1 to 25 of 112 SIEM Jobs in the Midlands

Role Responsibilities Key responsibilities for this role may include: Incident Detection & Response: Lead the triage, investigation, and classification of security events using SIEM and other tooling Take ownership of end-to-end handling of medium to high-severity incidents, coordinating containment and remediation efforts Maintain detailed incident records, including timelines, impact assessments, root cause analysis, and mitigation steps Act as … staff in interpreting threat data and logs during investigations Security Monitoring and Detection Engineering: Conduct continuous security monitoring of network traffic, endpoints, and critical systems Proactively tune and improve SIEM rules, alerts, and correlation logic to reduce false positives and increase detection fidelity Support onboarding of new data sources into SIEM and help define parsing, enrichment, and correlation logic Lead … experience in a SOC or similar security operations role, with demonstrable exposure to incident response, security monitoring, or threat analysis Experience handling real-world security incidents and working with SIEM, EDR, or vulnerability management tools Candidates with strong practical experience through labs, home projects, certifications, or internships may also be considered if they can demonstrate applied knowledge at a Tier More ❯

and liaise with the custiomer and the Service Delivery Manager as well and ensuring the actions of the SOC Analysts follow best practice. Job Duties Security Monitoring: & Investigation: Monitoring SIEM tools to assure high a level of security operations delivery function Oversee and enhance security monitoring systems to detect and analyse potential security incidents. Conduct real-time analysis of security … vulnerabilities, integrating threat intelligence into security monitoring processes. Contribute to the development of threat intelligence feeds to enhance proactive threat detection. Proactively hunt for threats within enterprise environments using SIEM and EDR solutions. Fine-tune SIEM detection rules, correlation alerts, and log sources to reduce false positives. Analyse threat intelligence feeds, map findings to MITRE ATT&CK framework, and provide … mechanisms. Conduct adversary simulation exercises to test and improve detection capabilities. Generate detailed reports on emerging threats, attack trends, and security posture improvements. Monitored and analysed security logs from SIEM platforms to identify suspicious activity. Security Tool Management: Manage and optimise SIEM tools, ensuring they are properly configured and updated to maximize effectiveness. Own the development and implementation of SOC More ❯

and liaise with the custiomer and the Service Delivery Manager as well and ensuring the actions of the SOC Analysts follow best practice. Job Duties Security Monitoring: & Investigation: Monitoring SIEM tools to assure high a level of security operations delivery function Oversee and enhance security monitoring systems to detect and analyse potential security incidents. Conduct real-time analysis of security … vulnerabilities, integrating threat intelligence into security monitoring processes. Contribute to the development of threat intelligence feeds to enhance proactive threat detection. Proactively hunt for threats within enterprise environments using SIEM and EDR solutions. Fine-tune SIEM detection rules, correlation alerts, and log sources to reduce false positives. Analyse threat intelligence feeds, map findings to MITRE ATT&CK framework, and provide … mechanisms. Conduct adversary simulation exercises to test and improve detection capabilities. Generate detailed reports on emerging threats, attack trends, and security posture improvements. Monitored and analysed security logs from SIEM platforms to identify suspicious activity. Security Tool Management: Manage and optimise SIEM tools, ensuring they are properly configured and updated to maximize effectiveness. Own the development and implementation of SOC More ❯

and alerts associated with cyber threats, intrusions, and compromises alongside a team of global security analysts following documented SLOs and processes. Analyze events using security tooling and logging (e.g., SIEM, EDR) and assess potential risk/severity level of cyber threats; escalate higher-risk events to dedicated incident response and management teams in the CFC according to established processes. Collaborate … Cloud Infrastructure (AWS, Azure, GCP), and Security Technologies (Anti-Virus, Intrusion Prevention, Web Application Firewalls) Interest in developing knowledge across common Incident Response and Security Monitoring applications such as SIEM (e.g., Qradar, Splunk), EDR (e.g., FireEye HX, CrowdStrike Falcon, Microsoft Defender), and SOAR (Palo Alto XSOAR, Google Secops/Chronicle) Desire to build technical skills and hands-on knowledge in … and reverse engineering In-depth knowledge of network and host security technologies and products (such as firewalls, network IDS, scanners) and improve these skills Security monitoring technologies, such as SIEM, IPS/IDS, UEBA, DLP, among others Scripting and automation Additional Information Benefits package includes: Flexible work environment, working hybrid or in the office if you prefer. Great compensation package More ❯

criteria. Industry-recognized certifications such as CISSP, CISM, CompTIA Security+, CEH, or vendor-specific credentials (e.g., AWS Security, Microsoft SC-200). Experience with security tools and platforms (e.g., SIEM, DLP, vulnerability scanners). Familiarity with regulatory and compliance frameworks (e.g., ISO 27001, NIST, GDPR). Our benefits Boots Retirement Savings Plan Discretionary annual bonus Generous employee discounts Enhanced maternity More ❯

hands-on' shift-based roles, working as part of a 24/7 operation working in a standard rotation shift pattern. They are responsible for utilising the SOC's SIEM and SOAR toolsets to detect and investigate potential Security and Service Incidents occurring within the monitored networks. Main Duties Monitor, triage, analyse and investigate alerts, log data and network traffic … skills. Strong analytical skills Must have expertise on TCP/IP network traffic and event log analysis. Must have knowledge and hands-on experience of Microsoft Sentinel (or any SIEM tool). Must have administrative skills in several operating systems, such as Windows, OS X, and Linux Must be proficient in basic shell scripting, creating Snort rules, or other log More ❯

such as ISO 27001 and NIST CSF. Cybersecurity certifications like Security+, CSA, SC-900, CC, CySA+, GSEC are beneficial but not mandatory. Familiarity with tools like Zscaler, Mimecast, CrowdStrike, SIEM, Cisco, Microsoft Defender, Azure, AWS, Cloudflare, Jamf. About The Company Wren Kitchens is passionate about both kitchens and our people! We have achieved milestones like opening over 100 showrooms, launching More ❯

L2) will determine whether a security event qualifies as an incident and coordinate with the customer's IT and Security teams for resolution. Main Duties Security Monitoring & Investigation: Monitor SIEM tools to ensure high-level security operations. Oversee and enhance security monitoring systems to detect and analyze potential security incidents. Conduct real-time analysis of security events and escalate as … Threat Intelligence: Stay updated on cybersecurity threats and vulnerabilities, integrating threat intelligence into monitoring processes. Contribute to threat intelligence feeds for proactive detection. Security Tool Management: Manage and optimize SIEM tools, ensuring proper configuration and updates. Develop and implement SOC Use Cases. Evaluate new security technologies and recommend improvements. Collaboration: Work with IT, legal, and management teams on security incidents … patterns of 4 days on, 4 days off. Ability to obtain or hold SC Clearance. Good understanding of Incident Response approaches. Hands-on knowledge of Microsoft Sentinel or similar SIEM tools. Strong verbal and written English communication skills. Interpersonal and presentation skills. Strong analytical skills. Understanding network traffic flows, normal vs. suspicious activities. Knowledge of Vulnerability Scanning, Management, and Ethical More ❯

a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response via SOC and MSSPs. Manage security tools like SIEM and endpoint protection. Lead incident response and post-incident analysis. Enforce policies for data privacy (GDPR & NIST). Conduct regular security audits. Manage vendor relationships and negotiate contracts. Report service More ❯

a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response via SOC and MSSPs. Manage security tools like SIEM and endpoint protection. Lead incident response and post-incident analysis. Enforce policies for data privacy (GDPR & NIST). Conduct regular security audits. Manage vendor relationships and negotiate contracts. Report service More ❯

DBS check. Flexibility to work occasional weekends and out of hours. Desirable Criteria: ITIL Foundation Level or above. ISO:27001 Implementor, Auditor, or other security-related certification. Experience with SIEM tools, vulnerability management, or scripting (e.g., PowerShell, Python). Microsoft Azure Security Engineer Associate. Certifications such as CompTIA Security+, Network+, Linux+, Data+, DataSys+. Full UK Driving Licence. The Company The More ❯

satisfactory DBS check. Flexibility to work occasional weekends and out-of-hours. Desirable Criteria: ITIL Foundation Level or above. ISO:27001 Implementor, Auditor, or related security certification. Experience with SIEM tools, vulnerability management, scripting (PowerShell, Python). Microsoft Azure Security Engineer Associate certification. Additional certifications: Security+, Network+, Linux+, Data+, DataSys+. Full UK Driving Licence. The Company: The Best Connection, established More ❯

Ideal Candidate Profile Expert in Azure cloud security services (Defender for Cloud, Azure Sentinel, Key Vault, APIM) Strong advocate of Zero Trust models and secure development practices Experienced in SIEM & SOAR, ideally with tools like Rapid7 Excellent communicator with the ability to influence at all levels Passionate about cloud innovation and continuous security improvement Microsoft Azure Security Engineer Associate or More ❯

role: This is a dynamic and impactful role that offers technical depth, cross-functional collaboration, and the chance to shape Cadent's cyber resilience. Technical Challenge - Work with advanced SIEM, SOAR, and threat detection tools across IT and OT environments. Strategic Contribution - Influence the development of new controls and support the delivery of Cadent's cyber security strategy. Cross-Team … Cyber Security, IT, or related field, with certifications such as CEH, CompTIA Sec+, or equivalent. Experience in cyber security engineering across IT and OT environments. Technical Expertise - Proficiency with SIEM and SOAR platforms, log analysis, threat modelling, and integration of security tools. Problem-Solving Skills - Ability to engineer solutions for complex security challenges, including unpatchable vulnerabilities. Communication & Collaboration - Strong interpersonal More ❯

perfect opportunity to transition into security and gain hands-on experience with cutting-edge technology. Gain hands on experience: - Virtual job fairs Threat Detection & Response – Monitor security alerts using SIEM platforms (Splunk, Sentinel, QRadar etc.) and act fast to counter potential threats. Incident Investigation – Analyse security incidents, conduct forensic investigations, and support remediation efforts. Vulnerability Management – Identify, assess, and report More ❯

role: This is a dynamic and impactful role that offers technical depth, cross-functional collaboration, and the chance to shape Cadent’s cyber resilience. Technical Challenge – Work with advanced SIEM, SOAR, and threat detection tools across IT and OT environments. Strategic Contribution – Influence the development of new controls and support the delivery of Cadent’s cyber security strategy. Cross-Team … Cyber Security, IT, or related field, with certifications such as CEH, CompTIA Sec+, or equivalent. Experience in cyber security engineering across IT and OT environments. Technical Expertise – Proficiency with SIEM and SOAR platforms, log analysis, threat modelling, and integration of security tools. Problem-Solving Skills – Ability to engineer solutions for complex security challenges, including unpatchable vulnerabilities. Communication & Collaboration – Strong interpersonal More ❯

the applicant to work 12-hour shifts (7am/7pm) on a 4-on-4-off pattern. What will you bring? Experience in a SOC analyst role Experience using SIEM (ideally Microsoft Sentinel) Experience using EDR (ideally Microsoft Defender) Excellent written and verbal communication skills Experience configuring and deploying Microsoft technologies such as Microsoft Defender and Azure Experience using and More ❯

privacy regulations (e.g., GDPR, CCPA) and breach notification laws. Experience with sector-specific frameworks (e.g., HIPAA, PCI). Technical Skills Proficiency with security tools (SailPoint, Rapid7, Wiz.io , MS Defender, SIEM, vulnerability management, penetration testing). Knowledge of cloud technologies (AWS, Azure). Experience using generative AI (e.g., ChatGPT) for test strategies, reports, and communications. Skills in automation and analytics tools More ❯

security assurance coordinator. Understanding of MOD Secure by Design policies and processes. Deep technical knowledge of security technologies such as firewalls, IDS/IPS, endpoint protection, encryption, IAM, and SIEM systems. Strong understanding of security frameworks and standards, including ISO 27001, NIST, GDPR, and NCSC Cyber Essentials Plus, with experience in compliance management. Excellent leadership and communication skills, capable of More ❯

tools like firewalls, VPNs, AV, IDS/IPS, and log management. Experience analyzing log data and network security events. Understanding of static malware analysis and reverse engineering. Familiarity with SIEM tools such as QRadar. Additional benefits include 25 days of annual leave, with options to purchase more. #J-18808-Ljbffr More ❯

as firewalls, VPNs, antivirus, IDS/IPS, and log management. Experience analyzing log data and network security events. Understanding of static malware analysis and reverse engineering. Familiarity with additional SIEM tools such as QRadar. Additional benefits include 25 days of annual leave, with the option to purchase more. #J-18808-Ljbffr More ❯

Have a demonstrated knowledge of common intrusion methods and cyber-attack tactics, techniques, and procedures (TTPs). Exhibit skills using common Incident Response and Security Monitoring?applications such as SIEM (Splunk), EDR (FireEye HX, CrowdStrike Falcon, McAfee mVision EDR.), WAF, IPS Additional Information Benefits Package Includes Flexible work environment, working hybrid or in the office if you prefer. Great compensation More ❯

clients. This Junior SOC Analyst role will be an integral member of the Security Operation Centre. They will help identify and analyse potential threats utilising a number of different SIEM & EDR tools. To be a key member of Security Operations Centre (SOC) and provide real-time threat analysis and detection. Respond to system generated alerts, analyse logs and traffic patterns. … years UK residency) 1-3 years' experience as a Security/Network Administrator orequivalent Bachelor's degree in a related field or equivalent experience and knowledge Experience working with SIEM systems Industry standard certifications such as: CompTIA Security+, CompTIA Network+, CompTIA CySa+, Cisco CCNA, EC-Council CEH, and/or relevant specialized degree in Cyber Forensics or Computer Science. Kroll More ❯

the Role A degree level education and/or Microsoft or other relevant certifications Azure & Office 365 certifications Desirable for the Role ISO 27001 Knowledge/Awareness Experienced with SIEM API usage Scripting – PowerShell, Python etc. Microsoft Volume Licensing SFTP Systems SharePoint PHD can offer flexible working hours, WFH, Hybrid working option, to be discussed upon application. Supports The Bike More ❯

the applicant to work 12-hour shifts (7am/7pm) on a 4-on-4-off pattern. What will you bring? Experience in a SOC analyst role Experience using SIEM (ideally Microsoft Sentinel) Experience using EDR (ideally Microsoft Defender) Excellent written and verbal communication skills Experience configuring and deploying Microsoft technologies such as Microsoft Defender and Azure Experience using and More ❯