security posture, threat trends, and SOC performance metrics. More ❯

week in London office) Essential Experience: As an associate security analyst you will triage and investigate cyber security alerts and reports from users experience using security tools (e.g., EDR, SIEM) to support the investigation and response to cyberincidents Experience with SIEM tools (experience of Splunk preferred but experience of Microsoft Sentinel or anequivalent SIEM tool is acceptable) Experience in AWS More ❯

week in London office) Essential Experience: As an associate security analyst you will triage and investigate cyber security alerts and reports from users experience using security tools (e.g., EDR, SIEM) to support the investigation and response to cyber incidents Experience with SIEM tools (experience of Splunk preferred but experience of Microsoft Sentinel or an equivalent SIEM tool is acceptable) Experience More ❯

We are currently recruiting for a Senior Security Engineer with experience in SIEM/SOAR that is eager to join UK GOV department - SC Cleared envionmen t for a short term contract until end of the year 2025 About the role: Work in the Monitoring and Integration Platform Team and deliver against the initial phase of the security monitoring project … onboarding several critical services that are proactively monitored by the in-house SOC (Security Operations Centre). Essential Experience: 2+ years in security platforms management (SIEM, SOAR). Enterprise-level monitoring and supporting large user bases (10,000+ users). Create/manage security playbooks and knowledge of public sector standards. Experience in Xsiam correlation/playbooks and Cortex XDR More ❯

We are currently recruiting for a Senior Security Engineer with experience in SIEM/SOAR that is eager to join UK GOV department - SC Cleared envionmen t for a short term contract until end of the year 2025 About the role: Work in the Monitoring and Integration Platform Team and deliver against the initial phase of the security monitoring project … onboarding several critical services that are proactively monitored by the in-house SOC (Security Operations Centre). Essential Experience: 2+ years in security platforms management (SIEM, SOAR). Enterprise-level monitoring and supporting large user bases (10,000+ users). Create/manage security playbooks and knowledge of public sector standards. Experience in Xsiam correlation/playbooks and Cortex XDR More ❯

council offers its employees development opportunities, as well as a fair and flexible workplace. The council is a Living Wage Employer. Responsibilities: Assist in monitoring network traffic and using SIEM tools (e.g. FortiSIEM, Microsoft Sentinel) to detect suspicious activity and triage security risks. Support incident reporting and response, including risk assessments and vulnerability scans. Gain hands-on experience managing firewalls … within 48 hours. Handle walk-up incidents and participate in major incident responses. Support the ICT security incident response process and maintain the ICT Risk Register. Manage security dashboards (SIEM, FortiMail, FortiConsole, SOPHOS, Windows Defender). Oversee job assignments and SLA performance across teams. Support projects aligned with the Cyber Assessment Framework (CAF). Assist in updating and maintaining IT More ❯

remain at the required security posture against baseline requirements Develop and document system security baselines. Work with the Protective Monitoring engineering team to ensure logs are forward to the SIEM capability Work with the customer and appropriate agencies to develop new policies, design processes, and procedures, and develop technical designs Assess system vulnerabilities, implement risk mitigation strategies, validate secure systems … Endpoint Security Products Working knowledge of the accreditation process for secure/sensitive systems Experience in producing/updating Design artefacts Understanding of the implementation, operation and maintenance of SIEM products Understanding of network and boundary protection technologies (firewalls, mail gateways, load balancers, anti-virus) Understanding of authentication and authorisation technologies (SAML, LDAP, PKI, etc) Understanding of security infrastructure in More ❯

tools such as Microsoft Defender, Purview, Symantec, CrowdStrike, or equivalent. Platform Integration & Automation: Drive automation for device onboarding, compliance validation, and health monitoring. Ensure endpoint telemetry is integrated with SIEM platforms and observability stacks. Partner with platform and infrastructure teams to enforce secure device baselines and policies. Build self-healing, zero-trust-aligned architectures for secure device management. Observability & Event … Qualifications: Familiarity with zero-trust security models and endpoint detection and response (EDR). Certifications such as CISSP, CISM, Microsoft Security certifications, or equivalent. Experience integrating device telemetry into SIEM and SOAR platforms. Who You'll Work With Work Environment & Additional Information: Hybrid or on-site work model. Occasional travel for global alignment or vendor engagements. Ability to operate in More ❯

and maintain positive working relationships with them Pre-requisites: Experience of more than 12 years in advanced security technologies Strong security professional skilled in Security Information and Event Management (SIEM), Vulnerability Management and Security Intelligence, IDAM, Digital Rights Management (DRM), Anti-APT, Data Leak Prevention (DLP), Phishing simulation tools etc Experience in managing P1 incidents Experience in managing shift roster More ❯

increased cyber threats and compliant to industry standards. This role covers information protection, including data loss protection and data classification, and threat protection, including security information and event management (SIEM), user and entity behaviour analytics (UEBA), point products like anti-virus (AV) and intrusion detection system/intrusion prevention system (IDS/IPS) and penetration testing. The Service Delivery team … preferred. Compliance knowledge required in ISO27001, PCI and GDPR. Possibly a certified ethical hacker Knowledge of Security technologies is essential, such as network appliances, firewall administration, AD, IAM, PAM, SIEM, UEBA, AV, IDS/IPS and MDM solutions Understanding of common frameworks, such as ITIL or LEAN is preferred Good exposure of user environment management, including desktops/laptops, profile More ❯

assisting a client who operate in a regulated industry, financial services, who are currently embarking a programme of work focused on maturity/designing and implementing security posture utilising SIEM tools such as Google Chronicle & implementing UEBA/SOAR (Security Orchestration, Automation, and Response/User and Entity Behaviour Analytics) built on GCP/Google Cloud so Google SecOps/… Security Operations experience is highly desirable. Key Responsibilities; - Enable and validate UEBA alerting within Chronicle SIEM, based on log sources - Deliver a minimum viable UEBA capability with tested detection logic - Provide engineering support to accelerate onboarding of log sources required for UEBA enrichment and detection fidelity - Demonstrate the ability to work with Google Chronicle and SecOps APIs, specifically for the … Design and implement detection use cases aligned to MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs - BindPlane - MITRE ATT&CK - Strong SOC background - SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December, possibly longer - Hybrid More ❯

assisting a client who operate in a regulated industry, financial services, who are currently embarking a programme of work focused on maturity/designing and implementing security posture utilising SIEM tools such as Google Chronicle & implementing UEBA/SOAR (Security Orchestration, Automation, and Response/User and Entity Behaviour Analytics) built on GCP/Google Cloud so Google SecOps/… Security Operations experience is highly desirable. Key Responsibilities; - Enable and validate UEBA alerting within Chronicle SIEM, based on log sources - Deliver a minimum viable UEBA capability with tested detection logic - Provide engineering support to accelerate onboarding of log sources required for UEBA enrichment and detection fidelity - Demonstrate the ability to work with Google Chronicle and SecOps APIs, specifically for the … Design and implement detection use cases aligned to MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs - BindPlane - MITRE ATT&CK - Strong SOC background - SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December, possibly longer - Hybrid More ❯

assisting a client who operate in a regulated industry, financial services, who are currently embarking a programme of work focused on maturity/designing and implementing security posture utilising SIEM tools such as Google Chronicle & implementing UEBA/SOAR (Security Orchestration, Automation, and Response/User and Entity Behaviour Analytics) built on GCP/Google Cloud so Google SecOps/… Security Operations experience is highly desirable. Key Responsibilities; - Enable and validate UEBA alerting within Chronicle SIEM, based on log sources - Deliver a minimum viable UEBA capability with tested detection logic - Provide engineering support to accelerate onboarding of log sources required for UEBA enrichment and detection fidelity - Demonstrate the ability to work with Google Chronicle and SecOps APIs, specifically for the … Design and implement detection use cases aligned to MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs - BindPlane - MITRE ATT&CK - Strong SOC background - SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December, possibly longer - Hybrid More ❯

assisting a client who operate in a regulated industry, financial services, who are currently embarking a programme of work focused on maturity/designing and implementing security posture utilising SIEM tools such as Google Chronicle & implementing UEBA/SOAR (Security Orchestration, Automation, and Response/User and Entity Behaviour Analytics) built on GCP/Google Cloud so Google SecOps/… Security Operations experience is highly desirable. Key Responsibilities; - Enable and validate UEBA alerting within Chronicle SIEM, based on log sources - Deliver a minimum viable UEBA capability with tested detection logic - Provide engineering support to accelerate onboarding of log sources required for UEBA enrichment and detection fidelity - Demonstrate the ability to work with Google Chronicle and SecOps APIs, specifically for the … Design and implement detection use cases aligned to MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs - BindPlane - MITRE ATT&CK - Strong SOC background - SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December, possibly longer - Hybrid More ❯

from the SOC. The Lead Incident Response Specialist will have the following responsibilities - Develop and refine incident response standard operating procedures and playbooks Operate and maintain controls related to SIEM, DLP, Vulnerability Management, Cyber Threat Intelligence, Endpoint Protection To ensure incident response efforts and documentation comply with industry standards and best practices like GDPR, SOC, NIST & ISO The LeadIncident Response … Specialist will need to have the following skills/experience - 5+ years experience working within Incident Response or similar Previous experience operating and maintaining IT security controls related to SIEM, DLP, Vulnerability Management and Cyber Threat Intelligence Must have practical commercial experience of IT Security analysis and engineering experience including securing systems, networks and infrastructure; operational support Previous working within More ❯

SIEM Application Engineer - Elasticsearch Birmingham - 3 days in the office/2 days from home £60-70k pa + bonus and benefits We are recruiting a fantastic opportunity to join a busy Security Engineering team and support the design, development, implementation and operation of a SIEM platform. In this role you will design and implement SIEM solutions using Elasticsearch … as well as optimising SIEM rules, alerts and dashboards. You will collaborate with cross-functional teams, contributing as part of a security engineering team. As well as Elasticsearch you should have commercial experience with Logstash and Kibana to enhance threat detection, incident response and overall security. Please send a CV detailing the above required experience for consideration. SIEM Application Engineer More ❯

growth, collaboration, and working on cutting-edge projects that truly matter. What You Will Do: - Monitor, investigate, and analyse insider-related alerts and activities across advanced security platforms, including SIEM, DLP, UEBA, and EDR. - Identify patterns, anomalies, and behaviours that could indicate insider threats such as data exfiltration, fraud, or misuse of privileges. - Conduct thorough behavioural risk assessments by combining … equivalent practical experience. - At least three years of experience in cybersecurity operations, insider threat programmes, SOC, or similar investigative roles. - Familiarity with insider risk tools and technologies such as SIEM, DLP, UEBA, and EDR. - Strong analytical and investigative skills, with the ability to communicate findings effectively to technical and non-technical stakeholders. - A high level of integrity and discretion when More ❯

growth, collaboration, and working on cutting-edge projects that truly matter. What You Will Do: - Monitor, investigate, and analyse insider-related alerts and activities across advanced security platforms, including SIEM, DLP, UEBA, and EDR. - Identify patterns, anomalies, and behaviours that could indicate insider threats such as data exfiltration, fraud, or misuse of privileges. - Conduct thorough behavioural risk assessments by combining … equivalent practical experience. - At least three years of experience in cybersecurity operations, insider threat programmes, SOC, or similar investigative roles. - Familiarity with insider risk tools and technologies such as SIEM, DLP, UEBA, and EDR. - Strong analytical and investigative skills, with the ability to communicate findings effectively to technical and non-technical stakeholders. - A high level of integrity and discretion when More ❯

Cybersecurity frameworks for ICS/OT environments NIST SP 800-82 and c, OT Network Communication Protocols (e.g., Ethernet, Modbus, OPC, IEC-101/104 etc.), Information Event Management (SIEM). Key Responsibilities: Designing and implementing technical solutions for asset discovery, OT cyber security, vulnerability assessment tools Define and implement OT-specific security policies and monitoring rules within Nozomi to … detect anomalies, threats and compliance violations. Deploy OT Security (Nozomi)/IDS platform across global sites. Implementation support & reporting for ICS security with help of tools like SIEM More ❯

have a large SOC team that can boast some very high profile clients within the Defence sector. Due to expansion, we have this new role for a Senior SOC SIEM Content Engineer with broad experience of Cyber. If you possess robust technical abilities and are eager to apply your expertise to the fullest extent, this opportunity is ideal for you More ❯