301 to 325 of 356 SIEM Jobs in England

clients. This Junior SOC Analyst role will be an integral member of the Security Operation Centre. They will help identify and analyse potential threats utilising a number of different SIEM & EDR tools. To be a key member of Security Operations Centre (SOC) and provide real-time threat analysis and detection. Respond to system generated alerts, analyse logs and traffic patterns. … years UK residency) 1-3 years' experience as a Security/Network Administrator orequivalent Bachelor's degree in a related field or equivalent experience and knowledge Experience working with SIEM systems Industry standard certifications such as: CompTIA Security+, CompTIA Network+, CompTIA CySa+, Cisco CCNA, EC-Council CEH, and/or relevant specialized degree in Cyber Forensics or Computer Science. Kroll More ❯

VPN, LAN/WAN, VLAN, 802.1X, SSL, and related protocols. OT Security: Strong knowledge of securing operational technology environments, addressing unique threats and vulnerabilities in ICS/SCADA systems. SIEM : Strong understanding of SIEM technologies for log management, log analysis, and event correlation. Authentication & Access Control: Proficient in 802.1x, RADIUS, LDAP, AD, smart cards, and other authentication mechanisms. Security Tools More ❯

person IT Security team, reporting to the IT Security Officer, to implement and maintain robust security across their infrastructure. Key responsibilities include managing WAF/DDoS, security gateways, SIEM/SOAR/EDR, firewalls, MFA/SSO, MDM/MAM, vulnerability scans, and incident response. Key Responsibilities: Manage WAF/DDoS, web/email security gateways, SIEM/SOAR/ More ❯

person IT Security team, reporting to the IT Security Officer, to implement and maintain robust security across their infrastructure. Key responsibilities include managing WAF/DDoS, security gateways, SIEM/SOAR/EDR, firewalls, MFA/SSO, MDM/MAM, vulnerability scans, and incident response. Key Responsibilities: Manage WAF/DDoS, web/email security gateways, SIEM/SOAR/ More ❯

person IT Security team, reporting to the IT Security Officer, to implement and maintain robust security across their infrastructure. Key responsibilities include managing WAF/DDoS, security gateways, SIEM/SOAR/EDR, firewalls, MFA/SSO, MDM/MAM, vulnerability scans, and incident response. Key Responsibilities: Manage WAF/DDoS, web/email security gateways, SIEM/SOAR/ More ❯

reviews on tickets to ensure accuracy, completeness, and adherence to IR procedures. Lead shift handovers, ensuring continuity and communication across regions. Incident Response Monitor and triage security alerts using SIEM, EDR, and NDR platforms. Perform in-depth investigations into potential threats, applying TTP-based analysis and leveraging internal tools. Collaborate with business units and technical teams during incident response to …/or 5+ years of experience in a cybersecurity analyst role, with at least 2 years in a lead or senior-level capacity . Proven hands-on experience with SIEM, EDR, NDR, and DFIR toolsets. In-depth understanding of attacker TTPs (MITRE ATT&CK) and strong investigative mindset. Experience responding to incidents in cloud environments (AWS, Azure, GCP). Excellent More ❯

our cybersecurity operations-monitoring threats, investigating incidents, and safeguarding critical systems. ?? Key Responsibilities Operate within a Security Operations Centre (SOC) or equivalent environment Monitor and respond to incidents using SIEM platforms Conduct system log analysis and threat detection Assist in vulnerability assessments and management Support incident resolution and reporting ?? Required Skills & Experience At least 2 years' experience in a dedicated … Security Analyst role Hands-on experience with: SOC operations SIEM tools Vulnerability management Incident response and investigation Log and event analysis ?? Preferred Qualifications Industry certifications such as CompTIA Security+ or equivalent (desirable) Practical experience preferred over formal education ?? Security Clearance Requirements UK Nationals only Current SC clearance required DV preferred - or must be DV-eligible (as DV clearance will be More ❯

SOC analysts Provide mentorship and guidance to other SOC analysts regarding technologies Engage in knowledge sharing with other analysts Providing major component infrastructure support Conduct Health Checks for non-SIEM technologies Dealing with infrastructure or enterprise failures or reconfigurations Opening and following up on tickets with 3rd party vendors Maintain current knowledge on industry issues/trends and competitive products … Minimum 3 years' experience in IT security field Extensive experience on Firewall platforms Have experience in security/operational network architecture design Must have proficient knowledge and experience with SIEM technologies Strong troubleshooting, reasoning and problem-solving skills Networking - VLAN, WAN, LAN, Routers, Switches, Access Points, Firewalls, IPS, VPN etc. Excellent communications skills Exceptional Time Management and organizational skills Ability More ❯

efforts Ensure compliance with international cybersecurity standards and regulatory requirements What We’re Looking For A proactive and driven leader with deep technical cybersecurity expertise Proven experience managing SOC, SIEM, and SOAR operations In-depth knowledge of NIST CSF, ISO 27001, and GDPR Strong experience in cybersecurity incident management Bachelor’s degree in Cybersecurity, Computer Science, IT, or related field … years of professional experience in cybersecurity, including leadership roles Hands-on knowledge of next-gen security solutions: SIEM, CASB, CSPM, DLP, firewalls, IPP, IPS, endpoint protection, and cloud security Recognised certifications such as CISSP, CISM, or CISA Why Join Us Work at the heart of a globally renowned luxury group Be part of a cutting-edge, fast-paced security environment More ❯

efforts Ensure compliance with international cybersecurity standards and regulatory requirements What We’re Looking For A proactive and driven leader with deep technical cybersecurity expertise Proven experience managing SOC, SIEM, and SOAR operations In-depth knowledge of NIST CSF, ISO 27001, and GDPR Strong experience in cybersecurity incident management Bachelor’s degree in Cybersecurity, Computer Science, IT, or related field … years of professional experience in cybersecurity, including leadership roles Hands-on knowledge of next-gen security solutions: SIEM, CASB, CSPM, DLP, firewalls, IPP, IPS, endpoint protection, and cloud security Recognised certifications such as CISSP, CISM, or CISA Why Join Us Work at the heart of a globally renowned luxury group Be part of a cutting-edge, fast-paced security environment More ❯

Rate: £465 per day inside IR35 Start Date: ASAP What's the role? This is a technically diverse Security Analyst position covering areas like: Vulnerability management (Tenable.io or equivalent) SIEM monitoring (Elastic preferred) and log analysis Incident detection, triage, and escalation (CrowdStrike or similar EDR) Compliance audits (ISO27001, STIGs) Infrastructure hardening and security baseline validation Some threat hunting and forensic … Who are we looking for? Ideal candidates will bring: At least 2 years' experience in a Security Analyst or SOC-type role Strong understanding of vulnerability management, EDR/SIEM alert triage, and incident response Experience with compliance frameworks (ISO 27001, NIST, etc.) A working knowledge of VMware, AD, Windows Server, Linux Comfort handling multiple tools - Elastic, Tenable, CrowdStrike (or More ❯

and response functions. Responsibilities: * Conducting escalated triage and analysis on security events identified by Tier 1 Analysts, determining threat severity and advising on initial response actions. * Applying expertise in SIEM solutions utilizing Kusto Query Language (KQL), to perform log analysis, event correlation, and thorough documentation of security incidents. * Identifying and escalating critical threats to Tier 3 Analysts with detailed analysis … threat response times. .* Coordinating with Tier 3 Analysts and management to refine detection and response workflows, contributing to continuous SOC maturity. * Collaborating with Tier 3 Analysts on tuning SIEM and detection tools to reduce false positives and improve alert fidelity, submitting tuning requests and testing configurations when necessary. * Identifying gaps in current detection content and working with Senior Analysts … network protocols, and how traffic flows within a network. * Advanced knowledge of Windows and Linux operating environments, including standard commands, file systems, and user authentication mechanisms. * Competence in using SIEM solutions (e.g., ArcSight, Azure Sentinel) for monitoring and log analysis; some exposure to additional analysis tools such as basic XDR platforms. * Able to demonstrate proficient knowledge using Kusto Query Language More ❯

a strong customer-first mindset. 4+ years of experience as a Support Engineer, demonstrating a strong customer-centric approach. Previous experience with Endpoint Security software is required. In-depth SIEM experience, including: A deep understanding of how SIEMs work Experience creating custom collections and data parsing Proficiency in creating complex correlation rules, reports, and dashboards Experience with SIEM integration and More ❯

nights (6pm6am), 4 days off . Essential Skills and Experience: Proven experience in a Security Operations Centre (SOC) environment Previous people management or line management experience Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk Knowledge and use of the Mitre Att&ck Framework for detection and threat analysis In-depth understanding of: Client-server applications and multi-tier … Active DV Clearance Scripting or programming with Python , Perl , Bash , PowerShell , or C++ Recognised certifications such as CREST Practitioner Intrusion Analyst or Blue Team Level 1 Familiarity with additional SIEM technologies, especially QRadar Role & Responsibilities As a SOC Shift Lead , you will ensure the smooth operation and continual enhancement of SOC processes and personnel. You will play a pivotal role More ❯

strong expertise in Microsoft Sentinel and LogRhythm to join our Security Operations Center team. The ideal candidate will be responsible for monitoring, analyzing, and responding to security incidents, optimizing SIEM configurations, and contributing to threat detection and response strategies. This role requires hands-on experience with both platforms and a deep understanding of cybersecurity principles and incident management. Key Responsibilities … Sentinel and LogRhythm . Analyze logs, network traffic, and other data sources to detect threats and suspicious activities. Develop and tune detection rules, analytics, and alerting logic in both SIEM platforms. Collaborate with incident response teams to contain and remediate security incidents. Create dashboards, workbooks, and reports for stakeholders. Perform threat hunting activities and support continuous improvement of SOC processes. … Maintain and enhance use cases, playbooks, and automation (e.g., with Logic Apps or SOAR). Ensure SIEM solutions are properly integrated with data sources (e.g., firewalls, endpoints, cloud services). Support compliance and audit efforts through effective logging and reporting. Provide subject matter expertise for Sentinel and LogRhythm configuration, maintenance, and optimization. Requirements: Technical Skills: Proven experience with Microsoft Sentinel More ❯

Requirements Knowledge: A demonstrablenetworking background - experience in system administration. Knowledge of big datatechnologies and ecosystems (e.g. Apache NiFi). Knowledge of currentmarket and emerging tools in data analytical and SIEM platforms. Knowledgeof network security implementations (e.g., IDS, IPS, EDR), including theirfunction and placement in an enterprise network. Knowledgeof intrusion detection systems and signature development. Knowledge of front-endcollection systems, including … have experience withEnterprise ICS/network architectures and technologies. Must-have experience withframeworks and technologies that support data-intensive distributedapplications. Must-have experience withmaintaining and administrating data analytical and SIEM platforms such asElastic. Must-have experience with problemsolving and analytical skills and able to collect information, analyse, report,and advise on evidence-based changes. Skillto apply cybersecurityand privacy principles to More ❯

Job Title: SIEM Architect Location: Wokingham Hybrid - 3 days onsite per week Clearance: Active SC Clearance is essential Rate: £550 per day - PAYE via Umbrella Only Key Responsibilities: SIEM Engineering and Architecture skills, specifically in Splunk SaaS. End to end experience of the delivery lifecycle experience for improvements. Splunk SaaS experience and expertise as a lead architect and/or … engineer Experience of defining improvements within Cyber departments, particularly, SIEM improvements within Cyber Security Operations Centre (CSOC) functions that result in an increase in SIEM Maturity Levels. Experience of the lifecycle of SIEM delivery, including convergence from other SIEMs. More ❯

remain at the required security posture against baseline requirements Develop and document system security baselines. Work with the Protective Monitoring engineering team to ensure logs are forward to the SIEM capability Work with the customer and appropriate agencies to develop new policies, design processes, and procedures, and develop technical designs Assess system vulnerabilities, implement risk mitigation strategies, validate secure systems … Endpoint Security Products Working knowledge of the accreditation process for secure/sensitive systems Experience in producing/updating Design artefacts Understanding of the implementation, operation and maintenance of SIEM products Understanding of network and boundary protection technologies (firewalls, mail gateways, load balancers, anti-virus) Understanding of authentication and authorisation technologies (SAML, LDAP, PKI, etc) Understanding of security infrastructure in More ❯

Operations Centre (CSOC) with threat monitoring, incident response, and proactive threat hunting. Monitor infrastructure security alerts, analyse incidents, and recommend remediation actions. Maintain and improve threat detection tools including SIEM systems. Support the creation of security documentation and standard operating procedures. Contribute to security awareness and user education activities. Experience & Skills Required: Hands-on experience working in a cyber security … function within a large or complex organisation. Strong familiarity with SIEM tools, incident response, threat analysis, and cyber remediation processes. Understanding of relevant frameworks and standards (e.g., ISO 27001, NCSC Cyber Assessment Framework). Experience supporting audits, risk assessments, and maintaining security documentation. Confident in analysing logs, interpreting alerts, and contributing to incident reports. Industry-recognised certifications such as CompTIA More ❯

development of detection, automation, and reporting tools. Key Responsibilities: Lead and support incident response (IR) and investigation of security threats across a complex enterprise estate. Manage, tune, and develop SIEM and EDR technologies to enhance threat detection and response capabilities. Implement and refine playbooks , automations , and alerting rules in collaboration with security partners. Contribute to threat hunting and proactive detection … actionable reporting and metrics for stakeholders, including executive leadership. Desired Experience: Proven experience working in or alongside a 24/7 Security Operations Centre . Strong technical exposure to SIEM (ideally Splunk), EDR (CrowdStrike preferred), and SOAR tools. Expertise in incident handling , threat analysis , and digital forensics . Scripting or automation experience (Python, PowerShell, etc.) is highly beneficial. Knowledge of More ❯

in real time. - Drive efforts to automate and accelerate the detection and response processes. - Ensure integration of input from the deployed suite of security tools to SOC systems (e.g. SIEM/SOAR), including, but not limited to, IDS/IPS, End Point Protection, MDR/XDR, PAM, MFA, DNS Security, and cloud security posture management. Required Skills/Experience: - 8+ … process, and architecture - Experience working with cloud security technologies (AWS, Azure DevOps, Kubernetes, GCP, etc) including cloud log analysis, monitoring, detection, and incident response. - Experience with SOC use of SIEM, SOAR, IDS/IPS, DLP, and Endpoint security. Senior SOC Engineer/SOC Technical Lead (Incident Response) In accordance with the Employment Agencies and Employment Businesses Regulations 2003, this position More ❯

Kill Chain, Threat Modelling, Diamond Model). Conduct forensic investigations on systems, networks, and endpoints. Refine threat hunting and threat intelligence capabilities. Support and mature security monitoring use cases (SIEM, packet inspection, IOCs). Coordinate cross-functional security incident response with SOC, Threat Intelligence, and Red/Blue teams. Engage with technical and business teams on cyber risk reduction strategies. … based artifacts). Strong understanding of security monitoring frameworks (MITRE ATT&CK, NIST, etc.). Experience working in financial services or a regulated environment preferred. Hands-on experience with SIEM tools, network forensics, and endpoint detection. Knowledge of CIS benchmarks, cloud security, IAM, DLP, and vulnerability management. Familiarity with Windows, Linux/Unix, networking, and virtualisation (VMware). Certifications (preferred More ❯

operational strategy Compensation $100,000 - $115,000 depending on experience and skillset What You'll Be Doing Leading incident response and managing containment, analysis, and resolution Monitoring security systems (SIEM, EDR, threat intel) to identify and respond to threats Conducting vulnerability assessments and supporting remediation for financial systems Ensuring compliance with GLBA, PCI, FFIEC, and other regulatory frameworks Supporting risk … risk, and audit teams What You'll Need to be Considered 3-5+ years of relevant experience Prior experience in financial services, banking, or fintech cybersecurity Expertise with SIEM, EDR, NGFW, and vulnerability management tools Familiarity with scripting (Python, PowerShell) for automation and threat detection Experience conducting third-party risk reviews and regulatory reporting ITAC Solutions firstName lastName Email More ❯

policies and processes Co-ordination of security audits and management of outcomes Attend routine board meetings to overview current and future information security developments Manage and enhance the corporate SIEM solution to ensure the estate is being monitored for threats and vulnerabilities. Ensuring the system remains fit for purpose for future threats and estate changes Co-ordination of penetration testing … on potential threats or patterns Respond to security related enquiries Ideal Technical Knowledge: CISSP qualification Networking (prefer Cisco) Active Directory Virtualisation Platforms (prefer VMWARE) AV/EDR/XDR SIEM (preference AlienVault) Email Security (Prefer Mimecast) Vulnerability Management (prefer Nessus) Please apply to hear more More ❯

increased cyber threats and compliant to industry standards. This role covers information protection, including data loss protection and data classification, and threat protection, including security information and event management (SIEM), user and entity behaviour analytics (UEBA), point products like anti-virus (AV) and intrusion detection system/intrusion prevention system (IDS/IPS) and penetration testing. The Service Delivery team … preferred. Compliance knowledge required in ISO27001, PCI and GDPR. Possibly a certified ethical hacker Knowledge of Security technologies is essential, such as network appliances, firewall administration, AD, IAM, PAM, SIEM, UEBA, AV, IDS/IPS and MDM solutions Understanding of common frameworks, such as ITIL or LEAN is preferred Good exposure of user environment management, including desktops/laptops, profile More ❯