23 of 23 Remote SIEM Jobs in the South East

Contract SIEM Engineer Exciting contract opportunity to join a high-performing cybersecurity team Hybrid working model, three days onsite and two remote Contribute to cutting-edge SIEM and EDR deployments for a large-scale organisation Up to £410 per day (Inside IR35) Active SC clearance required ABOUT THE CLIENT: Our client is a well-established technology-driven organisation with a … advancing its cybersecurity capabilities. You will join a dedicated security team working to enhance threat detection and response across complex environments. This is a crucial role for an experienced SIEM Engineer to make a measurable impact by improving resilience and operational security. THE BENEFITS: Up to £410 per day (Inside IR35) Hybrid working arrangement Collaborative and innovative security culture Opportunity … to work with leading SIEM and EDR technologies THE SIEM ENGINEER ROLE: As a SIEM Engineer, you will design, deploy, and maintain SIEM and EDR solutions that strengthen the organisation's security posture. You will work closely with IT and security teams to manage log ingestion, implement integrations, and monitor system activity for potential threats. SIEM ENGINEER ESSENTIAL SKILLS: Proven More ❯

Conduct regular security audits and assessments to identify and remediate risks. Apply industry frameworks such as NIST Cybersecurity Framework, ISO 27001, CIS Controls . Oversee and enhance security technologies: SIEM, vulnerability management, cloud security (OCI/Azure/AWS), PKI, cryptography, web/email security, logging and monitoring . Monitor network traffic for anomalies and potential breaches. Collaborate with IT More ❯

day-to-day operations of the Counter Threat Unit, ensuring security controls are effectively implemented across infrastructure and cloud environments. Configure, maintain, and optimise security tools and solutions (e.g., SIEM, EDR )to protect enterprise systems. Monitor systems and networks for anomalies, gather and analyse threat intelligence, and contribute to situational awareness. Investigate and resolve security incidents in line with organisational More ❯

and reverse engineering. Programming and scripting such as Python, Perl, Bash, PowerShell, C++. CREST Practitioner Intrusion Analyst/Blue Teams Level 1 or other SOC related certifications. Experience with SIEM technologies, namely Sentinel and Splunk. If you are interested in this role but not sure if your skills and experience are exactly what we’re looking for, please do apply More ❯

and reverse engineering. Programming and scripting such as Python, Perl, Bash, PowerShell, C++. CREST Practitioner Intrusion Analyst/Blue Teams Level 1 or other SOC related certifications. Experience with SIEM technologies, namely Sentinel and Splunk. If you are interested in this role but not sure if your skills and experience are exactly what were looking for, please do apply, wed More ❯

initiatives. About You Minimum 5 years’ experience in information security within a global enterprise environment . Strong knowledge of cloud and network security (Azure, O365). Experienced in DLP, SIEM, and incident response processes. Familiar with ISO 27001/27002 and governance frameworks. CISSP or CEH certification preferred. Excellent communication, stakeholder management, and documentation skills. Why Join? You’ll be More ❯

DDoS protection, and encryption. Mentor junior engineers, elevate best practices, and help us on our journey to ISO 27001 certification. What You Bring Deep hands-on expertise across EDR, SIEM, NAC, MFA, PAM, and cloud security environments. Proven experience with security frameworks such as ISO 27001, NIST, CIS, and PCI-DSS. Certifications like CISSP, CPSA, or Palo Alto Certified Security More ❯

day-to-day operations of the Counter Threat Unit, ensuring security controls are effectively implemented across infrastructure and cloud environments. Configure, maintain, and optimise security tools and solutions (e.g., SIEM, EDR )to protect enterprise systems. Monitor systems and networks for anomalies, gather and analyse threat intelligence, and contribute to situational awareness. Skills and experience: Minimum 4 years’ experience within IT More ❯

in Security Architecture. Cloud security architecture experience (AWS, Azure, GCP), multi-cloud preferred. Deep financial services security knowledge and regulatory experience. Expertise in IAM, network, data, application, container security, SIEM, and Zero Trust. DevSecOps and CI/CD security implementation experience. Relevant certifications desirable (CISSP, CCSP, AWS Security Specialty, Azure Security, GCP Security). Desirable Skills Strong communication, leadership, and More ❯

likely have: Proven experience designing and implementing enterprise cyber security solutions. Hands on experience with vendors such as Fortinet, Palo Alto, Juniper, Check Point, or Netskope, and familiarity with SIEM, SOAR, and managed security services. Strong understanding of enterprise security architecture frameworks (e.g. SABSA, TOGAF, NIST, ISO 27001). A confident, engaging personality with the ability to build rapport and More ❯

sustainable mitigation strategies. Manage remediation and closure of security cases, ensuring timely implementation of corrective actions. Develop and maintain threat scenarios to validate detection and response across SOC, EDR, SIEM, and XDR platforms. Translate threat intelligence into testable hypotheses and simulation exercises in collaboration with Threat Intelligence teams. Utilise adversarial emulation tools (Caldera, Atomic Red Team, AttackIQ, SCYTHE, Cobalt Strike More ❯

a rapidly scaling B2B payments startup, and we're looking for a bold, proactive, and hands-on Cybersecurity Lead to design, implement, and operate our security operations function, including SIEM, incident response, threat detection, secure by design, shift-left security engineering, and automated monitoring and response. You'll run and be part of the projects that implement, build, and maintain … leave a legacy of a high‐performing SOC built on automation, quality data, and continuous learning. What You'll Be Doing: Own the design, implementation, and operation of our SIEM and SOC capability with Microsoft Sentinel, including data ingestion, workspace architecture, analytics, automation, and dashboards. Integrate high‐value telemetry sources (Entra, M365, Google Workspace, AWS, GCP, endpoints/EDR, network … t miss a thing. Your attention to detail and decision-making capabilities are top-notch. You're able to horizon scan and research effectively to find the missing details. SIEM & Sentinel Expertise – Proven experience in architecting, implementing, and operating Microsoft Sentinel at scale: data connectors, KQL, analytics, UEBA, SOAR (Logic Apps), workbooks, and cost governance. SOC Leadership – Demonstrated capability to More ❯

will possess strong communication and incident management skills and will be committed to ensuring the highest level of security, compliance, and user experience. Responsibilities: Investigate security alerts from our SIEM tool and 3rd party MSSPs, and to provide appropriate incident response actions. Liaise with technology and business stakeholders in relation to cyber security issues/incidents providing clear descriptions and … teams. Supporting out-of-hours incident investigations via an On-Call rota, covering 24*7*365 alongside our 3rd party MSSP. Monitor, analyse and optimise SecOps tool performance (e.g. SIEM, PAM), identify potential issues, and recommend and implement proactive solutions. Develop and maintain SecOps documentation, policies, and procedures. Collaborate with stakeholders to understand business requirements and implementing security controls that … problems in a simple manner to non-technical audiences Strong understanding of OT infrastructure, networking, and end-user computing. Experience writing Kusto Query Language (KQL) for creating and tuning SIEM queries and alerts. Proficient in configuration and troubleshooting of multi-factor authentication (MFA), Privileged Access Management (PAM) and Security Information & Event Management (SIEM) systems, in particular Microsoft Sentinel. Desirable Experience More ❯

with the wider IT Team management, representing Digital, Data and Technology (DDaT). Key purposes of this role include: Safeguarding Operations: Actively manage and enhance our security platforms (primarily SIEM, XDR and IDAM polices) to detect, prevent, and respond to cyber threats across our IT and operational networks. Implementing and reviewing Security Controls: Serve as the subject matter expert for … Process Improvement Manage the deployment of new security tools, ensuring existing tools are maintained and tuned. Identify gaps, implement enhancements, and drive automation for continuous improvement. Integrate tools with SIEM, CMDB, and ticketing systems to streamline workflows. Create and update troubleshooting guides and knowledge base articles to support the wider team. Compliance and Governance Ensure practices meet known frameworks and … Specification Essential A background in IT infrastructure, cloud services, and cyber security. Proven continuous development in both technical and soft domains. Proficiency with security tools and technologies such as SIEM, DLP, network protection, threat detection, and endpoint protection. An understanding of network infrastructure such as VPNs, firewalls, switches, routers, LANs, Intrusion Detection, and vulnerability scanning. Understanding of IT and cyber More ❯

with the wider IT Team management, representing Digital, Data and Technology (DDaT). Key purposes of this role include: Safeguarding Operations: Actively manage and enhance our security platforms (primarily SIEM, XDR and IDAM polices) to detect, prevent, and respond to cyber threats across our IT and operational networks. Implementing and reviewing Security Controls: Serve as the subject matter expert for … Process Improvement Manage the deployment of new security tools, ensuring existing tools are maintained and tuned. Identify gaps, implement enhancements, and drive automation for continuous improvement. Integrate tools with SIEM, CMDB, and ticketing systems to streamline workflows. Create and update troubleshooting guides and knowledge base articles to support the wider team. Compliance and Governance Ensure practices meet known frameworks and … Specification Essential A background in IT infrastructure, cloud services, and cyber security. Proven continuous development in both technical and soft domains. Proficiency with security tools and technologies such as SIEM, DLP, network protection, threat detection, and endpoint protection. An understanding of network infrastructure such as VPNs, firewalls, switches, routers, LANs, Intrusion Detection, and vulnerability scanning. Understanding of IT and cyber More ❯

in Computer Science, Cybersecurity, IT, or a related discipline, or equivalent professional experience. Industry-recognised certifications such as CISSP, GIAC/GCIA/GCIH, AZ-500, CEH, CASP+, or SIEM-specific training. Strong knowledge of SIEM, SOAR, EDR, IDS/IPS, NAC, DLP, and related security technologies. Familiarity with frameworks such as MITRE ATT&CK, NIST, CIS, and ISO/ More ❯

combines engineering depth with real client interaction ideal for someone who enjoys both hands-on work and architectural thinking. What You Will Be Doing Design, configure, and deliver Sentinel SIEM solutions for enterprise clients. Develop and optimise automation rules, playbooks, and runbooks using Logic Apps and Power Automate. Write and fine-tune Kusto Query Language (KQL) queries to analyse and … and ISO 27001 alignment. Act as an escalation point within the SOC and mentor junior engineers. What We Are Looking For 3+ years’ experience as a Microsoft Sentinel or SIEM Engineer. Strong technical background across Microsoft 365, Azure, networking, and cybersecurity. Hands-on experience with KQL, PowerShell, and ideally Python. Proven experience automating processes using Logic Apps, Playbooks, or Terraform. More ❯

Security Engineer who enjoys building, optimising, and automating SOC infrastructure. This role sits within a growing Cyber Defence operation where you’ll help design and maintain the platforms behind SIEM, EDR, SOAR, and threat intelligence tooling, improving detection coverage and enabling analysts to respond faster. Key responsibilities: Engineer and maintain SIEM, EDR, SOAR, and logging platforms. Develop automation and integrations More ❯

of greenfield Identity and Access Management and Privileged Access Management solutions. You'll provide hands-on technical leadership, ensure secure-by-design implementation, and contribute to the development of SIEM/SOC capabilities. Key Responsibilities Lead end-to-end IAM/PAM design and delivery. Integrate IAM/PAM telemetry into SIEM tooling. Provide technical oversight for MSPs and vendors. … OpenID Connect . Familiarity with ISO 27001, NIST CSF, CAF & GDPR . Experience leading or overseeing MSPs. Current SC clearance . Desirable: Knowledge of Microsoft Sentinel, Splunk, or Elastic SIEM . Experience in SOC build or cyber transformation projects. Degree/HND in a relevant STEM field. More ❯

Month Initial | Inside IR35 | Fully Remote Opus are working with a key client on a Security Engineer contract to support the implementation of Defender XDR including hands on configuration, SIEM integration and related security solutions. This initial 3-month contract can be completed on a fully remote basis and is determined as Inside IR35, offering £500–£525 per day. Key … Skills : Microsoft Defender XDR: Endpoint, Identity, Office 365, Cloud Apps Microsoft Sentinel: KQL, playbook development, SIEM optimisation Privileged Identity Management (PIM) and change control workflows Advanced threat detection, incident response, and threat hunting Log collection via Azure Monitoring Agent and Firewall Management Centre Responsibilities: Configure and fine-tune Microsoft Defender XDR in line with approved designs Participate in Microsoft FastTrack … engagements Integrate Defender XDR with Sentinel SIEM for enhanced detection and response Develop Kusto queries and automation playbooks Support PoC setup for Microsoft Copilot for Security Connect syslogs from on-prem servers and firewalls to Sentinel If this Security Engineer role sounds like a good fit, please apply with your most up to date CV and I’ll be in More ❯

controls supporting risk mitigation and contributing to the continual improvement of the business's security composure. Responsibilities: * Provide expertise on application, network and infrastructure security * Monitor security solutions including SIEM, threat detection and data security, endpoint protection, network analytics for alerts * Provide documentation for technical standards to meet corporate security policies/industry best practice * Perform security reviews, identify gaps … root cause of security issues and design appropriate solutions Required Experience: * Prior experience working within the security industry, with a strong background in M365 infrastructure. * Experience of working with SIEM tools * Exposure to email security tools (Sophos, O365 etc) * Excellent patch management skills (Intune SCCM, MECM Endpoint Manager and WSUS) * Experience with vulnerability scanning and management (Insight VM) * Experience with More ❯

hoc travel to other sites/data centres. The Role The Cyber Security Engineer will be joining the internal security team, monitoring and analysing real-time security events using SIEM tools to detect and respond to potential threats. The Cyber Security Engineer will conduct regular vulnerability assessments and penetration tests to identify and mitigate security risks and breaches, and will … virtualisation, etc. Hands-on experience in the management of IDS/IPS, Firewalls, VPN, EDR/XDR, mail filtering and other security products Experience of Security Information Event Management (SIEM) tools Any experience or knowledge of ISO27001 as well as with penetration testing/vulnerability scanning would be highly advantageous The list above is important, but not as important as More ❯

with the Cybersecurity Operations Centre (CSOC) and senior stakeholders to transition tools, operations, and people into a new operating model . Familiarity with security processes and tools such as SIEM and Microsoft Sentinel is essential.Location: London ( Hybrid - 1 day/week) Contract Length: Initial 3 months Rate: TBC (inside IR35) Start: ASAP Key Responsibilities Manage the transition of security tools … governance. Skills & Experience A strong understanding of security operations, frameworks and terminology is essential. Experience with CSOC is essential. Proven track record in operating model transitions . Familiarity with SIEM tools and Microsoft Sentinel . Excellent stakeholder management skills at senior levels. Telco industry experience. Experience in large-scale security programs. If you're interested in this role, click 'apply More ❯