276 to 300 of 354 SIEM Jobs in England

able to understand and explain how APIs can be used to support advanced customer workflows You have experience working with third-party integrations for IAM/SSO, DLP or SIEM platforms You have strong project management experience and have managed complex projects to completion You have a growth mindset and thrive in the building stage of a nascent team You More ❯

sold or advocated in an OSS context. Bonus Points Prior experience at an open-source or developer centric infrastructure company. Familiarity with observability (logs, metrics, traces) or security analytics (SIEM/XDR) use cases. If you're driven to build your own pipeline, master complex deal cycles, and help customers unlock the power of Search AI, we'd love to More ❯

in-stream analytics without reliance on expensive indexing or hot storage. We specialize in comprehensive monitoring of logs, metrics, trace and security events with features such as APM, RUM, SIEM, Kubernetes monitoring and more, all enhancing operational efficiency and reducing observability spend by up to 70%. Coralogix sits at the cutting edge of observability, and our power in the More ❯

Identify, review, prioritize, plan, coordinate, and follow-up on the remediation of vulnerabilities Configure, customize, tune, manage, troubleshoot, and maintain effective and efficient operation of security technologies, such as SIEM, endpoint security, secure web gateway, CASB, DLP, email security, intrusion detection/prevention systems, etc. This may also include scripting, automation, and orchestration across various platforms Define, document, and follow … The candidate should have a good knowledge of: Endpoint security concepts, controls, and best practices for workstations (e.g. Windows and Mac) and server (e.g. Windows and Linux) operating systems SIEM technology to monitor, analyze, and respond to security events. To develop and implement security policies, managing SIEM systems, and investigating incidents. General IT networking concepts, protocols, standards and network security More ❯

shaping the future of cyber defence for the UK's most critical national systems. Your Impact You will contribute to safeguarding vital national information systems by: Taking ownership of SIEM (Splunk) management to ensure high availability and performance Driving continual improvement in system configurations and overall security posture Leading integration of new log sources, ensuring alignment with Common Information Model … CIM) data structures Managing upgrades to Splunk agents and SIEM platforms to maintain a secure, up-to-date environment Supporting analysts as a subject matter expert in unlocking the full capabilities of Splunk Collaborating with users to design custom use cases that deliver meaningful data insights Understanding and translating complex or conflicting customer requirements into effective solutions Expanding high-level More ❯

maintain secure design patterns and templates. Infrastructure Security (Internal Focus) Deploy and manage security technologies across the telecom backbone, edge, and data centre infrastructure (e.g., firewalls, IDS/IPS, SIEM, PAM, NAC). Collaborate with network and systems teams to secure IP/MPLS transport, SDN platforms, automation tools, and cloud workloads. Monitor and analyse security events and alerts, responding … or network engineering Solid understanding of TCP/IP, routing, firewalls, VPN, and network segmentation principles. Hands-on experience with security tools such as firewalls (Fortinet, Palo Alto, etc.), SIEM/SOAR, IDS/IPS, EDR, or vulnerability scanners. Familiarity with Linux, scripting (Python, Bash), and infrastructure-as-code concepts. Knowledge of secure configuration standards (e.g., CIS benchmarks) and common More ❯

track. Essential Experience Preference given to candidates with MSP background Minimum 2 years proven experience in deploying Microsoft Security Solutions Working knowledge of Microsoft Defender XDR and Microsoft Sentinel SIEM technologies Working knowledge of Microsoft Defender suite including Endpoint Detection and Response Understanding of key Microsoft 365 Cloud Technologies from a threat landscape perspective Essential Certification any one the below … skills Ability to work under pressure Willingness to work flexibly as required Core Technical Skills Deployment and administration of Microsoft security technology solutions including: Microsoft Defender XDR Microsoft Sentinel SIEM Microsoft Defender for Endpoint/Business Azure Firewall Microsoft Defender for Cloud/Cloud Apps Microsoft Defender for Office 365 Deployment and management of Endpoint Detection and Response solutions including … Watchguard Deployment of vulnerability management solutions including Tenable and Qualys Deployment and management of email security solutions Main Tasks and Responsibilities Deployment of core Microsoft technology solutions including XDR, SIEM and Endpoint Detection and Response Deployment of Network Firewalls and Switches ensuring good security posture is implemented in the configuration Undertaking technical vulnerability remediation work using Tenable Providing escalation support More ❯

to Azure. You'll lead threat modelling and threat hunting activities to proactively discover potential compromises, work with external teams on penetration tests and red team engagements and manage SIEM and XDR tooling, establish processes and workflows to support incident response SOC. Location/WFH: You'll join colleagues in the Central London office for two days a week with … have experience of securing web applications, Windows, Active Directory and M365 environments You have a good knowledge of cloud security, GCP or Azure preferred, AWS also considered You have SIEM and EDR/XDR systems including Splunk and CrowdStrike You have a good knowledge of networking principles You are degree educated in Computer Science or closely related discipline You're More ❯

to Azure. You'll lead threat modelling and threat hunting activities to proactively discover potential compromises, work with external teams on penetration tests and red team engagements and manage SIEM and XDR tooling, establish processes and workflows to support incident response SOC. Location/WFH: You'll join colleagues in the Central London office for two days a week with … have experience of securing web applications, Windows, Active Directory and M365 environments You have a good knowledge of cloud security, GCP or Azure preferred, AWS also considered You have SIEM and EDR/XDR systems including Splunk and CrowdStrike You have a good knowledge of networking principles You are degree educated in Computer Science or closely related discipline You're More ❯

role for you. Key Responsibilities Lead security incident response and threat detection efforts, prioritising the protection of customer data and experience Build automated detection and remediation workflows using SOAR, SIEM, and scripting (Python, SQL) Apply deep cloud security knowledge (AWS, Azure) to secure ecommerce, mobile apps, APIs, and in-store systems Collaborate with Fraud and Customer Experience teams to mitigate … response during critical events Key requirements: Proven Experience: 4+ years in Security Operations or Incident Response, ideally in ecommerce, retail, or fintech environments Technical Depth: Hands-on expertise with SIEM, SOAR, EDR, automation tools, Python, SQL, and cloud-native security tooling Cloud Security: Strong knowledge of AWS and Azure, especially services like WAF, Shield, IAM, and API Gateway Forensic Skills … Exciting Purpose-Driven Impact: Your work directly protects customer data, accounts, and transactions-making every wellness journey safer. Cutting-Edge Tools: Leverage a modern stack including AWS, Azure, SOAR, SIEM, EDR, and cloud-native security solutions. Cross-Team Collaboration: Partner with Fraud, Customer Experience, Engineering, and Digital to stop threats before they start. Automation-Led Security: Drive rapid detection and More ❯

by Tier 1 analysts and assess them using a variety of data sources. Apply threat intelligence, including indicators of compromise (IOCs) and TTPs, to analyse alerts and incidents. Utilise SIEM tools (particularly Crowdstrike SIEM) to monitor and assess host, network, and identity data. Tune and reduce false positives, improving SIEM efficiency and alerting accuracy. Lead incident investigations across Windows, macOS … Skills/Must have: 5+ years' recent experience in a Tier 2 or Tier 3 SOC analyst role, ideally within a government or critical infrastructure organisation. Deep experience with SIEM tools such as Crowdstrike, Splunk, and Microsoft Defender. Proven track record designing and implementing SOC use cases and incident response plans. Strong capability in data correlation across disparate sources. Demonstrated More ❯

Support and Infrastructure/Information Systems). Responsibilities cover analysis, monitoring, reporting, alerting, and investigation activities using a variety of security platforms, including AI/ML and behavioural analytics, SIEM (Security Information Event Management), Network Packet Capture, Anti-Malicious Code, and Threat Detection technologies across the UK Network Perimeter. The SOC Analyst reports to the SOC Manager and conducts a … operating procedures (SOPs), and runbooks to support operational readiness. Strong working knowledge of detection engineering, including tuning detection logic and reducing false positives to enhance alert fidelity. Proficiency in SIEM rule tuning and the creation of custom detection use cases aligned with threat models and operational requirements. Solid understanding of threat modelling frameworks and practical application of threat hunting methodologies More ❯

Networks may include on-premises, Azure, and AWS cloud environments, with some monitoring of operational technology systems. The role involves working in a 24/7 shift environment, utilizing SIEM tools to detect and investigate security incidents. Responsibilities Monitor, triage, analyze, and investigate alerts and network traffic to identify cyber threats. Prepare and deliver shift handover briefs. Escalate suspected incidents … as an escalation point. Requirements Technical Basic scripting skills in Python and/or other languages; familiarity with Windows, OS X, Linux. Experience with Splunk, Sentinel, and knowledge of SIEM query languages (SPL, KQL). Splunk configuration, CIM mapping, and API experience. Understanding of threat intelligence, network protocols, and security tools. Certifications in Azure Security and Splunk are desirable. Non More ❯

recruiting team. What You Will Do: Monitor and respond to security alerts across multiple channels, including managed SOC escalations. Maintain visibility and logging infrastructure, ensuring effective SIEM (Security Information and Event Management) operations. Support security audits for PCI, SOC2, ISO, and other compliance frameworks, gathering evidence and collaborating with Engineering, GRC and the broader Security Division. Proactively enhance security operations … security, endpoint security posture (EDR, configuration, and management), GitHub administration best practices, and internal security tooling to strengthen Vercel's overall security framework About You: Extensive experience in security operations, including SIEM management, security logging, and detection engineering. Strong knowledge of AWS infrastructure and cloud security best practices. Experience with GitHub administration and security controls. Proficiency in SQL for data More ❯

develop security operations center dashboards for anomalous activity. Be a subject matter expert (SME) across typical security disciplines, vulnerability, Endpoint Detection and Response (EDR), Security Information and Event Management (SIEM) etc. More ❯

SOC services, including security monitoring, incident detection, analysis, and response. Establish and document processes and workflows. Oversee the development of security tools and technologies like NDR, EDR, Vulnerability Management, SIEM, and SOAR. Collaborate with business owners to identify and reduce cyber threats and vulnerabilities. We're looking for someone who is: Experienced in information security, especially security operations and incident … security operations teams. Strong understanding of cyber security concepts, technologies, and best practices. Effective in managing and communicating with diverse stakeholders, including executives. Experienced with security tools such as SIEM, IDS/IPS, EDR, and vulnerability management. Familiar with working in cloud environments. Exposure to threat modeling. (You don't need to match all the bullet points to be considered More ❯

occasionally lend a hand across IT when needed - so a generalist IT background is helpful too. The environment is Microsoft-focused (Azure, M365, Defender), with Exabeam as the primary SIEM, and you'll play a key part in their journey toward Cyber Essentials Plus certification. The Role Investigate, respond to, and resolve security incidents Shape and improve SIEM monitoring and … in IT Security Engineering or a related technical field Proven hands-on experience with: Microsoft 365 & Azure Security (Defender, Entra ID, Conditional Access) Networking fundamentals (Cisco Meraki, VPNs, segmentation) SIEM (ideally Exabeam) Endpoint security and EDR/XDR Background in general IT or infrastructure support Excellent communication skills, patient and clear with non-IT users Proactive and self-starting mindset More ❯

the tools needed to scale our detection and response capabilities across all threats to our Studio and gaming environments. What you'll be doing: Build security automations, logging, and SIEM detections to improve efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline operations, including incident response, threat hunting, cyber threat intelligence, and vulnerability … with analysts to identify repetitive tasks and automate them to improve operational efficiency. Work with Threat Intelligence, Incident Response, and Attack Surface Management teams to build and tune robust SIEM detections for proactive and reactive response actions. Continuously evaluate automation solutions for performance, reliability, and scalability, making improvements as necessary. Partner with third-party vendors and service providers to leverage … looking for: At least 3 years of experience in cybersecurity in a security operations or security software development role. Solid understanding of security operations, automation processes, detection engineering, and SIEM management. Experience with cloud security tools and platforms (e.g., Azure, AWS, Google Cloud) and their integration into SOC operations. Experience contributing to large-scale, sprint-based security automation and detection More ❯

that we need to scale our detection and response capability across all threats to our Studio and gaming environments. What you'll be doing: Build security automations, logging, and SIEM detections to improve the efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline operations, including incident response, threat hunting, cyber threat intelligence and … Collaborate with analysts to identify repetitive tasks and automate them to improve operational efficiency. Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions. Continuously evaluate automation solutions for performance, reliability, and scalability, making improvements, as necessary. Collaborate with third-party vendors and service providers to … with at least 3 years in a technical role in security operations and/or security software development. Solid understanding of security operations, automations standard processes, detection engineering and SIEM management. Experience with cloud security tools and platforms (e.g. Azure, AWS Google Cloud) and their integration into SOC operations. Experience contributing to large-scale, sprint-based, security automation and detection More ❯

devices, LAN/WAN, B2B connections, remote access, load balancing, Wi-Fi, and network performance tools. IT Security Management: Manage IT security systems, including next-generation firewalls, IPS, SIEM tools, endpoint security, and other devices/services. Respond to and analyze security incidents, deploying patches and mitigating vulnerabilities promptly. Security Incident Response: Identify and respond to external and internal threats … Cisco Nexus network infrastructure, STP, trunking, and Ether/Port channeling. Cyber Security Acumen: Strong track record in cyber security, with experience using tools like Qualys Vulnerability Management and SIEM tools to detect and mitigate security threats. Reasonable Adjustments: Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and More ❯

integrity of core systems and platforms. You will work closely with the SOC Manager across daily activities of the Security Operations Center, continuously monitoring security alerts and incidents using SIEM tools (Splunk) to create detection use cases, analyse security event data for proactive threat hunting and conduct research on the latest threats and vulnerabilities to enhance incident response readiness and … About you: You are degree educated in Cyber Security or Computer Science You have strong experience in Security Operations and Incident Response You have experience of performing analysis with SIEM technologies, Splunk preferred You have experience with proactive threat hunting using MITRE ATT&CK or similar frameworks You have a deep understanding of security appliances/tools such as host More ❯

internal team, and manage relationships with 3rd party vendors including the SOC providers Build and embed incident response plans, playbooks, and operational standards for the function Drive maturity across SIEM, SOAR and security tooling, ensuring alignment with the latest threat landscape Provide cyber security leadership across new and existing technology programmes Lead response to major incidents, and provide guidance to … in cyber security leadership roles (10–15 years total, with 5+ in senior management) Proven ability to build security operations capability in a global organisation. Strong technical knowledge across SIEM, SOAR, CASB, DLP, endpoint protection, cloud security, firewalls, etc. Prior hands-on experience in security engineering or architecture is highly desirable Exceptional knowledge of global compliance frameworks (NIST, ISO More ❯

internal team, and manage relationships with 3rd party vendors including the SOC providers Build and embed incident response plans, playbooks, and operational standards for the function Drive maturity across SIEM, SOAR and security tooling, ensuring alignment with the latest threat landscape Provide cyber security leadership across new and existing technology programmes Lead response to major incidents, and provide guidance to … in cyber security leadership roles (10–15 years total, with 5+ in senior management) Proven ability to build security operations capability in a global organisation. Strong technical knowledge across SIEM, SOAR, CASB, DLP, endpoint protection, cloud security, firewalls, etc. Prior hands-on experience in security engineering or architecture is highly desirable Exceptional knowledge of global compliance frameworks (NIST, ISO More ❯

areas of the business, ensuring our infrastructure, applications, and data remain secure and compliant with relevant frameworks and standards. Key Responsibilities Monitor and analyse security events and alerts using SIEM and other security tools Conduct triage of security incidents and escalate as appropriate Collaborate with the SOC and internal teams to respond to and resolve security events Drive vulnerability remediation … cyber incident response What We're Looking For Experience in a Cyber Security Analyst role or similar Solid understanding of cyber security principles and industry best practices Experience with SIEM tools, log analysis, and vulnerability management Understanding of cloud, network, and endpoint security concepts Strong analytical skills and attention to detail Excellent communication and documentation skills Your Benefits We have More ❯

areas of the business, ensuring our infrastructure, applications, and data remain secure and compliant with relevant frameworks and standards. Key Responsibilities Monitor and analyse security events and alerts using SIEM and other security tools Conduct triage of security incidents and escalate as appropriate Collaborate with the SOC and internal teams to respond to and resolve security events Drive vulnerability remediation … cyber incident response What We're Looking For Experience in a Cyber Security Analyst role or similar Solid understanding of cyber security principles and industry best practices Experience with SIEM tools, log analysis, and vulnerability management Understanding of cloud, network, and endpoint security concepts Strong analytical skills and attention to detail Excellent communication and documentation skills Your Benefits We have More ❯