20 of 20 Remote SIEM Jobs in the Thames Valley

responsibilities: Incident Detection and Response: Lead investigations and remediation of complex security incidents, including malware infections, data breaches, and advanced persistent threats (APTs). Utilize advanced SIEM (Security Information and Event Management) tools, threat intelligence platforms, and other security technologies to analyze and correlate security alerts. Take ownership of Tier 3-level escalations from Tier 1 and Tier 2 analysts … of experience in cybersecurity, with incident response, digital forensics, or threat hunting. Strong experience in handling complex cyber incidents (e.g., APTs, ransomware, data breaches). Hands-on experience with SIEM platforms (e.g., Splunk, ArcSight, LogRhythm) and endpoint detection/response (EDR) tools. Technical Skills: Proficient in incident response tools and techniques, including network and system forensics, malware analysis, and memory More ❯

complex cyber incidents, including APTs, malware outbreaks, and data breaches. Take charge of escalated alerts from Tier 1 and 2 analysts and guide them through advanced response protocols. Utilize SIEM, EDR, and threat intelligence platforms to perform deep-dive analysis and response. 🧠 Threat Hunting & Analysis Proactively identify emerging threats through behavioral analytics and threat intelligence. Analyze log data, network activity … a related field. 6–8+ years in cybersecurity with a focus on incident response and threat hunting. Proven experience investigating APTs, ransomware, and data exfiltration attempts. Deep knowledge of SIEM platforms (e.g., Splunk, LogRhythm, ArcSight) and EDR solutions. Hands-on experience in network/system forensics and malware analysis. Familiarity with operating systems (Windows, Linux) and cloud environments (e.g., AWS More ❯

Qualifications: Proven experience in a cyber security or information security engineering role. Strong knowledge of network and system security, encryption, and authentication protocols. Experience with security tools such as SIEM, vulnerability scanners, firewalls, antivirus, and endpoint protection platforms. Familiarity with cloud security (AWS, Azure, or GCP) and hybrid environments. Good understanding of regulatory frameworks and standards (ISO 27001, NIST, PCI More ❯

and data breaches, ensuring swift, effective responses to minimize risk to the organization and its clients. Key Responsibilities: 1. Incident Detection and Response: o Utilize advanced SIEM (Security Information and Event Management) tools, threat intelligence platforms, and other security technologies to analyze and correlate security alerts. 2. Threat Hunting & Analysis: o Proactively search for threats across the environment using behavioural … PowerShell, etc.) to automate tasks or create custom detection methods. o Strong experience in handling complex cyber incidents (e.g., APTs, ransomware, data breaches). o Hands-on experience with SIEM platforms (e.g., Splunk, ArcSight, LogRhythm) and endpoint detection/response (EDR) tools. *Certifications (Preferred ): o Certified Information Systems Security Professional (CISSP) o Certified Incident Handler (GCIH, EC-Council) o Certified More ❯

IT and Security problems for non-technical audiences. • Strong understanding of OT infrastructure, networking, and end-user computing. • Proficiency in writing Kusto Query Language (KQL) for creating and tuning SIEM queries and alerts. • Experience in configuring and troubleshooting MFA, Privileged Access Management (PAM), and Security Information & Event Management (SIEM) systems, particularly Microsoft Sentinel. Desirable Experience: • Familiarity with managing network security More ❯

expertise in security and identity systems Qualifications Degree or relevant professional IT/security qualification Recognised certification from a security or identity vendor Knowledge Solid understanding of tools like SIEM, EDR, and threat detection methods Knowledge of vulnerability management and threat intelligence Familiarity with network security (firewalls, segmentation, IDS/IPS, etc.) Understanding of operating systems (Windows, Mac, Linux) and More ❯

with complicated security-related concepts to technical and non-technical audiences. Proficient in the use of PowerBI or a similar dashboarding application. Knowledge of security systems (including working with SIEM data). SQL or database knowledge would be desirable. Relevant certifications such as CISSP, CISM, or CRISC (or equivalent) are preferred. Proven experience in managing and delivering technical projects and More ❯

training, and exercising of SOC staff based on industry best practice. Experience in business growth and bid development is desirable. What We’re Looking for: Essential Experience in operating SIEM tools and vulnerability management software and being able to interpret and prioritise alerts, incidents and threat intelligence. Desirable Security Blue Team 1 or higher CompTIA Cyber Security Analyst SC More ❯

training, and exercising of SOC staff based on industry best practice. Experience in business growth and bid development is desirable. What We’re Looking for: Essential Experience in operating SIEM tools and vulnerability management software and being able to interpret and prioritise alerts, incidents and threat intelligence. Desirable Security Blue Team 1 or higher CompTIA Cyber Security Analyst SC More ❯

training, and exercising of SOC staff based on industry best practice. Experience in business growth and bid development is desirable. What We’re Looking for: Essential Experience in operating SIEM tools and vulnerability management software and being able to interpret and prioritise alerts, incidents and threat intelligence. Desirable Security Blue Team 1 or higher CompTIA Cyber Security Analyst SC More ❯

training, and exercising of SOC staff based on industry best practice. Experience in business growth and bid development is desirable. What We’re Looking for: Essential Experience in operating SIEM tools and vulnerability management software and being able to interpret and prioritise alerts, incidents and threat intelligence. Desirable Security Blue Team 1 or higher CompTIA Cyber Security Analyst SC More ❯

training, and exercising of SOC staff based on industry best practice. Experience in business growth and bid development is desirable. What We’re Looking for: Essential Experience in operating SIEM tools and vulnerability management software and being able to interpret and prioritise alerts, incidents and threat intelligence. Desirable Security Blue Team 1 or higher CompTIA Cyber Security Analyst SC More ❯

ensure compliance. Oversee third-party engagements, including RFPs/RFIs and vendor performance. Align projects with industry frameworks (NIST, ISO 27001) and leverage technologies like IAM (SailPoint), cloud security, SIEM, and MS Defender. Report to senior leadership and interface with PMO, Finance, and Portfolio teams. Required Experience: 5+ years in delivering complex InfoSec projects (financial/trading sector preferred). More ❯

bigger picture; investigating threats, guiding incident flow, analysing threat data, and playing a key role in improving detection and response processes. You’ll be working across platforms like: Elastic SIEM Microsoft Sentinel Defender for Endpoint CrowdStrike Falcon MISP (Malware Information Sharing Platform) As the team scales, this role offers both strategic involvement and technical depth. There’s also the option … mindset – focused on not just what happened, but why, how, and how to prevent it Comfortable being an escalation point for technical and analytical issues Working knowledge of key SIEM and EDR platforms (Elastic, Sentinel, CrowdStrike, etc.) Natural curiosity and willingness to get hands-on with data and investigations Broad exposure across cyber domains beyond pure SOC is highly valued More ❯

designs comply with Baseline Security Requirements and security policy. Ensure that projects integrate with security baseline controls such as IPS/IDS, WAF, Firewall Change Management, Identity & Access Management, SIEM and Vulnerability Management. Ensure internal customers, external suppliers and delivery partners are aware of security standards and future strategy to influence development roadmaps. Identify security risks, manage them with key More ❯

that interoperate and adapt to defend through the Sophos Central platform. Secureworks provides the innovative, market-leading Taegis XDR/MDR, identity threat detection and response (ITDR), next-gen SIEM capabilities, managed risk, and a comprehensive set of advisory services. Sophos sells all these solutions through reseller partners, Managed Service Providers (MSPs) and Managed Security Service Providers (MSSPs) worldwide, defending More ❯

heart of our security operations, developing and maintaining the infrastructure that powers our cutting-edge cybersecurity services. Your focus will be on enhancing and managing our: SIEM (Security Information and Event Management) systems SOAR (Security Orchestration, Automation, and Response) platforms Threat Intelligence tools and integrations You'll work closely with our threat intelligence teams to design and implement smart, automated … of institutions and millions of users across the UK. Your work will directly contribute to the safety and resilience of this network. What We're Looking For: Experience with SIEM and SOAR platforms (e.g., Splunk, Sentinel, Cortex XSOAR). A solid understanding of threat intelligence frameworks and feeds. A collaborative mindset and a passion for automation and innovation. Operational experience More ❯

that interoperate and adapt to defend through the Sophos Central platform. Secureworks provides the innovative, market-leading Taegis XDR/MDR, identity threat detection and response (ITDR), next-gen SIEM capabilities, managed risk, and a comprehensive set of advisory services. Sophos sells all these solutions through reseller partners, Managed Service Providers (MSPs) and Managed Security Service Providers (MSSPs) worldwide, defending More ❯

ll be training adult learners with a passion for cyber defence — from junior SOC analysts to aspiring incident responders — helping them build practical detection and analysis skills in a SIEM-driven environment. *We need OffSec certified Instructors or willingness to complete OffSec Instructor Bootcamp (OSIB)* Key Responsibilities: Deliver the SOC-200 course content to bootcamp or apprenticeship cohorts Guide learners … OffSec standards Ensure engagement and learner success throughout the training programme Experience Required: Experience delivering cyber security training (SOC-focused delivery preferred) Familiar with tools and frameworks such as SIEM, MITRE ATT&CK, ELK, and endpoint/network forensics Comfortable delivering to diverse learners (remote or classroom-based) Strong communication, mentoring, and instructional skills OffSec Instructor Certification or willingness to More ❯

ll be training adult learners with a passion for cyber defence — from junior SOC analysts to aspiring incident responders — helping them build practical detection and analysis skills in a SIEM-driven environment. *We need OffSec certified Instructors or willingness to complete OffSec Instructor Bootcamp (OSIB)* Key Responsibilities: Deliver the SOC-200 course content to bootcamp or apprenticeship cohorts Guide learners … OffSec standards Ensure engagement and learner success throughout the training programme Experience Required: Experience delivering cyber security training (SOC-focused delivery preferred) Familiar with tools and frameworks such as SIEM, MITRE ATT&CK, ELK, and endpoint/network forensics Comfortable delivering to diverse learners (remote or classroom-based) Strong communication, mentoring, and instructional skills OffSec Instructor Certification or willingness to More ❯