13 of 13 SIEM Jobs in Hertfordshire

detect threats, identify trends, and deliver actionable security insights. Strong track record in threat detection, incident management, and escalation handling. Hands-on experience managing SIEM and SOAR platforms such as Splunk, Microsoft Sentinel, or Elastic. Skilled in coaching analysts, building high-performing teams, and managing effective shift models. Confident communicator ...

policies, and standards Own vulnerability management, security monitoring, and incident response Ensure compliance with NCSC, PSN, PCI-DSS, GDPR and other national frameworks Manage SIEM, Microsoft security tooling (Sentinel/Defender/E5), identity & access, firewalls, and endpoint protection Advise on secure design for projects and change governance Prepare annual ...

scripting such as Python, Perl, Bash, PowerShell, C++. CREST Practitioner Intrusion Analyst/Blue Teams Level 1 or other SOC related certifications. Experience with SIEM technologies, namely Sentinel and Splunk, with some experience with QRadar. If you are interested in this role but not sure if your skills and experience ...

and documentation Understanding of OSI model and protocols: DNS, HTTP/S, SSL, SMTP, FTP/S, LDAP/S Hands-on experience with SIEM platforms and/or packet capture tools If you thrive in fast-paced, challenging environments and want to make a real impact ...

with live incidents, real attackers, and industry-leading tools — not just alert watching. What you'll be doing Monitoring, triaging & investigating alerts across SIEM/EDR/XDR Analysing attacker behaviour & building incident timelines Escalating incidents with clear technical context Using tools such as Microsoft Sentinel, Google SecOps, Defender ...

provisioning and compliance. Integration knowledge across Microsoft Exchange, M365, VMware and enterprise IT ecosystems. Understanding of Zero Trust architecture, identity threat detection, and SIEM integration. Strong stakeholder management, influencing, and communication skills. Ability to translate complex technical challenges into executive-level decisions and investment cases Our company: Peace ...

understanding of the OSI reference model and common network protocols (DNS, HTTP/S, SSL, SMTP, FTP/S, LDAP/S) Experience with SIEM platforms and/or network packet capture tools Experience in highly regulated or complex environments is highly desirable, e.g., defence, aerospace, or critical national infrastructure ...

Reference Model and network communication protocols including DNS, HTTP/S, SSL, SMTP, FTP/S, and LDAP/S Hands-on experience with SIEM platforms and/or Network Packet Capture tools Eligibility to obtain and maintain UK security clearance This position offers a comprehensive benefits package, which includes ...

will cover analysis, monitoring, reporting, alerting and investigation activity utilising a wide variety of security platforms including AI/ML and behavioural analytics, SIEM (Security Information Event Management), Network Packet Capture platform, Anti Malicious Code, Threat Detection technologies and platforms across the UK Network Perimeter working with the best standard … cause analysis and leading T2 incident investigations Process/Playbook/Runbook development Working knowledge of detection engineering, false positive improvements Capability to tune SIEM rules or create custom detections Scripted automation experience e.g. Python, SOAR, PowerShell Threat modelling and Hunting methodologies ...

rules, dashboards, and reports for our Security Information and Event Management (SIEM) systems. This role requires a strong understanding of security procedures and experience working with SIEM platforms and within an MSSP environments where you may be working across multiple operational customers and projects. Hybrid Variable: Working in Hemel Hempstead … Clearance. What you'll be doing: Develop, deploy, and uphold security content (including rules, dashboards, and reports) for our SIEM system. Continuously monitor and analyse SIEM data to identify and respond to potential security threats. Collaborate with SOC Analysts, Architects, Project Managers & Engineers to improve the precision and efficiency ...

rules, dashboards, and reports for our Security Information and Event Management (SIEM) systems. This role requires a strong understanding of security procedures and experience working with SIEM platforms and within an MSSP environments where you may be working across multiple operational customers and projects. Hybrid Variable: Working in Hemel Hempstead … Clearance. What you'll be doing: Develop, deploy, and uphold security content (including rules, dashboards, and reports) for our SIEM system. Continuously monitor and analyse SIEM data to identify and respond to potential security threats. Collaborate with SOC Analysts, Architects, Project Managers & Engineers to improve the precision and efficiency ...

role will cover analysis, monitoring, reporting, alerting and investigation activity utilising a wide variety of security platforms including AI/ML and behavioural analytics, SIEM (Security Information Event Management), Network Packet Capture platform, Anti Malicious Code, Threat Detection technologies and platforms across the UK Network Perimeter working with the best … cause analysis and leading T2 incident investigations Process/Playbook/Runbook development Working knowledge of detection engineering, false positive improvements Capability to tune SIEM rules or create custom detections Scripted automation experience e.g. Python, SOAR, PowerShell Threat modelling and Hunting methodologies Note, shift patterns applicable. (The shift pattern rotates ...

looking for a Managing Security Engineer (SIEM), you will lead the design, implementation and documentation of security monitoring platforms. You will ensure the right tooling is in place to protect and monitor our clients, working closely with cross-functional teams to assess risk, design security controls and define testing requirements. … . Advanced knowledge of SPL, KQL and EQL, focused on detection quality and noise reduction. Experience with automation and Infrastructure-as-Code in SIEM environments. Deep understanding of SIEM platform operations, including clustering, high availability, disaster recovery, scaling and performance optimisation. Strong problem-solving skills with a proactive approach ...