24 of 24 SIEM Jobs in South Wales

/UAT; support incident response. Maintain SBOMs to support vulnerability management and supply-chain assurance. Integrate and enhance security monitoring, logging and alerting (including SIEM/threat detection). Create security documentation (designs, risk assessments, mitigation plans, ops procedures). Collaborate with project/programme managers and stakeholders to ensure ...

support incident response activities. Maintain SBOMs to support vulnerability management and supply-chain assurance. Integrate and enhance security monitoring, logging, and alerting (including SIEM/threat detection). Produce security documentation including designs, risk assessments, mitigation plans, and operational procedures. Collaborate with project/programme managers and wider stakeholders ...

Threats : Assist in identifying suspicious activity and responding to security incidents in real time Security Tools and Technologies : Gain hands-on experience with firewalls, SIEM tools (e.g., Splunk, Microsoft Sentinel), endpoint protection, and vulnerability scanners Vulnerability Assessments : Help run scans to identify weaknesses in systems and recommend remediation actions Policy ...

activities. Monitor security alerts and assist with investigating potential incidents. Help implement security best practices and policies to protect digital assets. Gain exposure to SIEM tools and security monitoring platforms. Assist with creating incident response documentation and security reports. Support compliance efforts and basic risk assessments aligned with industry standards. ...

infrastructure builds with cyber security standards such as NCSC guidance, CIS benchmarks, or Microsoft Security Baselines. Experience implementing monitoring, logging, and alerting toolsets including SIEM and threat detection platforms. Understanding of data classification, encryption, and secure storage/access principles. Experience defining security configurations and collaborating with engineers to apply ...

security operations, including vulnerability management, access reviews, and incident response readiness. Provide insights and triage signals from security tooling (SAST, DAST, dependency scanning, SIEM). Work hands-on to perform internal security assessments or penetration testing. Manage relationships with external pentest providers, auditors, and assessors. Secure Development Lifecycle (SDLC) Partner ...

security operations, including vulnerability management, access reviews, and incident response readiness. Provide insights and triage signals from security tooling (SAST, DAST, dependency scanning, SIEM). Work hands-on to perform internal security assessments or penetration testing. Manage relationships with external pentest providers, auditors, and assessors. Secure Development Lifecycle (SDLC) Partner ...

migrating firewall rules, designing segmentation at multiple layers (macro/meso/micro), and integrating identity‐based controls. Strong background in logging/monitoring, SIEM/SOAR integration, and building operational metrics. Proficiency with capacity planning, performance tuning, and platform visibility tooling. Excellent documentation skills; able to produce architecture artefacts ...

migrating firewall rules, designing segmentation at multiple layers (macro/meso/micro), and integrating identity‐based controls. Strong background in logging/monitoring, SIEM/SOAR integration, and building operational metrics. Proficiency with capacity planning, performance tuning, and platform visibility tooling. Excellent documentation skills; able to produce architecture artefacts ...

with customers and other internal stakeholders. Confidence in effectively communicating technical incidents or security threats to non-technical stakeholders. Previous experience of working with SIEM and log monitoring tools. SC-200, SC-900 or equivalent certification would be beneficial but not essential. To be considered for this role, you must ...

with customers and other internal stakeholders. Confidence in effectively communicating technical incidents or security threats to non-technical stakeholders. Previous experience of working with SIEM and log monitoring tools. SC-200, SC-900 or equivalent certification would be beneficial but not essential. To be considered for this role, you must ...

practices Engagement with R&D for Cyber Solutions/Products Essential Candidate Experience Good knowledge of multiple SOC tooling including IDPS/Firewalls/SIEM/Splunk/Email & Web Protection etc. Experience of implementing and fault finding Firewall technologies including Cisco ASR/Palo Alto/Fortinet Excellent understanding ...

Contact Centre o Employee Experience: Endpoint, M365 and Viva Cloud Native Platforms: o Azure, AWS and Private Cloud Security Practice: o M365, Fortinet, SOC, SIEM, etc. Software Engineering: o AppDev and Data & AI This should be combined with experience and high-level understanding of large-scale cloud solutions architecture, novel ...

resided continuously in the UK for the past five years, due to Security Clearance requirements. Key Responsibilities: Lead investigations of security incidents raised by SIEM and CNAPP tooling. Drive improvements in cloud security posture using Microsoft Defender for Cloud. Guide project teams on remediation steps and ensure alignment with security … best practices. Support WebOps activities including deployment and configuration of SIEM and CNAPP tools. Oversee vulnerability management processes and ensure timely remediation. Manage and maintain LogicMonitor for cloud platform monitoring: Create and update logicmodules Configure alert rules and escalation chains Manage ServiceNow integration for incident handling Build and maintain dashboards ...

candidates from general SOC or InfoSec backgrounds, sector experience is a bonus, not a requirement. What you'll be doing: Operate, tune and configure SIEM tools Monitor and triage security alerts, applying custom queries (e.g. KQL) and correlation rules to detect suspicious activity. Investigate security incidents across endpoints, networks, and … and security posture improvements. What we're looking for: Strong working knowledge of Microsoft security stack (e.g. Sentinel, Defender) and hands-on experience with SIEM tooling, alerts triage, detection logic, and security incident workflows. Ability to write and optimise detection queries (e.g. in KQL), review firewall and security logs, manage ...

RBAC and conditional access Familiarity with regulatory and compliance frameworks such as NIST, CIS Controls, ISO 27001 and Cyber Essentials Plus Experience with SIEM, logging, monitoring and threat detection platforms Understanding of data classification, encryption and secure storage Ability to collaborate with engineers to enforce secure configurations and hardening standards … and submit (subject to required skills) your application to our client in conjunction with this vacancy only. KEY SKILLS Cyber Security Engineer, Microsoft Security, SIEM, IAM, Vulnerability Management, Network Security, Security Architecture, Incident Response, Hybrid Cloud, Threat Modelling, Compliance ...

senior security leaders, with the ability to diagnose challenges and deliver strategic recommendations 10+ years of hands-on experience in deploying and integrating SIEM/security analytics solutions within large enterprise environments 8+ years of experience with Security Operations Center (SOC) tooling, processes, and workflows Hands-on technical mastery across … SIEM, SOAR, EDR, cloud security, and threat intelligence Ability to conceive, architect, and develop effective correlation and detection rules Familiarity with a range of SIEM technologies, such as Splunk and IBM QRadar, is a plus. Strong expertise in Regular Expressions (Regex) Relevant bachelor's degree or industry-recognized qualifications (CISSP ...

experience within an MSP environment. Strong Microsoft Azure expertise (IaaS/PaaS, governance, identity, networking, landing zones). Security experience across MDR, threat detection, SIEM/SOAR or security monitoring. Solid understanding of hybrid cloud, integrations, networking and resilient design. Ability to articulate complex technical concepts to technical and … architectural documentation and NFRs (security, performance, compliance). Desirable MSP service design/service offering experience. Hands-on knowledge of Microsoft Sentinel or other SIEM/SOAR platforms. Familiarity with security frameworks (NIST, ISO 27001). Relevant Azure certifications (AZ-305, AZ-500, etc.). Please apply now if this ...

experience within an MSP environment. Strong Microsoft Azure expertise (IaaS/PaaS, governance, identity, networking, landing zones). Security experience across MDR, threat detection, SIEM/SOAR or security monitoring. Solid understanding of hybrid cloud, integrations, networking and resilient design. Ability to articulate complex technical concepts to technical and … architectural documentation and NFRs (security, performance, compliance). Desirable MSP service design/service offering experience. Hands-on knowledge of Microsoft Sentinel or other SIEM/SOAR platforms. Familiarity with security frameworks (NIST, ISO 27001). Relevant Azure certifications (AZ-305, AZ-500, etc.). Please apply now if this ...

Will Need to Succeed: Minimum 3+ years of experience working in 24x7 enterprise operations, preferably security operations Minimum 1+ years of experience working with SIEM, including running investigations (correlating events on different aspects such as source/destination addresses, usernames, and process names) Demonstrable comprehension of Information Security including malware … investigate trends and identify errors Network, Security, or Platform certification(s) (S+, N+, MCSP, CNA) is a plus. Ideal candidates have strong experience with SIEM tools and security event processes. Compensation Estimated Pay Range: Exact compensation and offers of employment are dependent on circumstances of each case and will ...

work with security platforms, scripting tasks, and collaborating with experienced security professionals. Key Areas of Work Enhancing alert logic and monitoring use cases within SIEM platforms Building and maintaining automation workflows using Python Reviewing security events and log data to spot unusual activity Supporting the design of detections aligned … adversarial behaviours Assisting investigations and contributing to continuous improvements within the SOC What You'll Bring Experience using one or more SIEM technologies (e.g., Sentinel, Splunk, ELK, Rapid7, LogRhythm) Python skills for scripting or automation Understanding of SOAR concepts or exposure to automated playbooks Familiarity with threat frameworks such ...

Newport Offering £90ph Inside IR35 Do you have experience in scripting and programming? Do you have experience with SOC tooling such as IDPS, Firewalls, SIEM, Splunk, etc.? Do you want to work with an industry-leading company? If your answer to these is yes, then this could be the role … Cyber Defence Centre for company Cyber Solutions/Products Your skillset may include: Good knowledge of multiple SOC tooling including IDPS/Firewalls/SIEM/Splunk/Email & Web Protection etc. Experience implementing and fault-finding Firewall technologies including Cisco ASR/Palo Alto/Fortinet Excellent understanding ...

hiring Elasticsearch Consultant or Architect (Observability OR Security (SIEM) or Search (Data)) to join our team. This pivotal role requires a deep subject matter expert in the Elastic Stack, responsible for designing, implementing, and optimizing complex Elasticsearch environments tailored to critical business functions in either Observability, Security (SIEM), or Search … Logstash for comprehensive data collection. Designing APM services, setting up synthetic monitoring, and creating advanced Kibana dashboards for holistic operational visibility. OR Elastic Security (SIEM) Proven ability to deploy and manage Elastic SIEM, including endpoint security integration. Expertise in using security data (logs, events) to create custom detection rules, conduct ...

hiring Elasticsearch Consultant or Architect (Observability OR Security (SIEM) or Search (Data)) to join our team. This pivotal role requires a deep subject matter expert in the Elastic Stack, responsible for designing, implementing, and optimizing complex Elasticsearch environments tailored to critical business functions in either Observability, Security (SIEM), or Search … Logstash for comprehensive data collection. Designing APM services, setting up synthetic monitoring, and creating advanced Kibana dashboards for holistic operational visibility. OR Elastic Security (SIEM) Proven ability to deploy and manage Elastic SIEM, including endpoint security integration. Expertise in using security data (logs, events) to create custom detection rules, conduct ...