1 to 25 of 191 SIEM Jobs in the UK

and operations teams to support strategic security objectives, improve detection coverage, and respond to evolving cyber threats. Key Responsibilities SIEM Solution Development Design and implement SIEM solutions in collaboration with security analysts and architects. Develop, optimise, and maintain detection rules, alerts, and dashboards to improve threat visibility. Support the full … incident response tooling. Stay current with emerging threats, attack techniques, and security best practices. Essential Skills & Experience SIEM & Detection Engineering Strong experience configuring and operating SIEM platforms (Elasticsearch-based solutions preferred). Ability to create, test, and optimise detection rules aligned to the MITRE ATT&CK framework. Experience improving detection ...

have experience with the below non-exhaustive list: - Knowledge of network security fundamentals (TCP/IP, firewalls, VPNs, IDS/IPS) - Experience with SIEM & SOC tooling (e.g., Splunk, Elastic, Sentinel) - Familiarity with EDR/Endpoint security platforms (CrowdStrike, SentinelOne etc.) - Hands-on with vulnerability scanning & remediation (Nessus, Qualys, OpenVAS) - Linux ...

testing. Security & Compliance Strong grasp of cybersecurity (firewalls, EPP, vulnerabilities, threat detection). Understanding of ISO 27001 and GDPR; audit support experience. Familiar with SIEM tools (Splunk, Sentinel). Operating Systems & Automation Working knowledge of Linux (Ubuntu, CentOS). Scripting with PowerShell, Bash, Python. Familiar with ITSM platforms (ServiceNow, Freshservice ...

modern cloud security ecosystems. Ability to interpret logs, security events, and SOC output to support investigations. Experience working with or managing third party SOC, SIEM, and security vendors. Background in overseeing penetration tests and managing remediation activity. Solid understanding of incident response, vulnerability management, and general cyber defence principles. Experience ...

using SOAR tooling and its application Application of data science against large datasets involving unstructured data and designing data models Knowledge of using SIEM platforms to identify suspected security events and creating content to enhance the platform Knowledge of custom API's to leverage the SOAR's functionality Ability ...

Linux OS. Skills & Experience of Cyber Security Engineer will include: Strong Experience within Information Security Engineering, focusing on Infrastructure & Network Engineering. Practical Experience with SIEM, NG Firewalls, SASE Solutions & Privileged Access Management (PAM) Systems. Ideally Highly Proficient in Microsoft & Linux OS with a Strong Understanding of Data Encryption, Key Management ...

Lead investigations and remediation of complex security incidents, including malware infections, data breaches, and advanced persistent threats (APTs). Utilize advanced SIEM (Security Information and Event Management) tools, threat intelligence platforms, and other security technologies to analyze and correlate security alerts. Take ownership of Tier 2-level escalations from Tier … Lead investigations and remediation of complex security incidents, including malware infections, data breaches, and advanced persistent threats (APTs). Utilize advanced SIEM (Security Information and Event Management) tools, threat intelligence platforms, and other security technologies to analyze and correlate security alerts. Take ownership of Tier 2-level escalations from Tier ...

Strong understanding of cloud security (IaaS, PaaS, SaaS, CASB, Zero Trust, micro-segmentation) Broad knowledge of security technologies (firewalls, IDS/IPS, endpoint protection, SIEM, SOAR, DLP, PKI, cryptography) Solid understanding of IAM concepts (RBAC, ABAC, PAM, SSO) Strong analytical skills with the ability to interpret complex technical information Good ...

service follows and complies with IT and Information Security policies and regulatory standards. Help configure and keep current the integration of IAM technologies with SIEM, SOAR, Service Desk and other tools. Work closely with relevant vendors to ensure optimised use of the supplied technologies and professional services. Serve ...

skills are essential for this position. Knowledge of information security standards (e.g., ISO 17799/27002/27001/PCI DSS/SIEM, etc.), rules and regulations related to information security and data confidentiality (e.g., FERPA, HIPAA, etc.) and key network security principles for risk identification and analysis. Knowledge ...

automating processes. Working knowledge of SecDevOps tools and methodologies. Excellent analytical and problem-solving skills. Strong communication and documentation abilities. Hands on experience with SIEM solutions i.e. Splunk, ArcSight, LogRhythm Communication and Soft Skills Experience speaking to and working with leadership as well as ability to write reports and present ...

projects in cloud environments. Ability to translate regulatory and security requirements into pragmatic technical controls. Excellent communication skills across technical and non-technical stakeholders. SIEM/XDR tooling experience, such as Microsoft Sentinel. Experience contributing to security architecture and design decisions. Self-starter mindset - able to work independently and ...

with day-to-day responsibilities. Essential Skills and Experience: SC clearance required to start; DV sponsorship available. Proven expertise with Splunk and Microsoft Sentinel SIEM platforms. Strong programming skills in Python , with experience developing automation and Detection as Code pipelines. Proficiency in KQL and SPL for creating efficient, high-fidelity ...

responsibilities, with opportunities for mentoring junior staff and engaging with senior stakeholders. Key Responsibilities Detection Engineering: Develop, maintain, and enhance security detection content for SIEM platforms (primarily Splunk) to identify threats across cloud, endpoints, and networks Identify gaps in detection coverage, log ingestion, and alerting, aligned with business risks and ...

Cloud Platforms Experience with private & public cloud such as AWS & Azure Security Experience with MDM, MFA, Email filtering, Next generation firewalls & Anti-Virus solutions, SIEM Solutions such as Sentinel Skills An ability to work independently and perform their own research Ability to work under pressure Creative problem solving Ability ...

tools such as EDR, XDR, firewalls, WAF, and email security; experience with CrowdStrike, Palo Alto, and Microsoft Defender is advantageous. Hands-on experience with SIEM platforms, including configuration and data integration. Familiarity with cloud security, network security, and endpoint security across Windows, Linux, and macOS environments. Package ...

required to: • Secure on prem & cloud infra (zero trust, segmentation, VPN, firewalls, IDS/IPS) • Hardening Windows/Linux VMware/Hyper V • SIEM (Sentinel/Alienvault) • EDR • Vulnerability management (Qualys) • Azure/AWS strong IAM & Conditional Access • M365 security: Defender for Office 365, DLP, Secure Score/Purview • Lead ...

detect threats, identify trends, and deliver actionable security insights. Strong track record in threat detection, incident management, and escalation handling. Hands-on experience managing SIEM and SOAR platforms such as Splunk, Microsoft Sentinel, or Elastic. Skilled in coaching analysts, building high-performing teams, and managing effective shift models. Confident communicator ...

/CD tools (GitHub Actions, Jenkins, CircleCI). Solid understanding of Linux systems and scripting (Bash, PowerShell, Python). Familiarity with security principles , SIEM/SOC tools, or incident response. Knowledge of networking fundamentals and APIs. Excellent problem-solving and communication skills. Nice to Have Experience with containerization (Docker, Kubernetes ...

skills are essential for this position. Knowledge of information security standards (e.g., ISO 17799/27002/27001/PCI DSS/SIEM, etc.), rules and regulations related to information security and data confidentiality (e.g., FERPA, HIPAA, etc.) and key network security principles for risk identification and analysis. Associated Benefits ...

/7 basis . Skills & Experience Required: Working knowledge of Various Operating systems including Windows and Linux. Experience of working with SIEM and IPS products within a SOC Environment. Good Analytical skills with the ability to manipulate, interrogate and analyse large data sets. Relevant cyber security analyst experience within ...

Centre (SOC) team, you'll monitor systems, detect potential incidents, and initiate the incident response process. Your key responsibilities will include: Continuous Monitoring: Use SIEM tools (including Splunk) to identify suspicious activity and respond efficiently. Incident Triage: Analyse alerts and logs to determine genuine incidents and prioritise accordingly. Initial Incident ...

environment, with a deep understanding of how SOC operations integrate with IR. Expert knowledge of technologies such as Microsoft security stack, DFIR tooling, SIEM, Microsoft Defender/Sentinel, EDR platforms, timeline analysis, and cloud environments (Azure, AWS, or GCP). Exposure to penetration testing, including red team or purple team ...

Desirable Azure certifications, MCP, CompTIA A+. Endpoint management experience (Intune). Exposure to security operations or compliance frameworks. PowerShell or automation skills. Knowledge of SIEM tooling such as Microsoft Sentinel. Brightwork Ltd offers the services of an employment agency for permanent roles and an employment business for temporary roles. ...

PowerShell, and Python). Experience with PAM concepts, access control models, and security frameworks (e.g., NIST, ISO 27001, CIS). Experience integrating PAM with SIEM, SOAR, and DevOps pipelines. Architectural and solution design skills, enterprise-scale PAM deployments. Cloud certifications, such as AWS Certified Security, Azure Security Engineer or Google ...