1 to 25 of 28 SIEM Jobs in the North of England

governance, assurance frameworks, and audit processes (ISO 27001, NIST, GDPR, Cyber Essentials Plus). Experience with modern security tooling such as:o Cortex XDR/Palo Alto Networkso Splunk (SIEM and dashboarding)o Abnormal Security (email security)o Prisma Cloud (cloud security posture management)o Airlock (application and API security)o Nucleus (vulnerability management and reporting) Deep knowledge of incident More ❯

of security goals. What do we need from you? Deep expertise in securing cloud platforms (AWS, Azure, GCP) with a focus on financial services Proven experience with tools like SIEM, SOAR, IDS/IPS, and cloud-native security solutions Strong understanding of encryption protocols, key management systems, and IAM best practices Hands-on experience with container security tools for Kubernetes More ❯

attack chain details of detected attacks (successful and failed) and feeding them back into detection capability. · Responsible for ensuring monitoring effectiveness and efficiency via the creation and updating of SIEM/SOAR playbooks, in line with changing attacker techniques tactics and procedures (TTP's) · Use Intrusion Analysis skills and experience to provide input to new detection techniques and research new More ❯

and solution-level security architectures in hybrid and cloud (AWS/Azure) environments. Strong hands-on expertise with enterprise security platforms – including Endpoint Protection, Cloud Security, Network Security, DevSecOps, SIEM/SOAR, and vulnerability management. Deep understanding of secure design principles, IAM, encryption, API security, and application security. Experience performing threat modelling, security risk assessments, and control design validation. In More ❯

and solution-level security architectures in hybrid and cloud (AWS/Azure) environments. Strong hands-on expertise with enterprise security platforms – including Endpoint Protection, Cloud Security, Network Security, DevSecOps, SIEM/SOAR, and vulnerability management. Deep understanding of secure design principles, IAM, encryption, API security, and application security. Experience performing threat modelling, security risk assessments, and control design validation. In More ❯

and solution-level security architectures in hybrid and cloud (AWS/Azure) environments. Strong hands-on expertise with enterprise security platforms – including Endpoint Protection, Cloud Security, Network Security, DevSecOps, SIEM/SOAR, and vulnerability management. Deep understanding of secure design principles, IAM, encryption, API security, and application security. Experience performing threat modelling, security risk assessments, and control design validation. In More ❯

information security, risk, or compliance roles. Strong understanding of ISMS principles (ISO 27001) and audit support for SOC 2 Type II. Hands-on experience with security tools and controls - SIEM, IAM/PAM, endpoint protection, vulnerability management. Working knowledge of data-protection and privacy standards (GDPR, HIPAA). Excellent communication skills - able to collaborate across technical and non-technical teams. More ❯

IOT/Mobile technologies and related security best practices Cloud technologies (Amazon Web Services ("AWS"), Azure, etc.) and their operation and security best practices Identity and access management solutions SIEM CASB SOC design, build and operation Strong analytical mind and problem-solving skills. Excellent project management and interpersonal skills. Consulting experience (beneficial). Understanding of modern security concepts and principles More ❯

maintain infrastructure as code (IaC) using Terraform or CloudFormation. Automate deployment and configuration processes using Python, PowerShell, or other scripting tools. Integrate AWS security logs and data flows with SIEM platforms (e.g., Splunk). Support live cloud environments through monitoring, troubleshooting, and performance optimisation. Collaborate effectively across engineering and security teams to deliver high-quality, compliant solutions. Technical Skills & Experience More ❯

maintain infrastructure as code (IaC) using Terraform or CloudFormation. Automate deployment and configuration processes using Python, PowerShell, or other scripting tools. Integrate AWS security logs and data flows with SIEM platforms (e.g., Splunk). Support live cloud environments through monitoring, troubleshooting, and performance optimisation. Collaborate effectively across engineering and security teams to deliver high-quality, compliant solutions. Technical Skills & Experience More ❯

in collaboration with technology teams. Respond to incidents alongside the Head of Information Security Work with the MSSP across incident response and proactive monitoring. Maintain and optimise Microsoft Sentinel SIEM, XDR/MDR/EDR solutions, and supporting tools. Track deployment and health of all security products across the business. Stay ahead of emerging threats and evolving technologies. What We More ❯

in collaboration with technology teams. Respond to incidents alongside the Head of Information Security Work with the MSSP across incident response and proactive monitoring. Maintain and optimise Microsoft Sentinel SIEM, XDR/MDR/EDR solutions, and supporting tools. Track deployment and health of all security products across the business. Stay ahead of emerging threats and evolving technologies. What We More ❯

security-specific experience, support by relevant industry certifications (e.g. CySA+, Security+) and risk management knowledge (essential) Knowledge and experience working across a diverse range of cyber security tools, including SIEM technologies, EDR, NIDS etc. (essential) Self-motivated with a willingness to go the extra mile to achieve important goals (essential) Excellent verbal and written communication skills, including the ability to More ❯

required skills) your application to our client in conjunction with this vacancy only. KEY SKILLS Cyber Security, Vulnerability Management, Penetration Testing, Risk Assessment, Compliance, PCI DSS, Security Tooling, Governance, SIEM, Endpoint Security, Security Investigations More ❯

platforms · Leading patch management, system upgrades, and infrastructure automation initiatives · Supporting cloud infrastructure (e.g., Azure, M365) and hybrid environments · Implementing hardening standards and security controls across infrastructure · Familiarity with SIEM, EDR, and other security technologies · Collaborating on incident response, vulnerability remediation, and cyber investigations · Contributing to infrastructure and security roadmaps, policies, and best practices What We're Looking For We More ❯

utilising tools like AWS Inspector, GuardDuty, and Security Hub, complemented by regular vulnerability scanning and penetration testing. Design, implement, and automate enterprise-level security systems and controls -including IAM, SIEM, DLP, firewalls, endpoint protection, and cloud-native guardrails-to safeguard assets across both cloud and hybrid environments. Actively respond to security events and incidents by leading investigations, coordinating remediation efforts … understanding of security principles, technologies, and industry best practices , including vulnerability and incident management. Practical experience with security monitoring and protection tools such as Firewalls, IDS/IPS, XDR, SIEM, CNAPP, and log collection platforms (e.g., CrowdStrike, Lacework). Experience in designing and implementing Identity and Access Management (IAM) solutions and maintaining secure authentication practices. Proficiency with Windows and Linux More ❯

principles. Strong knowledge of frameworks such as NIST, ISO 27001, OWASP, and CIS. Experience designing and implementing secure, compliant PCI-DSS solutions. Solid grounding in tools and technologies like SIEM, IDS/IPS, DLP, endpoint protection, IAM, and encryption. Ability to communicate complex concepts clearly and influence at all levels. Certifications such as CISSP, CCSP, CISM, or TOGAF are a More ❯

information to enhance the detection of suspicious activity within the business. Skills & Qualifications : Understanding of enterprise networking and computing Knowledge of Python 3 programming language Security experience SPLUNK knowledge SIEM knowledge Defence experience desirable If you would like to be considered for this role please don't hesitate to click apply or call Sam Pierre-Louis on for more information. More ❯

likely have: Proven experience designing and implementing enterprise cyber security solutions. Hands on experience with vendors such as Fortinet, Palo Alto, Juniper, Check Point, or Netskope, and familiarity with SIEM, SOAR, and managed security services. Strong understanding of enterprise security architecture frameworks (e.g. SABSA, TOGAF, NIST, ISO 27001). A confident, engaging personality with the ability to build rapport and More ❯

risk posture, manage ISO certifications, and establish formal security governance to meet the demands of major institutional investment. Hands On Technical Guidance: Provide technical expertise to navigate security tools (SIEM, Vulnerability Management) and architectural decisions, ensuring the move away from early stage cost cutting. Global Team Management: Lead and grow a small, focused security team (currently 2, planned for More ❯

Information Security threat landscape Deep understanding of Information Security solutions e.g. email/web gateways, Privileged Account Management (PAM), Identity Governance and Administration (IGA), Security Information and Event Management (SIEM), Endpoint protection etc. Knowledge/experience working with firewalls is highly advantageous Experience of Cloud security solutions and standards is highly advantageous Competence, knowledge and skills Competence Experience working within More ❯

experience would be beneficial but not required. Any knowledge of various GRC frameworks (e.g. ISO27001, PCI DSS, Cyber Essentials +) would be useful Familiarity with monitoring tools such as SIEM, IDS/IPS, EDR, and threat intelligence platforms. Basic understanding of networking, operating systems, and core security technologies. Exposure to scripting/programming languages (e.g., Python, Bash, PowerShell). Strong … security measures are in place, detect and respond to alerts, and ensure that the IT systems are compliant with various GRC standards. Responsibilities: Monitor and analyse alerts on the SIEM system and respond accordingly. Monitor the IDS, Firewalls, and anti-virus controls. Assist in investigating security incidents, determining root causes, and supporting remediation plans. Conduct vulnerability testing on the company … to offer sponsorship for this role. In order to be considered you must have full, unrestricted right to work in the UK. Keywords: Cyber Security/Information Security/SIEM/Graduate/Entry Level/Junior/Stockport/Manchester Circle Recruitment is acting as an Employment Agency in relation to this vacancy. Earn yourself a referral bonus if More ❯

Senior Manager – MXDR Engineering Manchester, Cheltenham or London Summary The purpose of this role is to lead a global engineering team that performs the implementation and technical support of our MXDR solutions at client infrastructures. The global team is made More ❯

In 2022 we built out an exciting SIEM/SOAR and ManagedDetection and Response service called SEP2.security, built upon Google CloudSecurity's Chronicle stack. Due to customer demand, we are now looking to hire aPrincipal Cyber Security Engineer to join this every growing team. The Security Intelligence Services team, that this role issituated in, provides security monitoring and use case … quickly with colleagues and customers. Competentand confident in customer facing situations. Qualifications and Experience Experienceas a Cyber SOC Analyst/or similar role. Provenexperience in deploying SIEM (Security Information and Event Management)and SOAR (Security orchestration, automation, and response) solutions toachieve positive outcomes. Our tools include Google ChronicleSIEM/Siemplify SOAR and LogRhythm, but experience with other platformssuch as Microsoft More ❯

council offers its employees development opportunities, as well as a fair and flexible workplace. The council is a Living Wage Employer. Responsibilities: Assist in monitoring network traffic and using SIEM tools (e.g. FortiSIEM, Microsoft Sentinel) to detect suspicious activity and triage security risks. Support incident reporting and response, including risk assessments and vulnerability scans. Gain hands-on experience managing firewalls … within 48 hours. Handle walk-up incidents and participate in major incident responses. Support the ICT security incident response process and maintain the ICT Risk Register. Manage security dashboards (SIEM, FortiMail, FortiConsole, SOPHOS, Windows Defender). Oversee job assignments and SLA performance across teams. Support projects aligned with the Cyber Assessment Framework (CAF). Assist in updating and maintaining IT More ❯