1 to 25 of 1,591 SIEM Jobs in the UK

experience Good knowledge of MS Defender for Cloud, Storage (SQL) and CSPM. Proficient with Data loss prevention tools experience, such as MS Purview Compliance Manager and Tessian Security monitoring, SIEM tooling such as Exabeam, QRadar, Splunk and Sentinel. Experience with Azure (security centre) and M365 cloud infrastructure and configuration and on-premises Active Directory Experience in Cloud email security gateway More ❯

e.g., ISO 27001, HIPAA, PCI-DSS). Collaborate with IT and engineering teams to integrate security into system architecture and DevOps pipelines. Maintain and operate security tools such as SIEM, IDS/IPS, firewalls, antivirus, and endpoint protection. Stay updated on the latest cybersecurity threats, vulnerabilities, and industry trends. Participate in penetration testing and red/blue team exercises. Provide … Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field. Solid understanding of network security, application security, and operating system security. Experience with security tools such as SIEM (e.g., Splunk, QRadar), IDS/IPS, firewalls, antivirus, DLP . Knowledge of common threats and vulnerabilities (e.g., OWASP Top 10, MITRE ATT&CK). Strong analytical, problem-solving, and communication More ❯

auditing security measures, security response, and incident management. • Possess a working knowledge of Cisco network switches, routers, firewalls and VPN, network security, administration of DLP, antivirusantimalware, IDS/IPS, SIEM, SMTP, Email security, AD, Group Policy, DNS, DHCP, and VLANs. • Experience with identity access management solutions, such as SAMLOATH • Experience with HIDS and NIDS • The ideal candidate possesses relevant information More ❯

of a collaborative and high-performing security team. Role Responsibilities Key responsibilities for this role may include: Incident Detection & Response: Monitor security events and alerts using SIEM (Security Information and Event Management) and other security tools to identify potential security threats and incidents. Conduct initial triage, analysis, and categorisation of security incidents based on severity and impact. Escalate complex or … or home lab projects are encouraged to apply Education: Bachelor’s degree in Computer Science, Information Security, Cyber Security or related field, or equivalent experience desirable. Certifications (preferred): Any SIEM-specific certification or vendor-specific training. Relevant cybersecurity certifications such as Certified Cloud Security Professional (CCSP) or other relevant security certifications, Security+ (CompTIA), CEH (Certified Ethical Hacker), BTL1 or others … are highly desirable but not essential. Technical Skills: Familiarity with SIEM tools (e.g., LogRhythm, Elastic SIEM, Microsoft Sentinel, or similar). Basic understanding of network protocols, firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint security. Exposure to or understanding of log analysis and alert triage, vulnerability scanning and patching and incident response Knowledge of cyber security and More ❯

cyber threat intelligence, and incident response, ensuring the protection of BCG’s global network. You will work closely with the Security Operations Center (SOC), Security Information and Event Management (SIEM), and Managed Security Service Provider (MSSP) to enhance detection and response capabilities. Your expertise will contribute to strengthening our security posture and minimizing business risks associated with cyber threats. What … You Do? Act as a Tier 3 Incident Responder, supporting complex investigations into cyber security incidents. Conduct proactive threat hunting to detect and neutralize emerging threats. Monitor and analyze logs via SIEM, EDR, and network traffic analysis tools for potential attack indicators. Investigate security incidents, including malware infections, phishing attacks, and unauthorized access attempts. Develop and enhance incident response playbooks … solving skills, with an investigative mindset to identify security threats. Experience with malware analysis, including static and dynamic analysis techniques. Ability to develop and refine threat-hunting methodologies and define SIEM use cases. Familiarity with global cybersecurity regulations and compliance frameworks (GDPR, NIST, ISO 27001, etc.). Ability to work under pressure in a fast-paced, dynamic security environment. Experience More ❯

cyber threat intelligence, and incident response, ensuring the protection of BCG’s global network. You will work closely with the Security Operations Center (SOC), Security Information and Event Management (SIEM), and Managed Security Service Provider (MSSP) to enhance detection and response capabilities. Your expertise will contribute to strengthening our security posture and minimizing business risks associated with cyber threats. What … You Do? Act as a Tier 3 Incident Responder, supporting complex investigations into cyber security incidents. Conduct proactive threat hunting to detect and neutralize emerging threats. Monitor and analyze logs via SIEM, EDR, and network traffic analysis tools for potential attack indicators. Investigate security incidents, including malware infections, phishing attacks, and unauthorized access attempts. Develop and enhance incident response playbooks … solving skills, with an investigative mindset to identify security threats. Experience with malware analysis, including static and dynamic analysis techniques. Ability to develop and refine threat-hunting methodologies and define SIEM use cases. Familiarity with global cybersecurity regulations and compliance frameworks (GDPR, NIST, ISO 27001, etc.). Ability to work under pressure in a fast-paced, dynamic security environment. Experience More ❯

scans and update relevant records. Incident readiness and handling as part of the Computer Security Incident Response team (CSIRT). Monitor and analyse security logs from various systems (including SIEM) and network devices to identify potential threats and vulnerabilities. Knowledge, Skills & Experience Required: Bachelor’s degree in computer science, Information Technology, Cyber Security, or a related field. 5+ years of More ❯

scans and update relevant records. Incident readiness and handling as part of the Computer Security Incident Response team (CSIRT). Monitor and analyse security logs from various systems (including SIEM) and network devices to identify potential threats and vulnerabilities. Knowledge, Skills & Experience Required: Bachelor’s degree in computer science, Information Technology, Cyber Security, or a related field. 5+ years of More ❯

Cybersecurity, Computer Science, Information Technology, or equivalent experience. Previous experience in Cybersecurity or a related IT role, ideally working in public sector environments. Proficiency with security tools such as SIEM, IDS/IPS, and vulnerability scanners. Strong understanding of network security, firewalls, and access control. Knowledge of regulatory frameworks like GDPR, HIPAA, PCI-DSS, or NIST. Experience in incident response More ❯

Computer Science, Information Security, or a related field (Master's preferred). • Extensive experience in cybersecurity leadership within a SOC or incident response function. • Strong knowledge of security technologies, SIEM platforms (e.g., Chronicle, Splunk, QRadar), EDR tools, firewalls, and network security. • Experience with security frameworks and regulations (NIST, ISO 27001, MITRE ATT&CK, CIS, etc.). • Demonstrated experience leading security More ❯

Services Are you an experienced Cyber Security Engineer looking for a new challenge? Do you have a background in Cyber Security with a strong understanding of security technologies, including SIEM, EDR, Firewalls, VPNs, and cloud security (AWS, Azure, GCP) in an MSP or similar environment, along with hands-on experience with Splunk/MS Sentinel/QRadar and KQL? Here … will allow you to achieve great things by working with brilliant colleagues, and clients, on exciting projects. Responsibilities: Key Responsibilities: Design, implement, and manage advanced security solutions, including Firewalls, SIEM, IDS/IPS, endpoint protection, and cloud security. Lead technical presentations, demonstrations, workshops and architecture design sessions, explain, demonstrate, and architect the solution to help solve client security challenges and … Information Technology, or related field (or equivalent experience). 5yrs+ of experience in a cybersecurity role within an IT MSP or similar environment. Strong understanding of security technologies, including SIEM, EDR, Firewalls, VPNs, and cloud security (AWS, Azure, GCP). Strong hands-on experience with Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and Detection Rule languages such as KQL More ❯

access for you and your household Onsite perks including free parking, tea and coffee stations, and a subsidized café with free breakfast toast Responsibilities Security Monitoring & Incident Response: Use SIEM tools like Exabeam, LogRhythm, Splunk, or Arcsight to monitor security events, detect threats, and analyze data to address incidents swiftly. Vulnerability Management Tools: Conduct regular vulnerability assessments, prioritize and remediate More ❯

Azure, Entra), security auditing, and modern endpoint protection such as CrowdStrike. Responsibilities Monitor and respond to security incidents using EDR/XDR tools such as CrowdStrike, Microsoft Defender, and SIEM platforms. Perform regular audits and security assessments across cloud (AWS, Azure) and SaaS platforms to identify risks and ensure compliance with internal policies and industry standards (ISO 27001, CIS, NIST …/Azure), including the shared responsibility model. Familiarity with compliance frameworks (ISO 27001, GDPR, SOC 2, NIST). Hands-on experience with EDR tools (CrowdStrike, Defender for Endpoint) and SIEM/SOAR platforms. Basic scripting for automation and reporting using PowerShell or Python. Working knowledge of network security protocols, VPNs, firewalls, and web filtering tools. Understanding of patch management, application More ❯

Services Are you an experienced Cyber Security Engineer looking for a new challenge? Do you have a background in Cyber Security with a strong understanding of security technologies, including SIEM, EDR, firewalls, VPNs, and cloud security (AWS, Azure, GCP) in an MSP or similar environment, along with hands-on experience with Splunk/MS Sentinel/QRadar and KQL? Here … infrastructure services will allow you to achieve great things by working with brilliant colleagues, and clients, on exciting projects. Responsibilities: Design, implement, and manage advanced security solutions, including firewalls, SIEM, IDS/IPS, endpoint protection, and cloud security. Lead technical presentations, demonstrations, workshops and architecture design sessions, explain, demonstrate, and architect the solution to help solve client security challenges and … Cybersecurity, Information Technology, or related field (or equivalent experience). 4yrs+ of experience in a cybersecurity role within an MSP or similar environment. Strong understanding of security technologies, including SIEM, EDR, firewalls, VPNs, and cloud security (AWS, Azure, GCP). Strong hands-on experience with Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and Detection Rule languages such as KQL. More ❯

build, and support of the Security Operations technology infrastructure. Responsibilities include: Provide effective incident management through monitoring and analysis of Security Events and Incidents on a diverse range of SIEM tools and monitoring capabilities. Triage, mitigate and escalate incidents accordingly, while capturing and recording pertinent information. Perform appropriate contingency and containment procedures in response to planned or unexpected events. Produce … hour shift pattern, to include daytime, nighttime and weekend work. What it takes: 3+ years’ experience of working in a SOC environment or Cybersecurity role. Experience of working with SIEM tools. Experience of Incident Response and/or forensic skills. Thorough understanding of Cybersecurity Tactics, Techniques and Procedures (TTPs). Understanding of vulnerability management, gap remediation, risk logging, and tracking. More ❯

threats. You’ll play a crucial role in delivering technical excellence, leading customer engagements, and mentoring team members. Key Responsibilities: Design, implement, and manage enterprise-grade security solutions (firewalls, SIEM, IDS/IPS, endpoint protection, cloud security). Shape strategic security recommendations and collaborate on technical win plans. Maintain and update security policies, procedures, and incident response plans. Deliver security … Looking For: A degree in Cybersecurity, IT, or equivalent experience. 4+ years in a cybersecurity role, preferably within an MSP or fast-paced environment. Strong hands-on experience with SIEM, EDR, VPNs, firewalls, and cloud platforms (AWS, Azure, GCP). Expertise in Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and KQL. Proven skills in threat detection, incident response, and More ❯

threats. You’ll play a crucial role in delivering technical excellence, leading customer engagements, and mentoring team members. Key Responsibilities: Design, implement, and manage enterprise-grade security solutions (firewalls, SIEM, IDS/IPS, endpoint protection, cloud security). Shape strategic security recommendations and collaborate on technical win plans. Maintain and update security policies, procedures, and incident response plans. Deliver security … Looking For: A degree in Cybersecurity, IT, or equivalent experience. 4+ years in a cybersecurity role, preferably within an MSP or fast-paced environment. Strong hands-on experience with SIEM, EDR, VPNs, firewalls, and cloud platforms (AWS, Azure, GCP). Expertise in Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and KQL. Proven skills in threat detection, incident response, and More ❯

threats. You’ll play a crucial role in delivering technical excellence, leading customer engagements, and mentoring team members. Key Responsibilities: Design, implement, and manage enterprise-grade security solutions (firewalls, SIEM, IDS/IPS, endpoint protection, cloud security). Shape strategic security recommendations and collaborate on technical win plans. Maintain and update security policies, procedures, and incident response plans. Deliver security … Looking For: A degree in Cybersecurity, IT, or equivalent experience. 4+ years in a cybersecurity role, preferably within an MSP or fast-paced environment. Strong hands-on experience with SIEM, EDR, VPNs, firewalls, and cloud platforms (AWS, Azure, GCP). Expertise in Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and KQL. Proven skills in threat detection, incident response, and More ❯

ensure compliance with industry regulations (ISO 27001, NIST, GDPR, etc.). Lead incident response efforts, including investigating security breaches, coordinating remediation, and reporting findings. Implement and maintain endpoint protection, SIEM solutions, and threat intelligence platforms . Collaborate with IT and DevOps teams to ensure secure architecture and cloud security measures . Provide security awareness training for employees and promote a … network security principles, protocols, and technologies (firewalls, VPNs, IDS/IPS, NAC, etc.). Hands-on experience with security frameworks such as ISO 27001, NIST, CIS Controls. Proficiency in SIEM tools, vulnerability management, and penetration testing techniques . Familiarity with cloud security models (AWS, Azure, GCP) and securing hybrid environments. Experience in security operations, threat intelligence, and forensic analysis . More ❯

well as UK NIS/NIS2 directives, and other relevant security regulations. In-depth understanding of general security principles. In-depth understand of how security technologies like firewalls, EDR, SIEM, TVM operate in a coherent manner. Excellent communication, reporting and presentation skills. Ability to plan, prioritise, be proactive and manage own workload. Understand up-to-date security threats and common More ❯

within the AI sector. What will I bring to the role? Significant experience in a similar role. Hands-on experience with security technologies such as firewalls, IDS/IPS, SIEM, endpoint protection, encryption, and vulnerability scanners. Proficiency in security frameworks and standards such as NIST, ISO 27001, and CIS controls. Strong understanding of network protocols, firewalls, VPNs, and encryption techniques. More ❯

cyber threat intelligence, and incident response, ensuring the protection of BCG’s global network. You will work closely with the Security Operations Center (SOC), Security Information and Event Management (SIEM), and Managed Security Service Provider (MSSP) to enhance detection and response capabilities. Your expertise will contribute to strengthening our security posture and minimizing business risks associated with … cyber threats. Act as a Tier 3 Incident Responder, supporting complex investigations into cyber security incidents. Conduct proactive threat hunting to detect and neutralize emerging threats. Monitor and analyze logs via SIEM, EDR, and network traffic analysis tools for potential attack indicators. Investigate security incidents, including malware infections, phishing attacks, and unauthorized access attempts. Develop and enhance incident response playbooks … solving skills, with an investigative mindset to identify security threats. Experience with malware analysis, including static and dynamic analysis techniques. Ability to develop and refine threat-hunting methodologies and define SIEM use cases. Familiarity with global cybersecurity regulations and compliance frameworks (GDPR, NIST, ISO 27001, etc.). Ability to work under pressure in a fast-paced, dynamic security environment. Experience More ❯

cyber threat intelligence, and incident response, ensuring the protection of BCG’s global network. You will work closely with the Security Operations Center (SOC), Security Information and Event Management (SIEM), and Managed Security Service Provider (MSSP) to enhance detection and response capabilities. Your expertise will contribute to strengthening our security posture and minimizing business risks associated with cyber threats. What … You Do? Act as a Tier 3 Incident Responder, supporting complex investigations into cyber security incidents. Conduct proactive threat hunting to detect and neutralize emerging threats. Monitor and analyze logs via SIEM, EDR, and network traffic analysis tools for potential attack indicators. Investigate security incidents, including malware infections, phishing attacks, and unauthorized access attempts. Develop and enhance incident response playbooks … solving skills, with an investigative mindset to identify security threats. Experience with malware analysis, including static and dynamic analysis techniques. Ability to develop and refine threat-hunting methodologies and define SIEM use cases. Familiarity with global cybersecurity regulations and compliance frameworks (GDPR, NIST, ISO 27001, etc.). Ability to work under pressure in a fast-paced, dynamic security environment. Experience More ❯

security operations, including incident response , vulnerability management , and DLP Embed security–by–design principles in collaboration with IT and Dev teams Operate and enhance security infrastructure, including HSM , EDR , SIEM , and IAM Monitor and respond to security alerts; manage threat mitigation and patch compliance Participate in change and architecture review boards, documenting detailed design work Skills & Experience Required … in cyber security engineering , ideally in legal, financial services or similarly regulated environments Hands–on expertise in: EDR tools : SentinelOne, CrowdStrike, Defender Cloud platforms : Azure, M365, Defender for Cloud SIEM : Exabeam, Splunk, QRadar IAM : ENTRA ID, CyberArk, DUO MFA Firewall & Network Security : Cisco, Palo Alto, NAC DLP tools: Microsoft Purview, Tessian Strong scripting abilities (PowerShell, Python, Perl) Familiarity with vulnerability More ❯

scans and update relevant records. • Incident readiness and handling as part of the Computer Security Incident Response team (CSIRT). • Monitor and analyse security logs from various systems (including SIEM) and network devices to identify potential threats and vulnerabilities. About you KNOWLEDGE, SKILLS & EXPERIENCE REQUIRED: • Bachelor's degree in computer science, Information Technology, Cyber Security, or a related field. • 5+ More ❯