9 of 9 Remote/Hybrid SIEM Jobs in the Thames Valley

qualification delivered by LearnTech. Receive structured learning, coaching and mentoring from FSP’s Cyber team. Develop experience across real security operations, clients, environments and SIEM technologies. Gain exposure to industry frameworks such as MITRE ATT&CK and NIST. Build foundational knowledge across: Threat detection & incident response SOC processes and tooling ...

longer-term security improvements, projects and risk reduction initiatives across the organisation. Key responsibilities Monitor, investigate and respond to cyber security incidents using SIEM, EDR/MDR and other security tooling Perform deep-dive incident analysis across multiple log sources to identify root cause, indicators of compromise (IoCs) and remediation … closely with IT, Infrastructure, Cloud and Service teams to improve security controls across the organisation Review, onboard and manage log sources into SOC/SIEM platforms Validate and respond to security alerts generated by SIEM and endpoint protection platforms Manage security incidents and tickets in line with ITIL best practices ...

passion for cyber security. You will ideally bring: Strong analytical skills with the ability to manipulate, interrogate and interpret large datasets. Experience working with SIEM and IPS tools (preferred). Good understanding of Cyber Security Operations and cyber threat landscapes. Advanced IT skills and experience working within an IT support ...

defend through the Sophos Central platform. Secureworks provides the innovative, market‐leading Taegis XDR/MDR, identity threat detection and response (ITDR), next‐gen SIEM capabilities, managed risk, and a comprehensive set of advisory services. Sophos sells all these solutions through reseller partners, Managed Service Providers (MSPs) and Managed Security ...

Check Point (CCSE/CCSM), Palo Alto Load balancing technologies AWS and/or Azure VMware (ESXi, vSAN) Windows & Linux Servers Network monitoring tools SIEM tooling (Defender/Sentinel) ITIL exposure (incident/change management) Server rack management in live environments Due to the volume of applications received for positions ...

Check Point (CCSE/CCSM), Palo Alto Load balancing technologies AWS and/or Azure VMware (ESXi, vSAN) Windows & Linux Servers Network monitoring tools SIEM tooling (Defender/Sentinel) ITIL exposure (incident/change management) Server rack management in live environments If you’re a technically strong Network Engineer with ...

quality of their service and acting swiftly on escalations. You'll maintain, optimise and enhance a broad suite of security tools, including EDR, SIEM, email security, cloud security platforms, vulnerability management tooling and threat-detection technologies, ensuring they are configured to best practice and delivering maximum protection. You'll conduct … Cyber Security Engineer or Security Analyst with a strong track record operating in live security environments. You bring deep technical knowledge across endpoint protection, SIEM/EDR tooling, cloud security platforms, identity security, vulnerability management, threat detection workflows and Microsoft-based environments. You're confident analysing events, responding to incidents ...

Strong experience with CyberArk, BeyondTrust, Delinea, or similar PAM tools Solid understanding of Active Directory, LDAP, and authentication mechanisms Experience integrating PAM solutions with SIEM, IAM, or security platforms Experience working in cloud environments such as AWS, Azure, or GCP Scripting experience using PowerShell or Python for automation Understanding … SKILLS PAM Engineer, Privileged Access Management, CyberArk, BeyondTrust, Delinea, Cyber Security Engineer, Identity and Access Management, Active Directory, Azure, AWS, PowerShell, Python, IAM, SIEM ...

ensuring alignment with enterprise architecture standards, secure by design principles, and regulatory requirements. - development of data ingestion, telemetry, and integration patterns between Darktrace, Defender, SIEM/SOAR tools, and existing security stacks. - production of architecture decision records, design patterns, and technical documentation for long-term maintainability. - Leading technical delivery workstreams … baselining across both platforms. - Coordinate testing, validation, and acceptance of detection capabilities, including simulation of realistic attack techniques. - Integrate Darktrace and Defender outputs into SIEM, SOAR, and ticketing systems. - Work with SOC and automation teams to design playbooks, response workflows, and escalation paths. - Ensure centralised logging, enrichment, and context tagging ...