26 to 29 of 29 SIEM Jobs in the Midlands

Develop SOC policies, technical standards, and procedure documentation aligned to industry best practice. Log Management: Work with MSSPs and service owners to ensure log sources are onboarded into the SIEM solution. Create use cases to correlate suspicious activities across endpoints, networks, applications, and both on-premises and cloud environments. Incident Response: Improve playbooks and processes, lead escalated security incidents, oversee … platform by producing workflows to automate responses to common attack types and enhance operational playbooks. Digital Forensics: Use forensic tools and techniques to analyse data sources such as logs, SIEM data, applications, and network traffic patterns, and recommend appropriate response actions to ensure threats are contained and eradicated. Cyber Crisis Testing: Participate in cyber-attack simulations and scenario exercises to … a degree in Computer Science, Cybersecurity, IT, or a related subject. Ideally hold recognised security qualifications such as CISSP, AZ-500, GIAC/GCIA/GCIH, CASP+, CEH, or SIEM certifications. Strong knowledge of log correlation, analysis, forensics, and chain of custody requirements. Familiarity with regulatory frameworks (NCSC CAF, ISO/IEC 27001/27002, GDPR, CIS, NIST). Practical More ❯

re looking for a hands-on L3 Senior Incident Responder who can lead on complex security investigations, manage high-severity incidents, and bring real expertise in Splunk and wider SIEM technologies. This is a critical role within the SOC, where you’ll be the escalation point for L1 and L2 analysts and take ownership of incident containment, remediation, and post … incident review. What you’ll do: Act as the L3 escalation point , leading investigations into complex incidents escalated by L1/L2 analysts. Use Splunk and other SIEM tools to detect, investigate, and respond to security events. Perform detailed forensic analysis, root cause analysis, and malware investigation. Lead incident response activities end-to-end, ensuring containment, eradication, and recovery. Develop … looking for: Proven L3 SOC experience . 5+ years’ experience in IT security , ideally within a SOC/NOC environment. Strong knowledge and hands-on expertise with Splunk (other SIEM exposure beneficial). Solid understanding of DFIR principles, vulnerability management, and ethical hacking. Strong grasp of network traffic flows, malware analysis, and reverse engineering. Excellent written and verbal communication skills More ❯

SIEM Application Engineer - Elasticsearch Birmingham - 3 days in the office/2 days from home £60-70k pa + bonus and benefits We are recruiting a fantastic opportunity to join a busy Security Engineering team and support the design, development, implementation and operation of a SIEM platform. In this role you will design and implement SIEM solutions using Elasticsearch … as well as optimising SIEM rules, alerts and dashboards. You will collaborate with cross-functional teams, contributing as part of a security engineering team. As well as Elasticsearch you should have commercial experience with Logstash and Kibana to enhance threat detection, incident response and overall security. Please send a CV detailing the above required experience for consideration. SIEM Application Engineer More ❯

Cybersecurity frameworks for ICS/OT environments NIST SP 800-82 and c, OT Network Communication Protocols (e.g., Ethernet, Modbus, OPC, IEC-101/104 etc.), Information Event Management (SIEM). Key Responsibilities: Designing and implementing technical solutions for asset discovery, OT cyber security, vulnerability assessment tools Define and implement OT-specific security policies and monitoring rules within Nozomi to … detect anomalies, threats and compliance violations. Deploy OT Security (Nozomi)/IDS platform across global sites. Implementation support & reporting for ICS security with help of tools like SIEM More ❯