4 of 4 SIEM Jobs in Glasgow

cause analysis and liaise with the customer and the Service Delivery Manager as well and ensuring the actions of the SOC Analysts follow best practice. Security Monitoring: & Investigation: Monitoring SIEM tools to assure high a level of security operations delivery function Oversee and enhance security monitoring systems to detect and analyse potential security incidents. Conduct real-time analysis of security … vulnerabilities, integrating threat intelligence into security monitoring processes. Contribute to the development of threat intelligence feeds to enhance proactive threat detection. Proactively hunt for threats within enterprise environments using SIEM and EDR solutions. Fine-tune SIEM detection rules, correlation alerts, and log sources to reduce false positives. Analyse threat intelligence feeds, map findings to MITRE ATT&CK framework, and provide … mechanisms. Conduct adversary simulation exercises to test and improve detection capabilities. Generate detailed reports on emerging threats, attack trends, and security posture improvements. Monitored and analysed security logs from SIEM platforms to identify suspicious activity. Security Tool Management: Manage and optimise SIEM tools, ensuring they are properly configured and updated to maximize effectiveness. Own the development and implementation of SOC More ❯

attacker techniques and capabilities models; and the various Cyber Kill Chain frameworks. Experience in securing cloud platform. Encryption; Knowledge in threat modelling and ethical hacking. Extensive experience working with SIEM solutions. Basic experience in some scripting languages This role falls inside of IR35 and is hybrid working with the expectation to attend the Glasgow or Milton Keynes office 3 days More ❯

Experience working within an OT environment, preferably for a large, regulated utility. An understanding of how cyber security threats may disrupt electricity transmission systems. Previous experience of Security Monitoring & SIEM tooling to configure and tune security monitoring solutions. Experience in a greenfield role where you produced new tools, processes and training to enhance the maturity of a new team. About More ❯

approaches (Agile and Waterfall) Excellent stakeholder engagement, collaboration, and communication skills Additional experience in one or more of the following areas would be advantageous: Identity & Access Management (IDAM) and SIEM Security controls and compliance with NIS regulations Remote access, software-defined networking, and hyper-converged infrastructure Public sector or utilities industry knowledge At Sword, our core values and culture are More ❯