51 to 75 of 75 SIEM Jobs in the South East

to deliver security operations Lead advance thread detection and incident resp0onse Onboard new customers Manage the transition of services into BAU support Your background: Hands-on experience with customers SIEM and EDR and automation tooling Deep understanding of delivering cyber security services in an MSP setting SC100 Cyber Security Architect certification is highly desirable If you fit these key requirements More ❯

SOC Engineer to join their Public Sector & Government business unit, supporting a major Highways programme . The role will involve engineering and enhancing SOC capabilities, integrating security tools, tuning SIEM use cases, and ensuring that monitoring, detection, and response functions are optimised to meet government security standards. Key Details: £530 per day (Inside IR35). 6-month contract, ending 27th More ❯

from a variety of industry leaders Experienced at working on bids and large or complex changes Excellent understanding of a variety of networks and routing protocols Network management or SIEM designs, tooling or support This contract is based on-site in Baskingstoke, some travel may be required. This is a great opportunity for an experienced Pre-Sales Network Architect. Due More ❯

to lead complex projects and make a tangible impact? We're looking for a Senior Cyber Engineer, with experience in designing and deploying Rapid7 , SentinelOne, (or similar XDR, MDR, SIEM, ) in an AWS environment, for our clients growing team in Crawley click apply for full job details More ❯

have a large SOC team that can boast some very high profile clients within the Defence sector. Due to expansion, we have this new role for a Senior SOC SIEM Content Engineer with broad experience of Cyber. If you possess robust technical abilities and are eager to apply your expertise to the fullest extent, this opportunity is ideal for you. … maintaining security content such as rules, dashboards, and reports for our Security Information and Event Management (SIEM) systems. This role requires a strong understanding of security procedures and experience working with SIEM platforms and within an MSSP environments where you may be working across multiple operational customers and projects. Hybrid Variable: Working in Hemel Hempstead OR Farnborough 1 to … Cleared OR eligible for DV Clearance. What you'll be doing: Develop, deploy, and uphold security content (including rules, dashboards, and reports) for our SIEM system. Continuously monitor and analyse SIEM data to identify and respond to potential security threats. Collaborate with SOC Analysts, Architects, Project Managers & Engineers to improve the precision and efficiency of the SIEM materials. Stay up More ❯

while enabling the business to run smoothly. What you'll be doing: Implementing and maintaining security controls across network, cloud, endpoints, and core infrastructure Owning key technologies like firewalls, SIEM, EDR, VPN, NAC, and vulnerability scanners Driving vulnerability management and hardening across the estate Supporting and responding to security incidents across infrastructure services Embedding security into infrastructure changes (firewall rules … Strong background in infrastructure or network security within a complex enterprise environment Solid knowledge of: Firewalls, VPN, IDS/IPS, network security controls Endpoint security (EDR, anti-malware, DLP) SIEM tools (e.g. Splunk, Sentinel) Vulnerability management (e.g. Qualys, Tenable) Cloud (Azure and/or AWS) Hands-on experience supporting or responding to security incidents Familiarity with frameworks such as ISO More ❯

Optimization Continuously review, update, and document SOC processes, playbooks, and standard operating procedures (SOPs) to improve operational effectiveness. Technology Oversight Ensure the reliability and performance of security tools, including SIEM and EDR platforms. Lead the evaluation, selection, and implementation of new security technologies and enhancements. Reporting & Analytics Develop and maintain KPIs and metrics to assess SOC performance. Deliver regular reports … a Security Operations Centre (SOC) or related cybersecurity environment. Industry-recognised certifications (preferred), such as a cybersecurity degree, Network+, Security+, or equivalent technical qualifications. Strong hands-on knowledge of SIEM and EDR platforms, including experience configuring and writing queries (eg, SQL, KQL). Familiarity with cloud platforms (AWS, Azure, etc.) and securing hybrid IT environments. Excellent communication skills, both verbal More ❯

Optimization Continuously review, update, and document SOC processes, playbooks, and standard operating procedures (SOPs) to improve operational effectiveness. Technology Oversight Ensure the reliability and performance of security tools, including SIEM and EDR platforms. Lead the evaluation, selection, and implementation of new security technologies and enhancements. Reporting & Analytics Develop and maintain KPIs and metrics to assess SOC performance. Deliver regular reports … a Security Operations Centre (SOC) or related cybersecurity environment. Industry-recognised certifications (preferred), such as a cybersecurity degree, Network+, Security+, or equivalent technical qualifications. Strong hands-on knowledge of SIEM and EDR platforms, including experience configuring and writing queries (eg, SQL, KQL). Familiarity with cloud platforms (AWS, Azure, etc.) and securing hybrid IT environments. Excellent communication skills, both verbal More ❯

detailed analysis and containment strategies. Perform malware analysis, reverse engineering, and develop detection signatures. Integrate threat intelligence into SOC operations, staying ahead of emerging attack techniques. Manage and optimise SIEM tools (Splunk, QRadar, Microsoft Sentinel). Develop SOC use cases, runbooks, and playbooks to improve response capability. Collaborate with IT, legal, and management teams during incident response. Support pre-sales … scoping for new opportunities. Contribute to continual service improvement and security tool enhancements Skills & Experience Strong background in incident response, SOC operations, and security investigations. Hands-on expertise with SIEM tools (Splunk, QRadar, Microsoft Sentinel). Deep understanding of network traffic analysis, vulnerability management, and penetration testing. Knowledge of DFIR principles, malware reverse engineering, and digital forensics. Familiarity with ITIL More ❯

inside IR35 - Due to the service of the role, it will now be based on an Umbrella solution. Essential skills/experience required: 2+ years in security platform management ( SIEM, SOAR ). Expertise in enterprise-level monitoring and supporting large user bases (10,000+ users). Experience in creating/managing security playbooks and knowledge of public sector standards. Experience … adjustments at any point during the recruitment process or if there is a better way for us to communicate, please do let us know. Cyber, Security, Cybersecurity, Infosecurity, InfoSec, SIEM, Security Information Event Management, SOAR, Security Orchestration Automation Response, XSIAM, Extended Security Intelligence Automation Management, Security Check, Sc Level, Sc Cleared, Sc Clearance, Security Cleared, Security Clearance, Security Vetting Clearance More ❯

to lead complex projects and make a tangible impact? We're looking for a Senior Cyber Engineer, with experience in designing and deploying Rapid7 , SentinelOne, (or similar XDR, MDR, SIEM, ) in an AWS environment, for our clients growing team in Crawley. The role will be a mixture of office and remote based work, with travel to client sites where needed. … the cyber resilience function. What You'll Bring: Proven experience in threat intelligence, risk management, incident response, compliance (e.g., GDPR, ISO 27001), and security architecture. Hands-on experience with: SIEM Rapid7, InsightIDR XDR (SentinelOne preferred) Firewalls (Fortinet preferred) PAM (Delinea preferred) SSE/ZTNA (Netskope preferred) Cloud security/CNAPP SOAR Automation tools (Ansible, Terraform) A track record of leading … are interested in the above role - Click the 'Apply Now' button now for immediate review Senior Rapid7 Engineer, Rapid7 Engineer, Senior Rapid7 Engineer, Cyber Engineer, Cyber Architect, Rapid7, Delinea, SIEM, XDR, Sentinel, Fortinet Circle Recruitment is acting as an Employment Agency in relation to this vacancy. Earn yourself a referral bonus if you refer somebody else who fills the role More ❯

to lead complex projects and make a tangible impact? We're looking for a Senior Cyber Engineer, with experience in designing and deploying Rapid7 , SentinelOne, (or similar XDR, MDR, SIEM, ) in an AWS environment, for our clients growing team in Crawley. The role will be a mixture of office and remote based work, with travel to client sites where needed. … the cyber resilience function. What You'll Bring: Proven experience in threat intelligence, risk management, incident response, compliance (e.g., GDPR, ISO 27001), and security architecture. Hands-on experience with: SIEM Rapid7, InsightIDR XDR (SentinelOne preferred) Firewalls (Fortinet preferred) PAM (Delinea preferred) SSE/ZTNA (Netskope preferred) Cloud security/CNAPP SOAR Automation tools (Ansible, Terraform) A track record of leading … are interested in the above role - Click the 'Apply Now' button now for immediate review Senior Rapid7 Engineer, Rapid7 Engineer, Senior Rapid7 Engineer, Cyber Engineer, Cyber Architect, Rapid7, Delinea, SIEM, XDR, Sentinel, Fortinet Circle Recruitment is acting as an Employment Agency in relation to this vacancy. Earn yourself a referral bonus if you refer somebody else who fills the role More ❯

the cyber resilience function. What You'll Bring: Proven experience in threat intelligence, risk management, incident response, compliance (e.g., GDPR, ISO 27001), and security architecture. Hands-on experience with: SIEM Rapid7, InsightIDR XDR (SentinelOne preferred) Firewalls (Fortinet preferred) PAM (Delinea preferred) SSE/ZTNA (Netskope preferred) Cloud security/CNAPP SOAR Automation tools (Ansible, Terraform) A track record of leading … you are interested in the above role - Click the 'Apply Now' button now for immediate review Senior Cyber Consultant, Cyber Consultant, Senior Cyber Consultant, Senior Cyber Consultant, Rapid7, Delinea, SIEM, XDR, Sentinel, Fortinet Circle Recruitment is acting as an Employment Agency in relation to this vacancy. Earn yourself a referral bonus if you refer somebody else who fills the role More ❯

encryption technologies Adhere to enterprise governance review processes to deliver project goals deliverables Follow enterprise ITSM CMDB processes Monitor and analyze security s using Security Information and Event Management SIEM tools and respond to security incidents in a timely and effective manner Collaborate with cross functional teams to develop and enforce identity and access management IAM policies and network access … Zero Trust Network Access in ITOT environments Proficiency in configuring managing and troubleshooting firewalls Cisco Palo Alto etc Experience with intrusion detection/prevention systems as well as with SIEM tools and security incident response Excellent problem solving skills analytical thinking and the ability to communicate effectively with diverse stakeholders CERTIFICATIONS (any of below) Cisco Certified Network ProfessionalExpert in Security More ❯

other regulated industry) Are you a hands-on Security Engineer with strong Azure expertise? Were looking for an all-rounder who can bring deep knowledge of observability, IDAM, and SIEM/SOC integrations into a complex, regulated environment. This role sits at the heart of our cloud security strategy, working with modern tools and protocols to keep our platforms secure … scalable, and compliant. What youll be doing Leading security initiatives across Azure and hybrid environments Working with SIEM, SOC/NOC, and IDAM integrations Driving best practice with Microsoft Entra (Azure AD/IDAM protocols) Using and optimising tools like Sentinel, Splunk, Datadog, OpenTelemetry, and ELK Supporting observability, scanning, and incident response capabilities Tackling complex security challenges in a financial … What were looking for Proven experience as a Security Engineer , ideally in financial services or insurance Strong knowledge of Azure security and cloud-native security tools Hands-on with SIEM, SOC/NOC, IDAM, and observability frameworks Experience with Microsoft Entra, Sentinel, Splunk, Datadog, OpenTelemetry, and ELK Excellent problem-solving skills and the ability to work in a complex, regulated More ❯

Leading daily SOC operations, task prioritisation and shift management Acting as the escalation point for complex incidents and investigations Reviewing, tuning and enhancing detection rules, alerts and playbooks in SIEM/SOAR tools Providing mentorship and technical guidance to SOC analysts Driving post-incident reviews, root cause analysis and continuous improvement Conducting proactive threat hunting and supporting compliance/audit … response capability What you'll bring 3+ years' experience in a SOC or security operations role Strong knowledge of incident detection, response and threat analysis Hands-on experience with SIEM, SOAR and endpoint detection tools Excellent problem-solving, analytical and communication skills A degree in a relevant subject or equivalent experience Relevant certifications such as GCIA, GCIH, CEH or CompTIA More ❯

of governance artefacts. You will also engage with engineering teams and managed service providers (MSPs) to ensure that OT security controls are effectively designed, implemented, and sustained. Experience with SIEM/SOC integration is valuable and considered desirable. Accountabilities: Lead the design and delivery of the OT Security Strategy, policies, and standards. Define governance processes for OT security, ensuring alignment … third-party security service providers. o Strong communication and documentation skills, particularly in policy/standards creation. o Eligible for SC-level national security clearance. Desirable o Familiarity with SIEM/SOC integration for OT environments. o Experience with OT asset discovery, monitoring, and security tool deployment. o Exposure to regulatory compliance in critical infrastructure (e.g., NIS Directive, UK CAF More ❯

of governance artefacts. You will also engage with engineering teams and managed service providers (MSPs) to ensure that OT security controls are effectively designed, implemented, and sustained. Experience with SIEM/SOC integration is valuable and considered desirable. Accountabilities: Lead the design and delivery of the OT Security Strategy, policies, and standards. Define governance processes for OT security, ensuring alignment … third-party security service providers. o Strong communication and documentation skills, particularly in policy/standards creation. o Eligible for SC-level national security clearance. Desirable o Familiarity with SIEM/SOC integration for OT environments. o Experience with OT asset discovery, monitoring, and security tool deployment. o Exposure to regulatory compliance in critical infrastructure (e.g., NIS Directive, UK CAF More ❯

reverse engineering. DV Clearance. Programming and scripting such as Python, Perl, Bash, PowerShell, C++.CREST Practitioner Intrusion Analyst/Blue Teams Level 1 or other SOC related certifications. Experience with SIEM technologies, namely Sentinel and Splunk, with some experience with QRadar. Overview Position SOC Shift Lead Permanent Location Hemel Hempstead Salary - From £58K to £65K dependant on experience Keywords: SOC, Security … Operations Centre, Sentinel, Splunk, Mitre Att&ck, SIEM, QRadar Only apply for this role if you currently hold the specific Government Security Clearance or are eligible for Government Security Clearance. Due to the nature of work undertaken at our client's site, incumbents of these positions are required to meet special nationality rules and therefore these vacancies are only open More ❯

integrity of core systems and platforms. You will work closely with the SOC Manager across daily activities of the Security Operations Center, continuously monitoring security alerts and incidents using SIEM tools (Splunk) to create detection use cases, analyse security event data for proactive threat hunting and conduct research on the latest threats and vulnerabilities to enhance incident response readiness and … About you: You are degree educated in Cyber Security or Computer Science You have strong experience in Security Operations and Incident Response You have experience of performing analysis with SIEM technologies, Splunk preferred You have experience with proactive threat hunting using MITRE ATT&CK or similar frameworks You have a deep understanding of security appliances/tools such as host More ❯

week in London office) Essential Experience: As an associate security analyst you will triage and investigate cyber security alerts and reports from users experience using security tools (e.g., EDR, SIEM) to support the investigation and response to cyberincidents Experience with SIEM tools (experience of Splunk preferred but experience of Microsoft Sentinel or anequivalent SIEM tool is acceptable) Experience in AWS More ❯

We are currently recruiting for a Senior Security Engineer with experience in SIEM/SOAR that is eager to join UK GOV department - SC Cleared envionmen t for a short term contract until end of the year 2025 About the role: Work in the Monitoring and Integration Platform Team and deliver against the initial phase of the security monitoring project … onboarding several critical services that are proactively monitored by the in-house SOC (Security Operations Centre). Essential Experience: 2+ years in security platforms management (SIEM, SOAR). Enterprise-level monitoring and supporting large user bases (10,000+ users). Create/manage security playbooks and knowledge of public sector standards. Experience in Xsiam correlation/playbooks and Cortex XDR More ❯

assisting a client who operate in a regulated industry, financial services, who are currently embarking a programme of work focused on maturity/designing and implementing security posture utilising SIEM tools such as Google Chronicle & implementing UEBA/SOAR (Security Orchestration, Automation, and Response/User and Entity Behaviour Analytics) built on GCP/Google Cloud so Google SecOps/… Security Operations experience is highly desirable. Key Responsibilities; - Enable and validate UEBA alerting within Chronicle SIEM, based on log sources - Deliver a minimum viable UEBA capability with tested detection logic - Provide engineering support to accelerate onboarding of log sources required for UEBA enrichment and detection fidelity - Demonstrate the ability to work with Google Chronicle and SecOps APIs, specifically for the … Design and implement detection use cases aligned to MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs - BindPlane - MITRE ATT&CK - Strong SOC background - SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December, possibly longer - Hybrid More ❯

assisting a client who operate in a regulated industry, financial services, who are currently embarking a programme of work focused on maturity/designing and implementing security posture utilising SIEM tools such as Google Chronicle & implementing UEBA/SOAR (Security Orchestration, Automation, and Response/User and Entity Behaviour Analytics) built on GCP/Google Cloud so Google SecOps/… Security Operations experience is highly desirable. Key Responsibilities; - Enable and validate UEBA alerting within Chronicle SIEM, based on log sources - Deliver a minimum viable UEBA capability with tested detection logic - Provide engineering support to accelerate onboarding of log sources required for UEBA enrichment and detection fidelity - Demonstrate the ability to work with Google Chronicle and SecOps APIs, specifically for the … Design and implement detection use cases aligned to MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs - BindPlane - MITRE ATT&CK - Strong SOC background - SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December, possibly longer - Hybrid More ❯

growth, collaboration, and working on cutting-edge projects that truly matter. What You Will Do: - Monitor, investigate, and analyse insider-related alerts and activities across advanced security platforms, including SIEM, DLP, UEBA, and EDR. - Identify patterns, anomalies, and behaviours that could indicate insider threats such as data exfiltration, fraud, or misuse of privileges. - Conduct thorough behavioural risk assessments by combining … equivalent practical experience. - At least three years of experience in cybersecurity operations, insider threat programmes, SOC, or similar investigative roles. - Familiarity with insider risk tools and technologies such as SIEM, DLP, UEBA, and EDR. - Strong analytical and investigative skills, with the ability to communicate findings effectively to technical and non-technical stakeholders. - A high level of integrity and discretion when More ❯