and Access Management (including RBAC and A/PBAC, permissions management), • Cryptographic techniques and implementations • IT asset managementand tracking • Vulnerability Managementand Patching • SIEM principles, products and supporting logging infrastructure • Containerisation and virtual machine security • Delivering secure solutions against project expectations • Strong awareness of and commitment to industry best More ❯
fast-paced, forward-thinking environment. What you’ll need: 3+ years in complex IT or consultancy environments Knowledge of HMG SPF, ISO27001, identity management, SIEM, PKI, cryptography, and secure frameworks Experience in public sector programmes Bonus: PCiIAA, SABSA, TOGAF, or a master’s/STEM degree If you’re securityMore ❯
fast-paced, forward-thinking environment. What you’ll need: 3+ years in complex IT or consultancy environments Knowledge of HMG SPF, ISO27001, identity management, SIEM, PKI, cryptography, and secure frameworks Experience in public sector programmes Bonus: PCiIAA, SABSA, TOGAF, or a master’s/STEM degree If you’re securityMore ❯
fast-paced, forward-thinking environment. What you’ll need: 3+ years in complex IT or consultancy environments Knowledge of HMG SPF, ISO27001, identity management, SIEM, PKI, cryptography, and secure frameworks Experience in public sector programmes Bonus: PCiIAA, SABSA, TOGAF, or a master’s/STEM degree If you’re securityMore ❯
generation of blockchain security. Responsibilities: Administer cloud infrastructure (AWS, GCP, Azure), Google Workspace, SSO, and SaaS apps. Evaluate, integrate, and manage security tools (e.g., SIEM, endpoint protection). Oversee IT/security vendors and ensure compliance. Support security incident response and investigations. Requirements: IT admin experience, ideally in a startup More ❯
is a great opportunity for an individual to further their security career in a focused environment surrounded by likeminded individuals. The role: Respond to SIEM alerts and action remediations. Perform and report on vulnerability scans. Manage request changes of clients This is a brilliant opportunity for someone with a passion More ❯
Central London, London, United Kingdom Hybrid / WFH Options
Carrington Recruitment Solutions Limited
software development methodologies and practices Ability to Rapid Risk Assessment and Threat Modeling Other technical skills required: Azure Security Monitoring including Application Insights, andSIEM Excellent communication skills to guarantee stakeholder alignment and successful outcomes at all stages of Product delivery and ongoing support. This is a great opportunity andMore ❯
staff. THE ROLE: Design and implement short and long-term strategic plans to ensure IT network Work closely with and monitor logs generated from SIEM & Sophos MTR Configuring, maintaining and implementing intrusion detection systems and firewalls, virtual private networks, web protocols, and email security Create and update all relevant Jira More ❯
Employment Type: Permanent
Salary: £70000 - £80000/annum Progression, Training, Company Benef
staff. THE ROLE: Design and implement short and long-term strategic plans to ensure IT network Work closely with and monitor logs generated from SIEM & Sophos MTR Configuring, maintaining and implementing intrusion detection systems and firewalls, virtual private networks, web protocols, and email security Create and update all relevant Jira More ❯
Employment Type: Permanent
Salary: £80000 - £95000/annum Progression, Training, Company Benef
and digital forensics. A deep understanding of networking, computing, and operating systems as they relate to security practices. Familiarity with blue team tooling (e.g., SIEM, EDR, IDS/IPS, forensic tools) and methodologies (e.g., MITRE ATT&CK framework, log analysis, malware analysis). Proven ability to research and adapt to More ❯
regulatory requirements (e.g., NYDFS, GDPR). Knowledge of insider threat detection and user behavior analytics (UBA). Exposure to security incident andeventmanagement (SIEM) tools. Core Values Love what you do: We show up each day ready to take on the world. Our passion and intensity set us apart More ❯
Systems, Cyber Security, related technical field, or equivalent practical experience. 6 years of experience in a Detection Engineering or related role, working with EDR andSIEM technologies. Experience using multiple operating systems, directory service software, and document, spreadsheet, and presentation software. Experience with detection tuning and creation leveraging various security … tools including SIEM, EDR, or NDR tools. Experience with Security Orchestration and Automated Response (SOAR) platforms. Preferred qualifications: Experience with Search Processing Language (SPL), Kusto Query Language (KQL), YARA-L or similar SIEM query languages. Experience with content engineering inside SIEM platforms (e.g., rule creation, advanced correlation searching, etc.). … issues in customer cyber defense centers and formulate strategies for improvement, plan implementation of improvements, and execute/oversee plans to completion. Create and modify SIEM use cases and detection logic, leveraging cyber threat intelligence, written in technology-specific query language or sigma open signature format. Provide expertise for SIEMMore ❯
City of London, London, United Kingdom Hybrid / WFH Options
Matchtech
Active SC clearance required Role Overview We are seeking an experienced Splunk Engineer/Security Architect to lead strategic and tactical improvements to the SIEMand associated components across a large-scale hybrid security environment. You'll play a pivotal role in enhancing monitoring capabilities, driving SIEM convergence, and supporting … to a national programme improving the government's ability to detect and respond to cyber threats across multiple portfolios. You'll work alongside the SIEM Product Owner and CSOC teams to define and deliver architectural and engineering enhancements using Splunk SaaS and related technologies. Key Responsibilities Produce and maintain architecture … development aligned with CSOC and MITRE ATT&CK framework Attend and represent the project at key technical forums (ADF, TDA, workshops) Deliver improvements to SIEM architecture, use cases, automation, and data enrichment Improve onboarding processes for directorates and manage onboarding QA Lead integration of SOAR, Attack Analyzer, and other tooling More ❯
key meetings such as the ADF, TDAs etc. Represent the project across all technical discussions relating to Splunk, Onboarding, SOAR, Attack Analyzer etc. Essential: SIEM Engineering and Architecture skills, specifically in Splunk SaaS. Full end to end experience of delivery lifecycle experience for improvements to Splunk SaaS. Experience of defining … improvements within Cyber departments, particularly, SIEM improvements within Cyber Security Operations Centre (CSOC) functions that result in an increase in SIEM Maturity Levels. Good communication, reporting, documentation and presentational skills. AWS Infrastructure skills for the configuration of EC2 servers, S3 buckets etc. Desirable: Public Sector experience. Experience with wider SIEM … Security Splunk SOAR Administrator Splunk Certified Cybersecurity Defence Analyst Implementing Microsoft Azure Infrastructure Solutions Developing Windows Azure and Web Services SecurityInformation & EventManagement (SIEM) JIRA/Confluence/Git Desirable qualifications: Certified Information Systems Security Professional (CISSP) Ethical Hacking and Intrusion Prevention Implementing Microsoft Azure Infrastructure Solutions Developing Windows More ❯
Access Control, Cisco, and Palo Alto Implementation & integration of security technologies (MFA Gateway) Use case development and onboarding for Security Incident andEvent Monitoring (SIEM) Maintain software version and patch management for security products CORE SKILLS: EDR, Antivirus, SentinelOne, CyberArk, NAC, Cisco, Palo Alto, MFA gateway. Qualsys, SCCM, M365, SQL More ❯
Access Control, Cisco, and Palo Alto Implementation & integration of security technologies (MFA Gateway) Use case development and onboarding for Security Incident andEvent Monitoring (SIEM) Maintain software version and patch management for security products CORE SKILLS: EDR, Antivirus, SentinelOne, CyberArk, NAC, Cisco, Palo Alto, MFA gateway. Qualsys, SCCM, M365, SQL More ❯
Access Control, Cisco, and Palo Alto Implementation & integration of security technologies (MFA Gateway) Use case development and onboarding for Security Incident andEvent Monitoring (SIEM) Maintain software version and patch management for security products CORE SKILLS: EDR, Antivirus, SentinelOne, CyberArk, NAC, Cisco, Palo Alto, MFA gateway. Qualsys, SCCM, M365, SQL More ❯
SSO, and Privileged Access Management (PAM). Lead threat monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel, andSIEM platforms. Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). Conduct regular security risk assessments, penetration tests, and … Single Sign-On (SSO), and Privileged Access Management (PAM). Threat Management & Incident Response: Ability to detect, respond to, and mitigate cyber threats using SIEM, endpoint security, and vulnerability management tools. Networking & Infrastructure Security: Understanding of firewalls, VPNs, SD-WAN, DNS security, endpoint protection, and cloud security controls. IT Service More ❯
SSO, and Privileged Access Management (PAM). • Lead threat monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel, andSIEM platforms. • Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). • Conduct regular security risk assessments, penetration tests, and … Single Sign-On (SSO), and Privileged Access Management (PAM). • Threat Management & Incident Response: Ability to detect, respond to, and mitigate cyber threats using SIEM, endpoint security, and vulnerability management tools. • Networking & Infrastructure Security: Understanding of firewalls, VPNs, SD-WAN, DNS security, endpoint protection, and cloud security controls. • IT Service More ❯
public sector, with an emphasis on cloud security solutions. Experience recommending and implementing security technologies and solutions tailored to UK public sector organizations, including SIEMand threat intelligence platforms. Experience negotiating and securing large, multi-year Cyber security transformation projects within UK public sector entities. Understanding of cyber security principles More ❯
persistent threat and their tactics, procedure and technics. Solid understanding of Enterprise Backend to Frontend system architecture. Familiarity with defender techniques, security monitoring andSIEM tools. Strong ability to analyse and distil complex issues and present succinct updates to managementand associated committees. The ability to create clear documentation relating More ❯
principles, including confidentiality, integrity, and availability. Experience with security tools and technologies, including vulnerability scanners, intrusion detection systems, andsecurityinformationandeventmanagement (SIEM) systems. Excellent communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams. Strong problem-solving and analytical skills, with the ability More ❯
consolidates legacy attempts at visibility and provides first-in-market speed, scale, and performance while reducing the cost of security analytics. Anomali combines ETL, SIEM, XDR, SOAR, and the largest repository of global intelligence in one efficient platform. Protect and drive your business with better productivity and talent retention. Do More ❯
value to Enterprise or Major-level accounts in the cybersecurity industry. Extensive platform selling experience in complex sales with multiple buying centers. Experience selling SIEM, EDR, or CNAPP (DevSecOps, CloudOps) solutions is highly preferred. Established trusted relationships with CIOs and CISOs with the ability to influence and drive strategic conversations More ❯
value to Enterprise or Major-level accounts in the cybersecurity industry. Extensive platform selling experience in complex sales with multiple buying centers. Experience selling SIEM, EDR, or CNAPP (DevSecOps, CloudOps) solutions is highly preferred. Established trusted relationships with CIOs and CISOs with the ability to influence and drive strategic conversations More ❯