City of London, London, United Kingdom Hybrid / WFH Options
Matchtech
Active SC clearance required Role Overview We are seeking an experienced Splunk Engineer/Security Architect to lead strategic and tactical improvements to the SIEMand associated components across a large-scale hybrid security environment. You'll play a pivotal role in enhancing monitoring capabilities, driving SIEM convergence, and supporting … to a national programme improving the government's ability to detect and respond to cyber threats across multiple portfolios. You'll work alongside the SIEM Product Owner and CSOC teams to define and deliver architectural and engineering enhancements using Splunk SaaS and related technologies. Key Responsibilities Produce and maintain architecture … development aligned with CSOC and MITRE ATT&CK framework Attend and represent the project at key technical forums (ADF, TDA, workshops) Deliver improvements to SIEM architecture, use cases, automation, and data enrichment Improve onboarding processes for directorates and manage onboarding QA Lead integration of SOAR, Attack Analyzer, and other tooling More ❯
Access Control, Cisco, and Palo Alto Implementation & integration of security technologies (MFA Gateway) Use case development and onboarding for Security Incident andEvent Monitoring (SIEM) Maintain software version and patch management for security products CORE SKILLS: EDR, Antivirus, SentinelOne, CyberArk, NAC, Cisco, Palo Alto, MFA gateway. Qualsys, SCCM, M365, SQL More ❯
Access Control, Cisco, and Palo Alto Implementation & integration of security technologies (MFA Gateway) Use case development and onboarding for Security Incident andEvent Monitoring (SIEM) Maintain software version and patch management for security products CORE SKILLS: EDR, Antivirus, SentinelOne, CyberArk, NAC, Cisco, Palo Alto, MFA gateway. Qualsys, SCCM, M365, SQL More ❯
Access Control, Cisco, and Palo Alto Implementation & integration of security technologies (MFA Gateway) Use case development and onboarding for Security Incident andEvent Monitoring (SIEM) Maintain software version and patch management for security products CORE SKILLS: EDR, Antivirus, SentinelOne, CyberArk, NAC, Cisco, Palo Alto, MFA gateway. Qualsys, SCCM, M365, SQL More ❯
SSO, and Privileged Access Management (PAM). • Lead threat monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel, andSIEM platforms. • Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). • Conduct regular security risk assessments, penetration tests, and … Single Sign-On (SSO), and Privileged Access Management (PAM). • Threat Management & Incident Response: Ability to detect, respond to, and mitigate cyber threats using SIEM, endpoint security, and vulnerability management tools. • Networking & Infrastructure Security: Understanding of firewalls, VPNs, SD-WAN, DNS security, endpoint protection, and cloud security controls. • IT Service More ❯
public sector, with an emphasis on cloud security solutions. Experience recommending and implementing security technologies and solutions tailored to UK public sector organizations, including SIEMand threat intelligence platforms. Experience negotiating and securing large, multi-year Cyber security transformation projects within UK public sector entities. Understanding of cyber security principles More ❯
persistent threat and their tactics, procedure and technics. Solid understanding of Enterprise Backend to Frontend system architecture. Familiarity with defender techniques, security monitoring andSIEM tools. Strong ability to analyse and distil complex issues and present succinct updates to managementand associated committees. The ability to create clear documentation relating More ❯
principles, including confidentiality, integrity, and availability. Experience with security tools and technologies, including vulnerability scanners, intrusion detection systems, andsecurityinformationandeventmanagement (SIEM) systems. Excellent communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams. Strong problem-solving and analytical skills, with the ability More ❯
consolidates legacy attempts at visibility and provides first-in-market speed, scale, and performance while reducing the cost of security analytics. Anomali combines ETL, SIEM, XDR, SOAR, and the largest repository of global intelligence in one efficient platform. Protect and drive your business with better productivity and talent retention. Do More ❯
value to Enterprise or Major-level accounts in the cybersecurity industry. Extensive platform selling experience in complex sales with multiple buying centers. Experience selling SIEM, EDR, or CNAPP (DevSecOps, CloudOps) solutions is highly preferred. Established trusted relationships with CIOs and CISOs with the ability to influence and drive strategic conversations More ❯
value to Enterprise or Major-level accounts in the cybersecurity industry. Extensive platform selling experience in complex sales with multiple buying centers. Experience selling SIEM, EDR, or CNAPP (DevSecOps, CloudOps) solutions is highly preferred. Established trusted relationships with CIOs and CISOs with the ability to influence and drive strategic conversations More ❯
on expensive indexing or hot storage. We specialize in comprehensive monitoring of logs, metrics, traces, andsecurity events with features such as APM, RUM, SIEM, Kubernetes monitoring, and more, enhancing operational efficiency and reducing observability spending by up to 70%. We seek a Quality and Support Strategist professional who More ❯
What you’ll be doing: Designing and implementing SOC process automation to eliminate manual overhead in alert triage, response, and reporting Integrating security tooling (SIEM, SOAR, firewalls, etc.) Creating automated playbooks to drive consistency and speed across IR workflows Collaborating with SOC analysts, engineers, and third-party vendors to identify More ❯
london, south east england, united kingdom Hybrid / WFH Options
Provide
What you’ll be doing: Designing and implementing SOC process automation to eliminate manual overhead in alert triage, response, and reporting Integrating security tooling (SIEM, SOAR, firewalls, etc.) Creating automated playbooks to drive consistency and speed across IR workflows Collaborating with SOC analysts, engineers, and third-party vendors to identify More ❯
Proven ability to manage relationships with internal and external stakeholders Experience working in a client-facing role Familiarity with security technologies such as firewalls, SIEM, endpoint protection and threat detection systems. Expertise in project management tools and methodologies (Agile, Waterfall) Strong understanding of cybersecurity best practices and risk management Certification More ❯
Kubernetes, and Helm. Hands-on experience with security practices like vulnerability scanning, encryption, authentication, and secrets management (Vault, Key Management Service). Experience with SIEM platforms (Splunk, Datadog, or equivalent) for monitoring and threat detection. You thrive when working as part of a team, are comfortable in a fast-paced More ❯
related metrics and monitoring/audits Network, VM & container image and system hardening, Cloud issues and misconfigurations Endpoint Security, Infrastructure Identity and Access Management, SIEM, Threat intelligence, common misconfigs (DNS, email, networking, etc.) Organising and performing penetration testing of our infrastructure, and collaborating with external parties on those tests. Picking More ❯
to understand technical capabilities to ensure solutions align with security challenges and business objectives. Technical Requirements: Hands-on experience with security technologies such as SIEM, EDR, SOAR, vulnerability, threat intelligence etc. Experience in pre-sales, solution consulting, or technical advisory roles Proactive mindset and strong customer engagement skills Please apply More ❯
Employment Type: Permanent
Salary: £80000 - £90000/annum car allowance, bonus etc