be eligible to go through DV clearance as well. We are seeking someone with profound SOC experience, particularly at SOC Level 2. Mastery of SIEM tools such as Microsoft Sentinel and Splunk is crucial, along with a deep understanding of network protocols and infrastructure, including TCP/IP, VPNs, and … this pivotal role, you will lead incident response initiatives, refine detection mechanisms, and mentor junior analysts. Key responsibilities include: Analysing security incidents using advanced SIEM platforms (Microsoft Sentinel, Splunk) Leading incident response and fortifying detection and containment strategies Tuning and maintaining detection rules, leveraging frameworks like Mitre Att&ck Collaborating More ❯
Gosport, Hampshire, South East, United Kingdom Hybrid / WFH Options
Walsh Employment
analysis, and improvement of cybersecurity postures. Essential Skills and Experience: Proven experience in a Security Operations Centre (SOC) environment Strong hands-on expertise with SIEM tools such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ) Skilled in incident response and … at the forefront of digital defenceleading incident response, improving detection mechanisms, and mentoring junior analysts. Your responsibilities will include: Analysing security incidents using advanced SIEM platforms ( Microsoft Sentinel , Splunk ) Leading incident response and driving improvements in detection and containment strategies Tuning and maintaining detection rules, using threat frameworks like Mitre More ❯
security reports and advisories to key stakeholders. Residual Risk Assessment: Deliver post-incident analysis, technical lessons learned, and reporting to assess residual risk. Advanced SIEM Tuning: Refine and tune SIEM tools to reduce false positives and detect more sophisticated threats, ensuring optimal alert configurations. Automating Response Actions: Develop and improve … in securityevent analysis and incident response. Deep knowledge of IPv4/IPv6, TCP networking protocols, and the OSI model. Expertise in security tools: SIEM (ArcSight, Sentinel, QRadar, Splunk), EDR (Microsoft Defender, FireEye), IDS/IPS, firewalls, proxies, web application firewalls, and anti-virus technologies. Strong knowledge of Linux andMore ❯
security reports and advisories to key stakeholders. Residual Risk Assessment: Deliver post-incident analysis, technical lessons learned, and reporting to assess residual risk. Advanced SIEM Tuning: Refine and tune SIEM tools to reduce false positives and detect more sophisticated threats, ensuring optimal alert configurations. Automating Response Actions: Develop and improve … in securityevent analysis and incident response. Deep knowledge of IPv4/IPv6, TCP networking protocols, and the OSI model. Expertise in security tools: SIEM (ArcSight, Sentinel, QRadar, Splunk), EDR (Microsoft Defender, FireEye), IDS/IPS, firewalls, proxies, web application firewalls, and anti-virus technologies. Strong knowledge of Linux andMore ❯
doing: Conduct thorough tests on infrastructure, networks, systems, and web applications Lead security assessments, identifying vulnerabilities and ensuring effective remediation strategies Utilise tools for SIEM, Data Loss Prevention (DLP), and endpoint detection and response (EDR) to monitor and protect systems Collaborate effectively with third-party vendors to maintain trusted securityMore ❯
doing: Conduct thorough tests on infrastructure, networks, systems, and web applications Lead security assessments, identifying vulnerabilities and ensuring effective remediation strategies Utilise tools for SIEM, Data Loss Prevention (DLP), and endpoint detection and response (EDR) to monitor and protect systems Collaborate effectively with third-party vendors to maintain trusted securityMore ❯
doing: Conduct thorough tests on infrastructure, networks, systems, and web applications Lead security assessments, identifying vulnerabilities and ensuring effective remediation strategies Utilise tools for SIEM, Data Loss Prevention (DLP), and endpoint detection and response (EDR) to monitor and protect systems Collaborate effectively with third-party vendors to maintain trusted securityMore ❯
doing: Conduct thorough tests on infrastructure, networks, systems, and web applications Lead security assessments, identifying vulnerabilities and ensuring effective remediation strategies Utilise tools for SIEM, Data Loss Prevention (DLP), and endpoint detection and response (EDR) to monitor and protect systems Collaborate effectively with third-party vendors to maintain trusted securityMore ❯
Experience of working in a secure environment. Your transferable skills and experience: Familiarity with Cloud solutions, virtualisation technologies and SDN. Enterprise tooling such as SIEM, Anti-Malware, System Monitoring and Altering. Familiarity with Active Directory and GPOs. Understanding of PKI/Cryptography. Understanding/Experience of network devices and concepts More ❯
london, south east england, United Kingdom Hybrid / WFH Options
83zero
Strong documentation skills (Microsoft Word, Project, Visio) and a grasp of Enterprise Architecture methods like TOGAF (desirable). Familiarity with secure Internet solutions (firewalls, SIEM), LAN environments, and cloud architectures (public/private) is a plus. Knowledge of sector-specific networks such as HSCN, PSN, or JANET is highly advantageous. More ❯
management support, antivirus monitoring, and helping to close security-related incidents. Key Responsibilities: 🔍 Security Monitoring & Analysis Review, monitor, and analyze daily security logs using SIEM tools (e.g., Splunk, Sentinel, Defender). Identify false positives, escalate true positives, and assist in incident investigations. Support service desk and IT teams with closing … role, preferably in a corporate or regulated environment. Strong understanding of security incident handling, log analysis, and common attack vectors. Hands-on experience with SIEM tools, antivirus platforms, and vulnerability scanners. Good understanding of basic networking, firewalls, and endpoint security principles. Strong written and verbal communication skills. Ability to prioritize More ❯
london, south east england, United Kingdom Hybrid / WFH Options
Intaso
Lead integration of IT and OT monitoring solutions. Build OT-specific detection and response capabilities, including custom playbooks. Technology Implementation Oversee global deployment of SIEM (e.g., Splunk, Graylog, Wazuh), SOAR, EDR, and Threat Intel platforms. Vendor & Team Management Act as the primary contact for the outsourced SOC provider; manage SLAs … e.g., NIST, ISO, GDPR). Stay ahead of evolving cyber threats and trends. Ideal Candidate Strong Linux and open-source experience. Technical expertise with SIEM, SOAR, EDR, and OT protocols Familiar with SCADA/ICS environments and MITRE ATT&CK framework. Skilled in incident response, threat hunting, SLA management, andMore ❯
the forefront of digital defence-leading incident response, improving detection mechanisms, and mentoring Junior Analysts. Your responsibilities will include: Analysing security incidents using advanced SIEM platforms (Microsoft Sentinel, Splunk) Leading incident response and driving improvements in detection and containment strategies Tuning and maintaining detection rules, using threat frameworks like Mitre … in a Security Operations Centre (SOC) environment Previous experience working as a SOC Level 2/Cyber Security Analyst Strong hands-on expertise with SIEM tools such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (eg TCP/IP, VPNs, Firewalls) Skilled in incident response andMore ❯
the forefront of digital defence-leading incident response, improving detection mechanisms, and mentoring Junior Analysts. Your responsibilities will include: Analysing security incidents using advanced SIEM platforms (Microsoft Sentinel, Splunk) Leading incident response and driving improvements in detection and containment strategies Tuning and maintaining detection rules, using threat frameworks like Mitre … in a Security Operations Centre (SOC) environment Previous experience working as a SOC Level 2/Cyber Security Analyst Strong hands-on expertise with SIEM tools such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (eg TCP/IP, VPNs, Firewalls) Skilled in incident response andMore ❯
the forefront of digital defence-leading incident response, improving detection mechanisms, and mentoring Junior Analysts. Your responsibilities will include: Analysing security incidents using advanced SIEM platforms (Microsoft Sentinel, Splunk) Leading incident response and driving improvements in detection and containment strategies Tuning and maintaining detection rules, using threat frameworks like Mitre … in a Security Operations Centre (SOC) environment Previous experience working as a SOC Level 2/Cyber Security Analyst Strong hands-on expertise with SIEM tools such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (eg TCP/IP, VPNs, Firewalls) Skilled in incident response andMore ❯
the forefront of digital defence-leading incident response, improving detection mechanisms, and mentoring Junior Analysts. Your responsibilities will include: Analysing security incidents using advanced SIEM platforms (Microsoft Sentinel, Splunk) Leading incident response and driving improvements in detection and containment strategies Tuning and maintaining detection rules, using threat frameworks like Mitre … in a Security Operations Centre (SOC) environment Previous experience working as a SOC Level 2/Cyber Security Analyst Strong hands-on expertise with SIEM tools such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (eg TCP/IP, VPNs, Firewalls) Skilled in incident response andMore ❯
and externally Familiarity with ISO 27001, Cyber Essentials, Azure Cloud Platform, Mimecast, Microsoft defender, Fortinet Platforms (FortiAnalyzer). EDR: CrowdStrike, Microsoft Defender for Endpoint SIEM: Microsoft Sentinel, CrowdStrike Next-Gen SIEM Ensure Department/Contract meets SLA performance targets. Improve and maintain customer experience, satisfaction and retention. Ensure compliance of More ❯
and externally Familiarity with ISO 27001, Cyber Essentials, Azure Cloud Platform, Mimecast, Microsoft defender, Fortinet Platforms (FortiAnalyzer). EDR: CrowdStrike, Microsoft Defender for Endpoint SIEM: Microsoft Sentinel, CrowdStrike Next-Gen SIEM Ensure Department/Contract meets SLA performance targets. Improve and maintain customer experience, satisfaction and retention. Ensure compliance of More ❯
and externally Familiarity with ISO 27001, Cyber Essentials, Azure Cloud Platform, Mimecast, Microsoft defender, Fortinet Platforms (FortiAnalyzer). EDR: CrowdStrike, Microsoft Defender for Endpoint SIEM: Microsoft Sentinel, CrowdStrike Next-Gen SIEM Ensure Department/Contract meets SLA performance targets. Improve and maintain customer experience, satisfaction and retention. Ensure compliance of More ❯
and externally Familiarity with ISO 27001, Cyber Essentials, Azure Cloud Platform, Mimecast, Microsoft defender, Fortinet Platforms (FortiAnalyzer). EDR: CrowdStrike, Microsoft Defender for Endpoint SIEM: Microsoft Sentinel, CrowdStrike Next-Gen SIEM Ensure Department/Contract meets SLA performance targets. Improve and maintain customer experience, satisfaction and retention. Ensure compliance of More ❯
and externally Familiarity with ISO 27001, Cyber Essentials, Azure Cloud Platform, Mimecast, Microsoft defender, Fortinet Platforms (FortiAnalyzer). EDR: CrowdStrike, Microsoft Defender for Endpoint SIEM: Microsoft Sentinel, CrowdStrike Next-Gen SIEM Ensure Department/Contract meets SLA performance targets. Improve and maintain customer experience, satisfaction and retention. Ensure compliance of More ❯
london, south east england, United Kingdom Hybrid / WFH Options
Korn Ferry
/Open API specs for vulnerabilities Advise on secure API design patterns Familiar with fallback controls such as WAF's, API gateways Experience using SIEM/logging tools to track API threats Familiarity with NIST, OWASP SAMM, or internal security frameworks Experience producing risk dashboards/reports for API's More ❯
/Open API specs for vulnerabilities Advise on secure API design patterns Familiar with fallback controls such as WAF's, API gateways Experience using SIEM/logging tools to track API threats Familiarity with NIST, OWASP SAMM, or internal security frameworks Experience producing risk dashboards/reports for API's More ❯
london (city of london), south east england, United Kingdom Hybrid / WFH Options
Korn Ferry
/Open API specs for vulnerabilities Advise on secure API design patterns Familiar with fallback controls such as WAF's, API gateways Experience using SIEM/logging tools to track API threats Familiarity with NIST, OWASP SAMM, or internal security frameworks Experience producing risk dashboards/reports for API's More ❯
london (west end), south east england, United Kingdom Hybrid / WFH Options
Korn Ferry
/Open API specs for vulnerabilities Advise on secure API design patterns Familiar with fallback controls such as WAF's, API gateways Experience using SIEM/logging tools to track API threats Familiarity with NIST, OWASP SAMM, or internal security frameworks Experience producing risk dashboards/reports for API's More ❯
