9 of 9 SIEM Jobs in Scotland

Indicators of Compromise (IOCs) and adversary TTPs Leverage threat intelligence feeds, OSINT, and commercial platforms to enrich detection Develop and maintain detection rules across SIEM and EDR platforms Threat Intelligence Management Collect, validate, and analyse threat data from multiple sources Monitor emerging threats, vulnerabilities, and attack trends Produce high-quality ...

logs and incident investigations. Desirable Experience Experience with Cloud Security Posture Management (CSPM) or SaaS Security Posture Management (SSPM) tools. Familiarity with CrowdStrike or SIEM platforms. Experience improving enterprise security posture within cloud or SSE environments. ...

SaaS Engineer solutions by: Integrating systems via APIs Connecting security tooling data Creating dashboards & automations Driving remediation of security gaps Work with tools like SIEM, EDR, Vulnerability Mgmt, CSPM, IAM Automate using Python or PowerShell Success Looks Like Higher asset coverage Fewer unknown devices Automated detection of gaps Automated/ ...

those actions through to completion with technical teams. What you’ll be doing Monitor and investigate security events across cloud and internal infrastructure using SIEM/security monitoring tools, distinguishing genuine threats from false positives. Lead and support incident response activities (containment, remediation, recovery and post-incident reviews). … and pragmatic). Essential experience Security operations experience in a SaaS, cloud or regulated technology environment. Experience triaging and responding to security alerts using SIEM tooling (Microsoft Sentinel advantageous). Strong grounding in Azure security: identity & access management, network security, hardening and vulnerability management. Experience with vulnerability assessments/penetration ...

those actions through to completion with technical teams. What you’ll be doing Monitor and investigate security events across cloud and internal infrastructure using SIEM/security monitoring tools, distinguishing genuine threats from false positives. Lead and support incident response activities (containment, remediation, recovery and post-incident reviews). … and pragmatic). Essential experience Security operations experience in a SaaS, cloud or regulated technology environment. Experience triaging and responding to security alerts using SIEM tooling (Microsoft Sentinel advantageous). Strong grounding in Azure security: identity & access management, network security, hardening and vulnerability management. Experience with vulnerability assessments/penetration ...

Compromise (IOCs) and attacker behaviour Analyse adversary techniques and map activity to the MITRE ATT&CK framework Develop, tune and maintain detection rules for SIEM and EDR platforms Threat Intelligence Management Collect, validate and analyse cyber threat intelligence from multiple sources Monitor emerging threats, vulnerabilities and attack trends Produce clear … Keywords Cyber Threat Intelligence Analyst, Threat Intelligence Analyst, Cyber Threat Analyst, Threat Hunter, Cyber Security Analyst, Microsoft Sentinel, Defender XDR, KQL, Kusto Query Language, SIEM, EDR, MITRE ATT&CK, Threat Hunting, Cyber Threat Intelligence, Malware Analysis, IOCs, OSINT, SOC, Incident Response, Blue Team, Microsoft Security, Azure Security, MSP, Managed Services ...

strong understanding of their monitored environments, log sources, and detection coverage. Your responsibility is to ensure Security technologies and services, spanning SOC operations, SIEM/XDR/EDR, Vulnerability & Exposure Management, and Security Automation & Orchestration (SOAR) are aligned to the client's strategy and objectives, adopted effectively, and continuously improved … owning success plans, roadmaps, and delivery outcomes. Technical and Professional Qualifications Practical experience with SOC platforms and technologies, including Microsoft Sentinel, CrowdStrike NG SIEM/XDR, Tenable One, EDR/EPP, and related SOC tools. Strong understanding of infrastructure, operating systems (Windows/Linux), Active Directory/identity management, and ...

APIs, build automations, identify missing security controls and help us turn asset data into real risk-reduction actions. Experience with cybersecurity tooling - things like SIEM, EDR, vulnerability management, CSPM, IAM etc. Comfortable working with Python or PowerShell because we want to automate. Someone who drives to closure and … PowerShell, data normalization, system integrations, and building queries and dashboards. Experience with Axonius or other asset intelligence platforms is ideal. Must understand how EDR, SIEM, IAM, VM, and cloud security tools fit together. We are a global environment - manufacturing, R&D, cloud, and corporate. Lots of data sources. Lots ...

Detection Engineer - SIEM, KQL, Sentinel Client is looking for a Detection Engineer to join their security team. Will be creating and improving detetions. - KQL exp is a must (Sentinel/Log Analytics/Microsoft Defender)- Translate threat intelligence into actionable detection logic- Windows, MacOS or Linux operating systems exp London ...