26 to 50 of 76 SIEM Jobs in the South East

and packet (PCAP) analysis Familiarity with Windows and/or Linux investigations Clear and structured documentation of technical findings Desired Skills Basic scripting (e.g., Python, Bash, PowerShell) Experience creating SIEM rules or detection logic Exposure to cloud environments and related attack vectors Knowledge of threat hunting methods and MITRE ATT&CK Interest or experience in cross-functional collaboration (e.g., Threat More ❯

and packet (PCAP) analysis Familiarity with Windows and/or Linux investigations Clear and structured documentation of technical findings Desired Skills Basic scripting (e.g., Python, Bash, PowerShell) Experience creating SIEM rules or detection logic Exposure to cloud environments and related attack vectors Knowledge of threat hunting methods and MITRE ATT&CK Interest or experience in cross-functional collaboration (e.g., Threat More ❯

to cybersecurity threats in a proactive and efficient manner. Key Responsibilities: Security Architecture & Implementation Design, deploy, and manage security solutions including firewalls, intrusion detection/prevention systems, endpoint protection, SIEM, and identity management platforms. Implement secure network architecture and enforce segmentation and least-privilege access controls. Support secure cloud environments across Azure, AWS, or GCP (e.g., IAM, security groups, encryption … Certifications (Preferred): CompTIA Security+, CEH, OSCP, CISSP, CCSP, Azure/AWS security certifications. Skills & Competencies Strong knowledge of network security (TCP/IP, VPNs, DNS, firewalls). Experience with SIEM tools (e.g., Splunk, Sentinel, QRadar) and EDR platforms. Familiarity with scripting or automation (PowerShell, Python, Bash). Understanding of secure cloud architecture and Zero Trust principles. Ability to analyze complex More ❯

for clients, as they work to address the challenges associated with today’s cyber threat landscape. Your Impact SOC Advisory: 4+ years of consulting experience in SOC, security engineering, SIEM administration, and incident management and demonstrated success with serving large, multinational organisations in designing and implementing an organisation’s security operations program, organisational structures, and capabilities Possess a deep technical … knowledge in Security Incident and Event Management (SIEM) platforms, Security Orchestration and Response (SOAR) technologies, Endpoint Protection and Response/Next Gen Protection and Response (EDR/XDR) tools, Next GenFirewalls, Threat Intelligence and Hunting platforms Defensive Security Skills (desired) : Experience in security operations design, engineering and/or analysis and investigations, ideally in complex environments, with security event correlations More ❯

for clients, as they work to address the challenges associated with today’s cyber threat landscape. Your Impact SOC Advisory: 4+ years of consulting experience in SOC, security engineering, SIEM administration, and incident management and demonstrated success with serving large, multinational organisations in designing and implementing an organisation’s security operations program, organisational structures, and capabilities Possess a deep technical … knowledge in Security Incident and Event Management (SIEM) platforms, Security Orchestration and Response (SOAR) technologies, Endpoint Protection and Response/Next Gen Protection and Response (EDR/XDR) tools, Next GenFirewalls, Threat Intelligence and Hunting platforms Defensive Security Skills (desired) : Experience in security operations design, engineering and/or analysis and investigations, ideally in complex environments, with security event correlations More ❯

SABSA & TOGAF Experience following the green book five case model would be a plus and certifications such as: CCP, CISMP, CISSP, CREST. Identity management and federation, public key infrastructure, SIEM, cryptography, firewalls, vulnerability scanning. A varied background, diverse programme exposure and a security-based master’s degree or alternatively STEM degree are needed with an ability to demonstrate your capability More ❯

Defender XDR, Microsoft Sentinel, and Tenable One, ensuring these platforms are aligned with security best practices and operational readiness standards. The Role: The role requires strong technical expertise across SIEM, EDR, and Vulnerability Management technologies Combined with consultative experience in capacity planning, architectural design, and gap analysis This position bridges the gap between pre-sales design and post-implementation operations More ❯

routing, and security protocols who can also present to non-technical audiences. Essential experience: L2–L4 networking: TCP/IP, switching, OSPF, BGP, VRRP Security: stateful firewalls, UTM, IPSec, SIEM, SOC Strong communication, presentation, and technical documentation skills Experience in customer-facing solution design and demos Excellent organisational and problem-solving abilities Ability to manage multiple projects under pressure CCNA More ❯

routing, and security protocols who can also present to non-technical audiences. Essential experience: L2–L4 networking: TCP/IP, switching, OSPF, BGP, VRRP Security: stateful firewalls, UTM, IPSec, SIEM, SOC Strong communication, presentation, and technical documentation skills Experience in customer-facing solution design and demos Excellent organisational and problem-solving abilities Ability to manage multiple projects under pressure CCNA More ❯

would be the main focus of the role. Strong expertise with Microsoft Defender and Sentinel is needed. Key Skills & Experience from the Security Analyst: Strong experience with Microsoft Sentinel (SIEM) and Microsoft Defender suite (Defender for Endpoint, Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within More ❯

technical audiences. Proven experience leading client-facing security reviews . Desirable CISSP, CISM , or equivalent certifications. Experience auditing or delivering compliance frameworks. Familiarity with RMM/XDR/EDR , SIEM, and vulnerability scanning platforms. Background in mentoring or managing small teams. Exposure to incident response and tabletop exercises. Reasonable Adjustments: Respect and equality are core values to us. We are More ❯

L4 TCP/IP Stack L2 & L3 Switching concepts IP routing technologies such as OSPF & BGP Redundancy protocols such as VRRP Security principles such as Stateful Firewall, UTM, IPSec & SIEM Wireless principles such as SSIDs, Encryption & Authentication Excellent written and oral communication skills; including the ability to translate technical jargon for a non-technical audience and vice-versa. Excellent organization More ❯

and securing platforms such as Entra ID (Azure AD), Microsoft 365 E5, Azure IaaS/PaaS, Windows/Linux/Unix. o Strong knowledge of security tooling such as SIEM, endpoint detection (EDR/XDR), and vulnerability management platforms. o Hands-on experience with policy development, access control models (RBAC, ABAC), and logging standards. o Experience supporting assurance activities or … security vetting to SC level. Desirable o Experience working in a regulated or government environment, particularly within research, energy, or national infrastructure. o Knowledge of Incident Management, Vulnerability Assessments, SIEM & SOC Systems. o Knowledge of OT/ICS/SCADA security principles and industrial control environments. o Experience designing or reviewing secure software supply chain and CI/CD security. More ❯

Permanent Salary: Up to £78,500 (DOE) + Bonus Working arrangement: Hybrid Office Location: Portsmouth As a Senior Security Engineer, you will: Design, deploy, and maintain core SOC technologies (SIEM, EDR, SOAR, threat intelligence, and logging infrastructure). Develop and optimise detection use cases, correlation rules, and analytics content. Build and maintain automation workflows and integrations using automation platforms or … junior engineers and maintain documentation, diagrams, and standards. Required Experience/Skills: 5 years’ experience in a SOC, security engineering, or cyber operations role. Strong hands-on experience with SIEM or EDR platforms (e.g., Microsoft Sentinel, Splunk, Defender, CrowdStrike, Elastic). Expertise in building and tuning detection rules, dashboards, and automation playbooks. Proficiency in scripting or automation (KQL, PowerShell, Python More ❯

/experience: - 3rd line IT support background, ideally within an SME environment - Windows Server (Active Directory, Group Policy) - Azure - Network support experience (including routing and switching) - IT security (antivirus, SIEM, vulnerability scanning, IAM, Firewalls More ❯

financial/professional services - Windows Server (Active Directory, Group Policy) - Azure cloud - Virtualisation (VMware/Hyper-V) - Storage administration - Network support experience (including routing and switching) - IT security (antivirus, SIEM, vulnerability scanning, IAM, Firewalls) - Database administration More ❯

financial/professional services - Windows Server (Active Directory, Group Policy) - Azure cloud - Virtualisation (VMware/Hyper-V) - Storage administration - Network support experience (including routing and switching) - IT security (antivirus, SIEM, vulnerability scanning, IAM, Firewalls) - Database administration More ❯

TTPs), with expertise in the MITRE ATT&CK Framework. Hands-on technical knowledge in cyber detection engineering, security tools, and infrastructure. Skilled in Detection-as-Code and experienced with SIEM query languages. Confident communicator with experience working alongside global technical teams and senior stakeholders. Proactive, collaborative, and driven by curiosity and continuous improvement. Why QBE? At My Best At QBE More ❯

SOAR) etc. to analyse events that occur within the environments. Respond to and correlate alerts from various detective and preventative Cyber Security tools such as Security Information Event Monitoring (SIEM), End Point Protection (EPP), End Point Detection and Response (EDR), XDR (Extended DR), Web Application Firewall (WAF), and Firewalls. Proactively detect suspicious activity, vulnerabilities, and security misconfigurations before they can … from me? Experience of Sentinel, Microsoft XDR and Microsoft Defender variants, and Elastic Security, or displays aptitude to learn how to work with a SIEM. Experience and knowledge of SIEM tools, Cyber Security Incident Response, Vulnerability Management and Cyber Threat Intelligence. Experience of investigating Cyber Security incidents and supporting root cause analysis or can demonstrate transferable skills and acumen to More ❯

managed services, or SaaS). Strong communication skills, with confidence in executive-level and technical conversations. Experience supporting renewals and structured success planning. Familiarity with cybersecurity concepts such as SIEM and EDR, and managed security services. If you’re ready to make a real impact and grow your career in a supportive, forward-thinking environment, apply today More ❯

Azure AD, MFA, Conditional Access, SSO, and Privileged Access Management (PAM). • Lead threat monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. • Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). • Conduct regular security risk assessments, penetration tests, and vulnerability management across cloud services. … Azure AD, MFA, Conditional Access, Single Sign-On (SSO), and Privileged Access Management (PAM). • Threat Management & Incident Response: Ability to detect, respond to, and mitigate cyber threats using SIEM, endpoint security, and vulnerability management tools. • Networking & Infrastructure Security: Understanding of firewalls, VPNs, SD-WAN, DNS security, endpoint protection, and cloud security controls. • IT Service Management & Automation: Experience implementing ITIL More ❯

in Computer Science, Cybersecurity, IT, or a related discipline, or equivalent professional experience. Industry-recognised certifications such as CISSP, GIAC/GCIA/GCIH, AZ-500, CEH, CASP+, or SIEM-specific training. Strong knowledge of SIEM, SOAR, EDR, IDS/IPS, NAC, DLP, and related security technologies. Familiarity with frameworks such as MITRE ATT&CK, NIST, CIS, and ISO/ More ❯

in Computer Science, Cybersecurity, IT, or a related discipline, or equivalent professional experience. Industry-recognised certifications such as CISSP, GIAC/GCIA/GCIH, AZ-500, CEH, CASP+, or SIEM-specific training. Strong knowledge of SIEM, SOAR, EDR, IDS/IPS, NAC, DLP, and related security technologies. Familiarity with frameworks such as MITRE ATT&CK, NIST, CIS, and ISO/ More ❯

experience focusing on key customer accounts and delivering value to strategic accounts in the cybersecurity industry Extensive platform selling experience in complex sales with multiple buying centers Experience selling SIEM, EDR, or CNAPP (DevSecOps, CloudOps) solutions is highly preferred Established trusted relationships with CIOs and CISOs with the ability to influence and drive strategic conversations Expertise in applying complex solution More ❯

experience focusing on key customer accounts and delivering value to strategic accounts in the cybersecurity industry Extensive platform selling experience in complex sales with multiple buying centers Experience selling SIEM, EDR, or CNAPP (DevSecOps, CloudOps) solutions is highly preferred Established trusted relationships with CIOs and CISOs with the ability to influence and drive strategic conversations Expertise in applying complex solution More ❯