5 of 5 Remote/Hybrid SIEM Jobs in Scotland

logs and incident investigations. Desirable Experience Experience with Cloud Security Posture Management (CSPM) or SaaS Security Posture Management (SSPM) tools. Familiarity with CrowdStrike or SIEM platforms. Experience improving enterprise security posture within cloud or SSE environments. ...

those actions through to completion with technical teams. What you’ll be doing Monitor and investigate security events across cloud and internal infrastructure using SIEM/security monitoring tools, distinguishing genuine threats from false positives. Lead and support incident response activities (containment, remediation, recovery and post-incident reviews). … and pragmatic). Essential experience Security operations experience in a SaaS, cloud or regulated technology environment. Experience triaging and responding to security alerts using SIEM tooling (Microsoft Sentinel advantageous). Strong grounding in Azure security: identity & access management, network security, hardening and vulnerability management. Experience with vulnerability assessments/penetration ...

those actions through to completion with technical teams. What you’ll be doing Monitor and investigate security events across cloud and internal infrastructure using SIEM/security monitoring tools, distinguishing genuine threats from false positives. Lead and support incident response activities (containment, remediation, recovery and post-incident reviews). … and pragmatic). Essential experience Security operations experience in a SaaS, cloud or regulated technology environment. Experience triaging and responding to security alerts using SIEM tooling (Microsoft Sentinel advantageous). Strong grounding in Azure security: identity & access management, network security, hardening and vulnerability management. Experience with vulnerability assessments/penetration ...

Compromise (IOCs) and attacker behaviour Analyse adversary techniques and map activity to the MITRE ATT&CK framework Develop, tune and maintain detection rules for SIEM and EDR platforms Threat Intelligence Management Collect, validate and analyse cyber threat intelligence from multiple sources Monitor emerging threats, vulnerabilities and attack trends Produce clear … Keywords Cyber Threat Intelligence Analyst, Threat Intelligence Analyst, Cyber Threat Analyst, Threat Hunter, Cyber Security Analyst, Microsoft Sentinel, Defender XDR, KQL, Kusto Query Language, SIEM, EDR, MITRE ATT&CK, Threat Hunting, Cyber Threat Intelligence, Malware Analysis, IOCs, OSINT, SOC, Incident Response, Blue Team, Microsoft Security, Azure Security, MSP, Managed Services ...

Detection Engineer - SIEM, KQL, Sentinel Client is looking for a Detection Engineer to join their security team. Will be creating and improving detetions. - KQL exp is a must (Sentinel/Log Analytics/Microsoft Defender)- Translate threat intelligence into actionable detection logic- Windows, MacOS or Linux operating systems exp London ...