51 to 75 of 88 SIEM Jobs in the South East

Strong knowledge of network protocols, firewalls, VPNs, and cloud networking (APIM, NSG, Logic Apps, Function Apps, Azure Portal, App Insight). - Familiarity with security tools such as ASPM (Bionic), SIEM, and certifications like Cyber Essentials to demonstrate competence in security practices and - Experience with user journey monitoring tools such as NewRelic. About SSE SSE has a bold ambition - to be More ❯

TTPs), with expertise in the MITRE ATT&CK Framework. Hands-on technical knowledge in cyber detection engineering, security tools, and infrastructure. Skilled in Detection-as-Code and experienced with SIEM query languages. Confident communicator with experience working alongside global technical teams and senior stakeholders. Proactive, collaborative, and driven by curiosity and continuous improvement. Why QBE? At My Best At QBE More ❯

that interoperate and adapt to defend through the Sophos Central platform. Secureworks provides the innovative, market-leading Taegis XDR/MDR, identity threat detection and response (ITDR), next-gen SIEM capabilities, managed risk, and a comprehensive set of advisory services. Sophos sells all these solutions through reseller partners, Managed Service Providers (MSPs) and Managed Security Service Providers (MSSPs) worldwide, defending More ❯

background in Managing IR Cases/Projects Strong knowledge of cyber security threats, attack vectors, IOC, remediation. Hands-on experience with a range of different forensic tools, ELK, EDR, SIEM, and log analysis, Open Source Toolkits Comfortable communicating with both technical and non-technical stakeholders during high-stress situations. You must have excellent communication skills. You must be adaptable, resilient More ❯

be considered Experience supporting bids, tenders, or large change requests Familiarity with secure infrastructure solutions and protocols Strong understanding of routing, switching, and network management technologies Exposure to Fortinet, SIEM solutions, or secure network tooling is advantageous Certifications (e.g. CCNA/CCNP, JNCIS/JNCIP) are desirable but not essential What's on Offer Salary up to More ❯

LLDs) • Familiarity with estimating BOMs, licensing, and resource efforts • Previous experience working on bids or large-scale technical projects Bonus points if you have experience with Network Management or SIEM tools. If you enjoy solving problems, thrive in a fast-moving environment, and want to contribute to meaningful projects, we'd love to hear from you. Immediate interviews and start More ❯

experience as a Pre-Sales Network Architect , with strong design documentation skills. Knowledge of routing protocols and secure infrastructure standards. Experience with Cisco, Juniper, and Fortinet technologies. Exposure to SIEM or Network Management tooling is advantageous. Must hold SC clearance and be eligible for higher-level UK security vetting. A Pre-Sales Network Architect with a passion for secure, scalable More ❯

architectural documentation Vendor experience with Juniper, Cisco, or Fortinet is strongly desired Familiarity with pre-sales processes or working on bids/change projects Exposure to Network Management or SIEM tools is beneficial Certifications (e.g. CCNP, JNCIP) are a plus, but not essential Clearance Requirements: Must be eligible for SC clearance and willing to undergo DV clearance Once DV is More ❯

from a variety of industry leaders Experienced at working on bids and large or complex changes Excellent understanding of a variety of networks and routing protocols Network management or SIEM designs, tooling or support This contract is based on-site in Baskingstoke, some travel may be required. This is a great opportunity for an experienced Pre-Sales Network Architect. Due More ❯

Senior Sentinel SIEM Engineer Havant or Reading - (Hybrid - 1 day a week in the office) Duration: 6 months Contract - Inside IR35 Are you a seasoned SIEM (Security Information and Event Monitoring) Engineer looking to take your career to new heights? This company is seeking a talented and driven individual to join their dynamic team as a Senior Sentinel SIEM Engineer. … As the Senior Sentinel SIEM Engineer, you will be responsible for maintaining and enhancing the company's SIEM platform. This includes on boarding log sources, developing analytical rules, creating automation for triage and remediation, and integrating with other IT and Operational Technology platforms. You will be a key player in ensuring the security monitoring platform operates at optimal performance, scalability … plan and implement solutions for security monitoring. Design, implement, and maintain detection rules set to identify potential security threats. Scope, plan, and track log integration's to expand the SIEM platform's capabilities. Guide, develop, and grow the SIEM Engineering team, fostering a collaborative and innovative environment. Collaborate with the Threat Detection & Response team to ensure the SIEM platform supports More ❯

detailed records of incidents, access violations, and remediation actions. • Perform risk assessments, policy reviews and development, and continuous improvement of security operations. Cybersecurity Management: • Supervise technological security measures including SIEM, DLP, IDS/IPS, Firewall, WAF, cryptological mechanisms, EDR • Analyse security alerts and conduct technical incident investigations. • Run and monitor vulnerability tests and periodic scans of key assets • Collaborate on … developing and implementing security policies and procedures to meet ISO and other standards. Experience in protecting confidential and sensitive information. Working knowledge of networks, operating systems, firewalls, proxies, EDR, SIEM, Cryptology and AI. Experience in crisis management and incident response. Up-to-date knowledge of emerging security trends and technologies. Ability to develop and integrate contingency plans. Experience in Cybersecurity More ❯

or Account Management in tech, SaaS, or managed services Strong communicator with executive and technical stakeholders Track record with renewals and structured success plans Bonus: knowledge of cybersecurity including SIEM, EDR, and MSS This is your chance to shape Customer Success from day one. 🌍 👉 Apply now More ❯

or Account Management in tech, SaaS, or managed services Strong communicator with executive and technical stakeholders Track record with renewals and structured success plans Bonus: knowledge of cybersecurity including SIEM, EDR, and MSS This is your chance to shape Customer Success from day one. 🌍 👉 Apply now More ❯

or Account Management in tech, SaaS, or managed services Strong communicator with executive and technical stakeholders Track record with renewals and structured success plans Bonus: knowledge of cybersecurity including SIEM, EDR, and MSS This is your chance to shape Customer Success from day one. 🌍 👉 Apply now More ❯

to Azure. You'll lead threat modelling and threat hunting activities to proactively discover potential compromises, work with external teams on penetration tests and red team engagements and manage SIEM and XDR tooling, establish processes and workflows to support incident response SOC. Location/WFH: You'll join colleagues in the Central London office for two days a week with … have experience of securing web applications, Windows, Active Directory and M365 environments You have a good knowledge of cloud security, GCP or Azure preferred, AWS also considered You have SIEM and EDR/XDR systems including Splunk and CrowdStrike You have a good knowledge of networking principles You are degree educated in Computer Science or closely related discipline You're More ❯

role for you. Key Responsibilities Lead security incident response and threat detection efforts, prioritising the protection of customer data and experience Build automated detection and remediation workflows using SOAR, SIEM, and scripting (Python, SQL) Apply deep cloud security knowledge (AWS, Azure) to secure ecommerce, mobile apps, APIs, and in-store systems Collaborate with Fraud and Customer Experience teams to mitigate … response during critical events Key requirements: Proven Experience: 4+ years in Security Operations or Incident Response, ideally in ecommerce, retail, or fintech environments Technical Depth: Hands-on expertise with SIEM, SOAR, EDR, automation tools, Python, SQL, and cloud-native security tooling Cloud Security: Strong knowledge of AWS and Azure, especially services like WAF, Shield, IAM, and API Gateway Forensic Skills … Exciting Purpose-Driven Impact: Your work directly protects customer data, accounts, and transactions—making every wellness journey safer. Cutting-Edge Tools: Leverage a modern stack including AWS, Azure, SOAR, SIEM, EDR, and cloud-native security solutions. Cross-Team Collaboration: Partner with Fraud, Customer Experience, Engineering, and Digital to stop threats before they start. Automation-Led Security: Drive rapid detection and More ❯

management. Key Responsibilities: Develop, implement, and maintain a robust cybersecurity strategy and governance framework aligned with business and regulatory requirements. Oversee technical security controls including firewalls, IDS/IPS, SIEM, IAM, endpoint protection, and cloud security (Azure, AWS). Lead threat detection, incident response, and recovery, ensuring minimal business disruption. Manage patching processes, AI-driven email intelligence tools, and network … threat detection, incident response, and vulnerability management. Strong knowledge of security frameworks (ISO 27001, NIST, CIS Controls) and regulatory compliance requirements (GDPR, NIS2). Hands-on expertise with firewalls, SIEM, IAM, IDS/IPS, and cloud security. Strong understanding of networking, infrastructure, and application security. Experience in OT security or within a data centre environment is advantageous. Why Join Us More ❯

management. Key Responsibilities: Develop, implement, and maintain a robust cybersecurity strategy and governance framework aligned with business and regulatory requirements. Oversee technical security controls including firewalls, IDS/IPS, SIEM, IAM, endpoint protection, and cloud security (Azure, AWS). Lead threat detection, incident response, and recovery, ensuring minimal business disruption. Manage patching processes, AI-driven email intelligence tools, and network … threat detection, incident response, and vulnerability management. Strong knowledge of security frameworks (ISO 27001, NIST, CIS Controls) and regulatory compliance requirements (GDPR, NIS2). Hands-on expertise with firewalls, SIEM, IAM, IDS/IPS, and cloud security. Strong understanding of networking, infrastructure, and application security. Experience in OT security or within a data centre environment is advantageous. Why Join Us More ❯

management. Key Responsibilities: Develop, implement, and maintain a robust cybersecurity strategy and governance framework aligned with business and regulatory requirements. Oversee technical security controls including firewalls, IDS/IPS, SIEM, IAM, endpoint protection, and cloud security (Azure, AWS). Lead threat detection, incident response, and recovery, ensuring minimal business disruption. Manage patching processes, AI-driven email intelligence tools, and network … threat detection, incident response, and vulnerability management. Strong knowledge of security frameworks (ISO 27001, NIST, CIS Controls) and regulatory compliance requirements (GDPR, NIS2). Hands-on expertise with firewalls, SIEM, IAM, IDS/IPS, and cloud security. Strong understanding of networking, infrastructure, and application security. Experience in OT security or within a data centre environment is advantageous. Why Join Us More ❯

and responding to security incidents. Your responsibilities will include: Controlling communications at external and internal system boundaries using firewalls, Intrusion Protection Systems (IPS), and Security Information and Event Management (SIEM) tools. Updating and maintaining network access control (NAC) and antivirus solutions. Monitoring and reviewing logs to detect unauthorized access attempts and ensure compliance with security policies. Maintaining accurate records of More ❯

and responding to security incidents. Your responsibilities will include: Controlling communications at external and internal system boundaries using firewalls, Intrusion Protection Systems (IPS), and Security Information and Event Management (SIEM) tools. Updating and maintaining network access control (NAC) and antivirus solutions. Monitoring and reviewing logs to detect unauthorized access attempts and ensure compliance with security policies. Maintaining accurate records of More ❯

an ad-hoc basis. What will you do as a Senior Security Engineer? Take over the full lifecycle of Splunk Enterprise Security management, followed by the ownership of the SIEM once implemented Onboard Splunk log sources, proactively support Splunk, liaise with stakeholders and improve efficiency Partner with the new MSSP as the business transitions – Covering SOC duties on an ad … the business/group from a security perspective Automate tasks and processes to make life easier What skills do you need as a Senior Security Engineer? Splunk Enterprise Security SIEM expertise (full lifecycle ideal) Microsoft Defender for EDR/XDR/MDR Nessus for vulnerability management Mimecast for email security SCCM/Intune for patch management L3/L4 Incident More ❯

a strong customer-first mindset. 4+ years of experience as a Support Engineer, demonstrating a strong customer-centric approach. Previous experience with Endpoint Security software is required. In-depth SIEM experience, including: A deep understanding of how SIEMs work Experience creating custom collections and data parsing Proficiency in creating complex correlation rules, reports, and dashboards Experience with SIEM integration and More ❯

integrity of core systems and platforms. You will work closely with the SOC Manager across daily activities of the Security Operations Center, continuously monitoring security alerts and incidents using SIEM tools (Splunk) to create detection use cases, analyse security event data for proactive threat hunting and conduct research on the latest threats and vulnerabilities to enhance incident response readiness and … About you: You are degree educated in Cyber Security or Computer Science You have strong experience in Security Operations and Incident Response You have experience of performing analysis with SIEM technologies, Splunk preferred You have experience with proactive threat hunting using MITRE ATT&CK or similar frameworks You have a deep understanding of security appliances/tools such as host More ❯

nights (6pm6am), 4 days off . Essential Skills and Experience: Proven experience in a Security Operations Centre (SOC) environment Previous people management or line management experience Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk Knowledge and use of the Mitre Att&ck Framework for detection and threat analysis In-depth understanding of: Client-server applications and multi-tier … Active DV Clearance Scripting or programming with Python , Perl , Bash , PowerShell , or C++ Recognised certifications such as CREST Practitioner Intrusion Analyst or Blue Team Level 1 Familiarity with additional SIEM technologies, especially QRadar Role & Responsibilities As a SOC Shift Lead , you will ensure the smooth operation and continual enhancement of SOC processes and personnel. You will play a pivotal role More ❯