51 to 75 of 114 SIEM Jobs in the North of England

Overview We are seeking a contract XSIAM Engineer with deep expertise in Palo Alto Networks technologies, ideally coming from an XSOAR background, and possessing strong experience across XDR and SIEM environments. This is a key role within our security operations function, focused on enhancing detection, automation, and response capabilities. *For this role you must be eligible for SC Clearance* Key … SOC efficiency and visibility Design and manage security automation workflows, drawing from previous XSOAR experience Integrate and optimize XDR capabilities to support proactive threat detection Set up and maintain SIEM-style log ingestion, correlation rules, and enrichment pipelines Build custom dashboards and reporting tools for real-time security insights Troubleshoot complex issues related to XSIAM, XSOAR, and related integrations Ensure … Ideally experience implementing and managing XSIAM in real-world environments but will consider strong XSOAR Consultants who want to evolve into XSIAM. Strong understanding of Security Operations, XDR, and SIEM principles Proficient in scripting and automation (e.g., Python, PowerShell) Solid experience with log analysis, event correlation, and alert tuning Needs to be eligible for SC Clearance Desirable Qualifications Palo Alto More ❯

Overview We are seeking a contract XSIAM Engineer with deep expertise in Palo Alto Networks technologies, ideally coming from an XSOAR background, and possessing strong experience across XDR and SIEM environments. This is a key role within our security operations function, focused on enhancing detection, automation, and response capabilities. *For this role you must be eligible for SC Clearance* Key … SOC efficiency and visibility Design and manage security automation workflows, drawing from previous XSOAR experience Integrate and optimize XDR capabilities to support proactive threat detection Set up and maintain SIEM-style log ingestion, correlation rules, and enrichment pipelines Build custom dashboards and reporting tools for real-time security insights Troubleshoot complex issues related to XSIAM, XSOAR, and related integrations Ensure … Ideally experience implementing and managing XSIAM in real-world environments but will consider strong XSOAR Consultants who want to evolve into XSIAM. Strong understanding of Security Operations, XDR, and SIEM principles Proficient in scripting and automation (e.g., Python, PowerShell) Solid experience with log analysis, event correlation, and alert tuning Needs to be eligible for SC Clearance Desirable Qualifications Palo Alto More ❯

Overview We are seeking a contract XSIAM Engineer with deep expertise in Palo Alto Networks technologies, ideally coming from an XSOAR background, and possessing strong experience across XDR and SIEM environments. This is a key role within our security operations function, focused on enhancing detection, automation, and response capabilities. *For this role you must be eligible for SC Clearance* Key … SOC efficiency and visibility Design and manage security automation workflows, drawing from previous XSOAR experience Integrate and optimize XDR capabilities to support proactive threat detection Set up and maintain SIEM-style log ingestion, correlation rules, and enrichment pipelines Build custom dashboards and reporting tools for real-time security insights Troubleshoot complex issues related to XSIAM, XSOAR, and related integrations Ensure … Ideally experience implementing and managing XSIAM in real-world environments but will consider strong XSOAR Consultants who want to evolve into XSIAM. Strong understanding of Security Operations, XDR, and SIEM principles Proficient in scripting and automation (e.g., Python, PowerShell) Solid experience with log analysis, event correlation, and alert tuning Needs to be eligible for SC Clearance Desirable Qualifications Palo Alto More ❯

business environment. Strong understanding of information and IT security challenges and standards. Solid working knowledge of security technologies (e.g. Endpoint Protection, Data Protection, Cloud Security) and cyber capabilities (e.g. SIEM, SOC, Vulnerability Management). Familiarity with recognised frameworks such as ISO 27001, ISO 22301, NIST, COBIT, or ISF. Experience supporting security strategy within cloud-based environments. Demonstrated ability to manage More ❯

Lead Auditor Certification, and/or Membership of the Institute of Information Security Professionals), or commensurate experience. Outsourcing and Cloud service provision including eg: PaaS, SaaS, IaaS. Understanding of SIEM, IDS/IPS, Vulnerability Scanning/Penetration Testing, Mobile Device Management. More ❯

understand typical methods for securing the network perimeter, using Firewall, mail and web gateways. Additionally, networking security products and techniques such as IPS, IDS, and centralised log management or SIEM would be beneficial. An understanding of information security management principals and practice, such as ISO 27001, would be of great benefit and applying appropriate security tools and techniques to sound More ❯

sell complex IT Managed Services, including Modern Workplace solutions, Microsoft Azure, Azure Virtual Desktop, Endpoint Detection and Response (EDR), Security Operations Centre (SOC), and Security Information and Event Management (SIEM) solutions Serve as a trusted advisor to prospects and customers, clearly communicating technical solutions and value propositions to decision-makers at all levels Customer Relationship Management Personally implement and oversee More ❯

bigger picture; investigating threats, guiding incident flow, analysing threat data, and playing a key role in improving detection and response processes. You’ll be working across platforms like: Elastic SIEM Microsoft Sentinel Defender for Endpoint CrowdStrike Falcon MISP (Malware Information Sharing Platform) As the team scales, this role offers both strategic involvement and technical depth. There’s also the option … mindset – focused on not just what happened, but why, how, and how to prevent it Comfortable being an escalation point for technical and analytical issues Working knowledge of key SIEM and EDR platforms (Elastic, Sentinel, CrowdStrike, etc.) Natural curiosity and willingness to get hands-on with data and investigations Broad exposure across cyber domains beyond pure SOC is highly valued More ❯

bigger picture; investigating threats, guiding incident flow, analysing threat data, and playing a key role in improving detection and response processes. You’ll be working across platforms like: Elastic SIEM Microsoft Sentinel Defender for Endpoint CrowdStrike Falcon MISP (Malware Information Sharing Platform) As the team scales, this role offers both strategic involvement and technical depth. There’s also the option … mindset – focused on not just what happened, but why, how, and how to prevent it Comfortable being an escalation point for technical and analytical issues Working knowledge of key SIEM and EDR platforms (Elastic, Sentinel, CrowdStrike, etc.) Natural curiosity and willingness to get hands-on with data and investigations Broad exposure across cyber domains beyond pure SOC is highly valued More ❯

bigger picture; investigating threats, guiding incident flow, analysing threat data, and playing a key role in improving detection and response processes. You’ll be working across platforms like: Elastic SIEM Microsoft Sentinel Defender for Endpoint CrowdStrike Falcon MISP (Malware Information Sharing Platform) As the team scales, this role offers both strategic involvement and technical depth. There’s also the option … mindset – focused on not just what happened, but why, how, and how to prevent it Comfortable being an escalation point for technical and analytical issues Working knowledge of key SIEM and EDR platforms (Elastic, Sentinel, CrowdStrike, etc.) Natural curiosity and willingness to get hands-on with data and investigations Broad exposure across cyber domains beyond pure SOC is highly valued More ❯

bigger picture; investigating threats, guiding incident flow, analysing threat data, and playing a key role in improving detection and response processes. You’ll be working across platforms like: Elastic SIEM Microsoft Sentinel Defender for Endpoint CrowdStrike Falcon MISP (Malware Information Sharing Platform) As the team scales, this role offers both strategic involvement and technical depth. There’s also the option … mindset – focused on not just what happened, but why, how, and how to prevent it Comfortable being an escalation point for technical and analytical issues Working knowledge of key SIEM and EDR platforms (Elastic, Sentinel, CrowdStrike, etc.) Natural curiosity and willingness to get hands-on with data and investigations Broad exposure across cyber domains beyond pure SOC is highly valued More ❯

bigger picture; investigating threats, guiding incident flow, analysing threat data, and playing a key role in improving detection and response processes. You’ll be working across platforms like: Elastic SIEM Microsoft Sentinel Defender for Endpoint CrowdStrike Falcon MISP (Malware Information Sharing Platform) As the team scales, this role offers both strategic involvement and technical depth. There’s also the option … mindset – focused on not just what happened, but why, how, and how to prevent it Comfortable being an escalation point for technical and analytical issues Working knowledge of key SIEM and EDR platforms (Elastic, Sentinel, CrowdStrike, etc.) Natural curiosity and willingness to get hands-on with data and investigations Broad exposure across cyber domains beyond pure SOC is highly valued More ❯

bigger picture; investigating threats, guiding incident flow, analysing threat data, and playing a key role in improving detection and response processes. You’ll be working across platforms like: Elastic SIEM Microsoft Sentinel Defender for Endpoint CrowdStrike Falcon MISP (Malware Information Sharing Platform) As the team scales, this role offers both strategic involvement and technical depth. There’s also the option … mindset – focused on not just what happened, but why, how, and how to prevent it Comfortable being an escalation point for technical and analytical issues Working knowledge of key SIEM and EDR platforms (Elastic, Sentinel, CrowdStrike, etc.) Natural curiosity and willingness to get hands-on with data and investigations Broad exposure across cyber domains beyond pure SOC is highly valued More ❯

and requirements in-line with the IS strategy and the key strategic objectives. Ensuring the integrity of IT infrastructures. Maintaining lights on all Security Toolkit Infrastructure. Supporting various toolsets SIEM, IDPS, and Malware Protection. Tuning and policy enablement, features and enhancements as required in response to Security Incidents and general enhancements requested. Troubleshooting potential impact of security tooling on business More ❯

an experienced team. You'll be at the heart of their SecOps function, helping to shape and improve their cyber capabilities. What they are looking for : Someone comfortable with SIEM, EDR, and vulnerability management tooling (Rapid7, CrowdStrike, Qualys etc.) Scripting and automation Strong foundational IT and networking knowledge Familiarity with patching solutions and email security tools A proactive mindset and More ❯

L2&L3 SOC/Cyber Security Engineer - Threat Hunter/SIEM Sentinel - £45-65K + 25% Shift - Home/Office 2x per month My client is one of the most recognisable names in IT and has some of the best professionals in the industry. They are top partners with leading Vendors, which means you will work with cutting-edge … eligible to obtain SC clearance upon hire. Key Skills required: At least 2 years' experience in a SOC environment, preferably MSSP, or in a technical security role. Experience with SIEM tools such as MS Sentinel, AlienVault, or Splunk. Cybersecurity qualifications, certifications, or degrees e.g., CySA+, CompTIA SEC+, or similar experience. Microsoft SC-200 certifications are desirable. Strong knowledge of threat … Responsibilities: Lead escalated Cyber Incident Management, including Major Incidents and analysis for ongoing investigations. Conduct proactive threat hunts, RCAs, and develop detection capabilities. Monitor and investigate security alerts from SIEM platforms like MS Sentinel, AlienVault, or Splunk. Respond to security alerts, incidents, and requests, managing threats and vulnerabilities effectively. Document cases and generate reports with insightful recommendations. Assist in recovery More ❯

a 6-month initial contract, working remotely. This role is operating outside of IR35. Candidates must be based in the UK. Key Responsibilities: Monitor and investigate security alerts using SIEM tools (e.g., Splunk, Microsoft Sentinel ). Conduct threat-hunting activities to proactively identify suspicious behavior and potential threats. Analyze logs and network traffic to identify anomalies. Collaborate with incident response … processes and detection capabilities. What We're Looking For: Strong background in cybersecurity with hands-on SOC experience . Proficiency in threat-hunting methodologies and investigative techniques. Experience with SIEM platforms such as Splunk, Sentinel , or similar. Solid understanding of security frameworks, malware analysis, and network protocols. Strong analytical and problem-solving skills. Relevant certifications (e.g., CompTIA Security+, CEH, GCIA More ❯

a 6-month initial contract, working remotely. This role is operating outside of IR35. Candidates must be based in the UK. Key Responsibilities: Monitor and investigate security alerts using SIEM tools (e.g., Splunk, Microsoft Sentinel ). Conduct threat-hunting activities to proactively identify suspicious behavior and potential threats. Analyze logs and network traffic to identify anomalies. Collaborate with incident response … processes and detection capabilities. What We're Looking For: Strong background in cybersecurity with hands-on SOC experience . Proficiency in threat-hunting methodologies and investigative techniques. Experience with SIEM platforms such as Splunk, Sentinel , or similar. Solid understanding of security frameworks, malware analysis, and network protocols. Strong analytical and problem-solving skills. Relevant certifications (e.g., CompTIA Security+, CEH, GCIA More ❯

a 6-month initial contract, working remotely. This role is operating outside of IR35. Candidates must be based in the UK. Key Responsibilities: Monitor and investigate security alerts using SIEM tools (e.g., Splunk, Microsoft Sentinel ). Conduct threat-hunting activities to proactively identify suspicious behavior and potential threats. Analyze logs and network traffic to identify anomalies. Collaborate with incident response … processes and detection capabilities. What We're Looking For: Strong background in cybersecurity with hands-on SOC experience . Proficiency in threat-hunting methodologies and investigative techniques. Experience with SIEM platforms such as Splunk, Sentinel , or similar. Solid understanding of security frameworks, malware analysis, and network protocols. Strong analytical and problem-solving skills. Relevant certifications (e.g., CompTIA Security+, CEH, GCIA More ❯

a 6-month initial contract, working remotely. This role is operating outside of IR35. Candidates must be based in the UK. Key Responsibilities: Monitor and investigate security alerts using SIEM tools (e.g., Splunk, Microsoft Sentinel ). Conduct threat-hunting activities to proactively identify suspicious behavior and potential threats. Analyze logs and network traffic to identify anomalies. Collaborate with incident response … processes and detection capabilities. What We're Looking For: Strong background in cybersecurity with hands-on SOC experience . Proficiency in threat-hunting methodologies and investigative techniques. Experience with SIEM platforms such as Splunk, Sentinel , or similar. Solid understanding of security frameworks, malware analysis, and network protocols. Strong analytical and problem-solving skills. Relevant certifications (e.g., CompTIA Security+, CEH, GCIA More ❯

a 6-month initial contract, working remotely. This role is operating outside of IR35. Candidates must be based in the UK. Key Responsibilities: Monitor and investigate security alerts using SIEM tools (e.g., Splunk, Microsoft Sentinel ). Conduct threat-hunting activities to proactively identify suspicious behavior and potential threats. Analyze logs and network traffic to identify anomalies. Collaborate with incident response … processes and detection capabilities. What We're Looking For: Strong background in cybersecurity with hands-on SOC experience . Proficiency in threat-hunting methodologies and investigative techniques. Experience with SIEM platforms such as Splunk, Sentinel , or similar. Solid understanding of security frameworks, malware analysis, and network protocols. Strong analytical and problem-solving skills. Relevant certifications (e.g., CompTIA Security+, CEH, GCIA More ❯

a 6-month initial contract, working remotely. This role is operating outside of IR35. Candidates must be based in the UK. Key Responsibilities: Monitor and investigate security alerts using SIEM tools (e.g., Splunk, Microsoft Sentinel ). Conduct threat-hunting activities to proactively identify suspicious behavior and potential threats. Analyze logs and network traffic to identify anomalies. Collaborate with incident response … processes and detection capabilities. What We're Looking For: Strong background in cybersecurity with hands-on SOC experience . Proficiency in threat-hunting methodologies and investigative techniques. Experience with SIEM platforms such as Splunk, Sentinel , or similar. Solid understanding of security frameworks, malware analysis, and network protocols. Strong analytical and problem-solving skills. Relevant certifications (e.g., CompTIA Security+, CEH, GCIA More ❯

on technical expertise in building AWS cloud security capabilities in code and deploying infrastructure in code - Implementation experience with enterprise security solutions such as WAF, IPS, Anti-DDOS, and SIEM - Experience in supporting internal and external customers. You understand what it means to draw out critical customer needs and focus your knowledge and creativity to deliver practical outcomes addressing those More ❯

security function within a regulated business. Specifically, you will possess: Extensive risk management, and regulatory compliance experience Strong technical knowledge of security infrastructure, cloud platforms and modern security tooling (SIEM, SOAR). Excellent communication and stakeholder engagement skills. Most importantly you will have a track record of building high-performing teams. More ❯

endpoints, networks, and logs to detect potential threats and vulnerabilities. Lead detailed investigations into security alerts and incidents, identifying root causes and impacts. Support MDR analysts and contribute to SIEM administration, including use-case development and log integration. Implement response actions to contain threats and restore secure system states. Stay ahead of emerging threats and evolving attack vectors. Collaborate with More ❯