19 of 19 SIEM Jobs in the South West

scenarios and leading in-depth CTI investigations. Act as the escalation tier for cyber threat intelligence tasks within Cyber Security tooling including EDR and SIEM tooling. Interrogate threat intelligence and internal security tooling to identify items of interest and potential cyber threats. Proactive research and assessment of Tactics. Techniques and ...

Operations Centre (SOC/CSOC) or cyber security operations function Strong background in incident response, threat detection, and cyber resilience Hands-on experience with SIEM, IDS/IPS, endpoint security, and monitoring tools Solid understanding of threat intelligence, vulnerability management, and remediation practices Knowledge of cyber frameworks and regulations including ...

and influencing skills at senior levels. Experience in high value works procurement, including facilities management, construction, design, and cost management Essential Skills : Experience with SIEM tools (ArcSight) including engineering/configuration Creation of use cases, analytics, and playbooks Cloud technology knowledge Incident management from detection to resolution Desirable: Technical/ ...

analysts in hunting methodologies and investigative techniques Review and improve alert fidelity, detection coverage, and response effectiveness Provide technical oversight for tooling such as SIEM, EDR/XDR, NDR, SOAR, and cloud-native security platforms Detection Engineering & Improvement Collaborate with detection engineers to convert hunt findings into new or improved … Operations, Threat Hunting, or Incident Response Proven experience leading investigations involving advanced persistent threats, insider threats, or targeted attacks Strong hands-on expertise with: SIEM platforms (e.g. Sentinel, Splunk, Elastic) EDR/XDR solutions (e.g. Defender, CrowdStrike, SentinelOne) Network and cloud security telemetry Strong understanding of: MITRE ATT&CK Windows ...

project. Essential: * Experience of shaping and rolling out Security projects within a complex multi-organisation enterprise. * Experience standing up a Security Monitoring (SIEM)/Security Orchestration, Automation & Response (SOAR)/Security Operations Centre (SOC). * Experience implementing Identity Access Management (IAM) in a multi-organisation ecosystem. * Experience managing multiple rainbow ...

likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible for un-caveated UK SC Clearance. … Responsibilities Develop, maintain, and optimise detection content (primarily within Splunk SIEM) to identify threats across cloud, endpoint, and network environments. Collaborate across security functions to identify gaps in logging, alerting, and detection coverage aligned to business risk. Improve SecOps processes by recommending enhanced logging, identifying trends, and driving operational optimisation. ...

/SSL Encryption CDN, Edge Computing, Caching, and Edge Storage Border Gateway Protocol (BGP) and ACLs Zero Trust Architecture Load Balancing concepts Threat Intelligence, SIEM Monitoring, and Traffic Reporting Proxies and Reverse Proxies for Ingress/Egress management Cloud Infrastructure, particularly CDN and Edge Security platforms ...

resilience, DLP measures and regulatory compliance. Role Principal Duties: Proactively monitor network and system activity to detect potential security threats, using tools such as SIEM and endpoint protection platforms Assist in the investigation and resolution of low-level security incidents, escalating more complex issues to senior staff Maintain detailed logs … handled in accordance with incident response procedures Security Tools & Infrastructure: Support the deployment, configuration, and maintenance of core security tools, including antivirus software, firewalls, SIEM systems, Microsoft security services and endpoint protection Ensure DLP policies are effectively integrated into security infrastructure, including email filtering and endpoint protection systems, to prevent ...

latest security and cloud technology developments, including researching and evaluating emerging cyber threats affecting cloud services and platforms. Use advanced analytic tools, including SIEM and cloud security platforms, to identify emerging threat patterns, suspicious activity and vulnerabilities across cloud environments. Apply experience and knowledge to support the investigation and triage … posts early. Don't miss out! Person Specification Knowledge Essential Working knowledge of concept, procedures and processes of Security Information and Event Management (SIEM); ability to utilise related applications to protect organisational networks from cyber risks. Proven knowledge of tools, techniques and processes of intrusion detection and prevention; ability ...

posts early. Don't miss out! Person Specification Knowledge Essential Working knowledge of concept, procedures and processes of Security Information and Event Management (SIEM); ability to utilise related applications to protect organisational networks from cyber risks. Proven knowledge of tools, techniques and processes of intrusion detection and prevention; ability ...

Defining the system specifications to support optimal performance. Integrating workflows with third-party systems and security tools, such as Security Information and Event Management (SIEM) solutions, multi-factor authentication solutions, and cloud platforms like Amazon Web Services (AWS) and Azure. Develop technical documentation for IAM implementations including process documentation ...

experience (2 years+) Perform triage of security events ; determine scope, priority and impact, and make recommendations that enable expeditious remediation. Demonstratable experience working with SIEM technology and SIEM engineering (including tool configuration) i.e. ArcSight within an enterprise SOC. Experience in creation of use-cases, analytics and playbooks . An understanding ...

priority, ensuring appropriate escalation and response. Manage end-to-end incident response activities from detection through to resolution. Support the development and enhancement of SIEM use cases, detection rules, analytics, and playbooks. Conduct real-time analysis of logs and security data to identify malicious activity or policy violations. Work closely … documentation, and operational procedures. Requirements: Proven experience working as a SOC Analyst (Tier 2/3) within enterprise or critical environments. Strong experience with SIEM technologies (e.g. ArcSight or similar), including configuration and engineering support. Ability to triage security alerts and accurately assess risk, impact, and priority. Experience managing security ...

techniques and tools to perform network defence Skills & Experience Essential Knowledge of concept, procedures and processes of Security Information and Event Management (SIEM); ability to utilise related applications to protect organisational networks from cyber risks. Desirable Knowledge of technologies, methods and tools of forensics investigations for IT security violations ...

both technical and GRC security experience. Key Responsibilities: Oversee security incident management and response Threat management Configure, implement and maintain security tools such as SIEM, XDR, EDR, vulnerability management Implement and maintain security controls Conduct vendor risk assessments, support internal and external audits Governance, risk and compliance Skills & Experience: Proven … threat management and threat analysis Threat management - actively develop and refine threat intelligence, threat hunting capabilities, and prevention/detection measures Strong knowledge of SIEM, XDR, EDR, vulnerability management, firewalls and network security Good understanding of risk management, vendor security assessments and compliance Understanding of UK regulations, including Cyber Essentials ...

investigations and incident response for OT-related cyber events Analyse industrial network traffic to identify anomalies, threats and protocol misuse Integrate OT telemetry into SIEM and EDR platforms to enhance visibility and correlation Support secure by design initiatives for new OT systems, including segmentation and access control validation Assess vulnerabilities … control systems (ICS) - including SCADA, PLCs, DCS Hands-on experience with OT security tools (e.g. Claroty, Nozomi, Dragos or similar NDR platforms) Experience with SIEM, EDR and network traffic analysis Background in incident response, threat detection and security monitoring within OT or converged environments Understanding of network segmentation, secure remote ...

ability to apply it to a variety of business situations. Desirable Expert knowledge of concept, procedures and processes of Security Information and Event Management (SIEM); ability to utilise related applications to protect organisational networks from cyber risks. Qualifications Essential Masters level degree in Cyber Security a relevant subject, or equivalent ...

looking for Strong experience with: Juniper (LAN switching, SRX) Palo Alto firewalls Enterprise networking environments Managing engineers/leading teams Working with EDR & SIEM tools Engaging technical & non-technical stakeholders Exposure to cloud networking Tech environment Cisco (current) → migrating to Juniper Meraki wireless Windows + Ubuntu (Nutanix/AHV) SIEM ...

determine scope, priority and impact, and recommend rapid remediation actions. Conduct real-time management of security incidents from detection through to resolution. Work with SIEM technologies and SIEM engineering, including tool configuration (e.g. ArcSight). Create and maintain use cases, analytics and playbooks. Contribute to security monitoring across on-prem … Industry-standard SOC security qualifications (e.g. SANS, ISC2). Proven Tier 2/3 SOC Analyst experience (2+ years). Hands-on experience with SIEM technologies and engineering (ideally including ArcSight). Experience creating SOC use cases, analytics and playbooks. Desirable Degree in a technical, engineering or computing discipline. Defence ...