1 to 25 of 630 Remote SIEM Jobs in the UK

auditing security measures, security response, and incident management. • Possess a working knowledge of Cisco network switches, routers, firewalls and VPN, network security, administration of DLP, antivirusantimalware, IDS/IPS, SIEM, SMTP, Email security, AD, Group Policy, DNS, DHCP, and VLANs. • Experience with identity access management solutions, such as SAMLOATH • Experience with HIDS and NIDS • The ideal candidate possesses relevant information More ❯

build, and support of the Security Operations technology infrastructure. Responsibilities include: Provide effective incident management through monitoring and analysis of Security Events and Incidents on a diverse range of SIEM tools and monitoring capabilities. Triage, mitigate and escalate incidents accordingly, while capturing and recording pertinent information. Perform appropriate contingency and containment procedures in response to planned or unexpected events. Produce … hour shift pattern, to include daytime, nighttime and weekend work. What it takes: 3+ years’ experience of working in a SOC environment or Cybersecurity role. Experience of working with SIEM tools. Experience of Incident Response and/or forensic skills. Thorough understanding of Cybersecurity Tactics, Techniques and Procedures (TTPs). Understanding of vulnerability management, gap remediation, risk logging, and tracking. More ❯

security as a primary requirement). Drive adoption and integration of the latest security technologies. Installing, configuring, updating, and monitoring security tools and software, such as antivirus, encryption, authentication, SIEM etc. Evaluate, research and manage emerging cyber security threats. Support the incident management process, through Root Cause Analysis. Responding to and resolving security incidents and events, such as malware infections More ❯

Qualifications: Proven experience in a cyber security or information security engineering role. Strong knowledge of network and system security, encryption, and authentication protocols. Experience with security tools such as SIEM, vulnerability scanners, firewalls, antivirus, and endpoint protection platforms. Familiarity with cloud security (AWS, Azure, or GCP) and hybrid environments. Good understanding of regulatory frameworks and standards (ISO 27001, NIST, PCI More ❯

Qualifications: Proven experience in a cyber security or information security engineering role. Strong knowledge of network and system security, encryption, and authentication protocols. Experience with security tools such as SIEM, vulnerability scanners, firewalls, antivirus, and endpoint protection platforms. Familiarity with cloud security (AWS, Azure, or GCP) and hybrid environments. Good understanding of regulatory frameworks and standards (ISO 27001, NIST, PCI More ❯

Qualifications: Proven experience in a cyber security or information security engineering role. Strong knowledge of network and system security, encryption, and authentication protocols. Experience with security tools such as SIEM, vulnerability scanners, firewalls, antivirus, and endpoint protection platforms. Familiarity with cloud security (AWS, Azure, or GCP) and hybrid environments. Good understanding of regulatory frameworks and standards (ISO 27001, NIST, PCI More ❯

Qualifications: Proven experience in a cyber security or information security engineering role. Strong knowledge of network and system security, encryption, and authentication protocols. Experience with security tools such as SIEM, vulnerability scanners, firewalls, antivirus, and endpoint protection platforms. Familiarity with cloud security (AWS, Azure, or GCP) and hybrid environments. Good understanding of regulatory frameworks and standards (ISO 27001, NIST, PCI More ❯

and applications. You’ll monitor security tools and alerts, respond to threats, and contribute to the development and implementation of controls across cloud and on-premise environments. Responsibilities: Analyse SIEM events and alerts, ensuring effective investigation and resolution. Respond to phishing incidents and manage malicious email reporting. Support incident response, escalation, and coordination. Monitor cloud and on-premises environments for … . Practical knowledge of cloud security across AWS, Azure, or GCP (e.g. CloudTrail, Sentinel). Experience with endpoint protection, DLP, IDS/IPS, MFA, and content filtering. Familiarity with SIEM platforms and vulnerability management tools. Exposure to SOAR platforms and scripting or development skills (e.g. Python, Bash). Understanding of frameworks such as ISO 27001/2, NIST, SOC, or More ❯

management, threat hunting, playbook designing & detection rule staging. Key Responsibilities of the role would include: Provide SecOps support capability working with information security alerts using Security Information & Event Management (SIEM) to triage, mitigate & escalate issues as needed while capturing essential details and artefacts. Perform analysis of security alerts to evaluate risk, determine containment action & identify required preventative measures. Review & triage … ability in relevant areas such as incident response, intrusion analysis, malware analysis, etc. Analytical approach to problem-solving. Excellent communication skills. Working knowledge of security monitoring software, such as SIEM tools (Splunk, etc.). Understanding & familiarity with networking concepts & protocols such as TCP/IP, UDP, DNS, DHCP, HTTP, etc. Understanding & familiarity with operating system fundamentals such as Windows. Ideally More ❯

and modern frameworks (e.g., Django, Node.js , React). Expert-level scripting and automation skills (e.g., Python, Bash, PowerShell) for workflow automation, tooling, and log analysis. Proficient in log analysis, SIEM usage/configuration, threat hunting, and querying tools to support detection and response. Familiarity with static and dynamic analysis techniques and vulnerability mitigation. Strong understanding of modern cloud platforms-especially … OSCP, GCIH, GWAPT, or CISSP. Familiarity with security frameworks such as NIST CSF, MITRE ATT&CK, OWASP ASVS, or ISO 27001. Experience with commercial security tools such as EDR, SIEM, CSPM, CNAPP, vulnerability scanners, bug bounty platforms, WAFs, or compliance automation platforms. Prior experience driving security engineering for a SaaS-based company. Experience leveraging automation or AI/ML tools More ❯

security as a primary requirement). Drive adoption and integration of the latest security technologies. Installing, configuring, updating, and monitoring security tools and software, such as antivirus, encryption, authentication, SIEM etc. Evaluate, research and manage emerging cyber security threats. Support the incident management process, through Root Cause Analysis. Responding to and resolving security incidents and events, such as malware infections More ❯

security as a primary requirement). Drive adoption and integration of the latest security technologies. Installing, configuring, updating, and monitoring security tools and software, such as antivirus, encryption, authentication, SIEM etc. Evaluate, research and manage emerging cyber security threats. Support the incident management process, through Root Cause Analysis. Responding to and resolving security incidents and events, such as malware infections More ❯

security, including firewalls, WAF, anti-virus, and O365 compliance & security centre . Familiarity with NIST (CSF Framework 2.0), ISO 27001, PCI-DSS, and GDPR . Experience operating and managing SIEM solutions , vulnerability management tools, and secure configuration tooling. Ability to use PowerShell and Python scripting for security automation. Experience working in or with agile and/or SecOps oriented teams More ❯

hours. Support Major Incident Response activity, from a Protective Monitoring perspective, including supporting teams in identification, containment, and remediation of security related threat. Identify opportunities for SOC and client SIEM platform configuration improvements, use case development, monitoring rule creation, tuning & optimization. Assist in architectural design to facilitate the onboarding of new information systems, including the assessment, parsing, onboarding of log … as an MSSP, including Lighthouse, and management and multi-customer environments using DevOps. Level 3 SOC Analyst/Senior Cyber Security and/or security operations experience. Experience with SIEM platforms, including IBM QRadar, Microsoft Sentinel and LogRhythm. In-depth experience with Microsoft Sentinel, including use case and rule development, workbook/playbook creation, KQL & Logic Apps/SOAR. Experience … of onboarding, tuning, reporting, and configuring SIEM solutions. Experience of threat intelligence. Leadership and mentoring experience and skills. Understanding of low-level concepts including operating systems and networking. Commercial experience in Penetration Testing and/or Security Monitoring. Understanding of networking and infrastructure design. Knowledge/experience of one or more System administration (Linux, Windows, Mac). Cyber security degree More ❯

desirable. Minimum 5 years experience in Information Security. Proficiency in security frameworks like NIST, implementing and auditing security measures. Knowledge of Cisco networking, firewalls, VPN, DLP, IDS/IPS, SIEM, and related technologies. Experience with identity access management solutions such as SAML, OAuth. Relevant security certifications (e.g., CISSP, CISM, CEH) are highly desirable. Ability to analyze and recommend security improvements. More ❯

Role Overview: Utilising knowledge of security operations, incident response, and detection engineering, you will be responsible for the delivery of SIEM detections and security automations. The successful candidate will be proficient in automation and orchestration tools (e.g., SOAR platforms, scripting languages like Python, PowerShell) and have experience with integrating security tools (e.g., SIEM, EDR, firewalls) APIs, and Case Management tools … for data enrichment. Responsibilities: Build security automations, logging, and SIEM detections to improve the CDO's efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline CDO operations, including incident response, threat hunting, cyber threat intelligence and vulnerability management. Collaborate with CDO analysts to identify repetitive tasks and automate them to improve operational efficiency. … Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions. Continuously evaluate automation solutions for performance, reliability, and scalability, making improvements, as necessary. Collaborate with third-party vendors and service providers to leverage automation opportunities and ensure successful integrations. Lead technical migration of log sources into More ❯

and response. · Manage security tools, including endpoint protection software, patch and update management systems, vulnerability management systems, cloud security posture management (CSPM) systems, firewalls, intrusion detection/prevention systems, SIEM platforms, and encryption technologies. · Coordinate with IT Operations, IT Development, compliance and other departments to ensure secure systems design and regulatory compliance. · Oversee third-party vendor security assessments and due … or a related field. ·3 –6 years of experience in information security. · Strong knowledge of financial industry regulations and compliance requirements. · Hands-on experience with firewalls, IDS/IPS, SIEM, EDR/XDR, and cloud security tools. · Professional certifications such as CISSP, CISM, CISA, or CEH. · Strong knowledge of security architecture, risk management, incident response, and regulatory compliance. · Experience with More ❯

knowledge of networking protocols, operating systems, and cloud technologies. Strong understanding of security principles, practices, and frameworks (e.g., PCI, NIST, ISO 27001). Experience with security tools such as SIEM, IDS/IPS, endpoint protection, and penetration testing tools. Experience with public cloud security, specifically AWS, Azure, and Google Cloud Platform (GCP). You Will Have An Advantage If You More ❯

knowledge of networking protocols, operating systems, and cloud technologies. Strong understanding of security principles, practices, and frameworks (e.g., PCI, NIST, ISO 27001). Experience with security tools such as SIEM, IDS/IPS, endpoint protection, and penetration testing tools. Experience with public cloud security, specifically AWS, Azure, and Google Cloud Platform (GCP). You will have an advantage if you More ❯

systems, providing proactive threat detection and response, and supporting the implementation of security controls and policies across cloud, on-premise, and hybrid environments. This role also involves working with SIEM solutions, automating security workflows, and contributing to the company's compliance with Cyber Essentials Plus and ISO 27001 standards. Key Responsibilities: Design, implement, and manage network security architectures, including firewalls … for enterprise-wide network security and threat management. Leverage Infrastructure as Code (IaC) principles using Terraform to automate security policies and infrastructure deployment. Utilize Security Information and Event Management (SIEM) solutions (preferably Microsoft Sentinel SIEM ) to monitor, detect, and respond to security incidents. Create and maintain runbooks for security incident response, including automating workflows to improve incident response times. Lead … related use cases (e.g., securing cloud infrastructure, managing security controls). SIEM Solutions: First-hand experience working with SIEM solutions , particularly Microsoft Sentinel SIEM . Experience in designing and managing SIEM rule sets, creating dashboards, and correlating data for threat detection. Familiarity with security event log analysis, alerts management, and incident response workflows. Cybersecurity Frameworks & Compliance: Knowledge of Cyber Essentials More ❯

the Microsoft Defender suite. The ideal candidate will take a lead role in advanced threat detection, incident response, detection engineering, and security monitoring, while also optimizing license consumption and SIEM integration efforts. 5+ years in cybersecurity with 2+ years in a Level 3 SOC role Key Responsibilities: Advanced Threat Detection & Incident Response - Investigate and analyze complex security incidents escalated from … L1/L2 SOC analysts. - Leverage Microsoft Sentinel (SIEM) and Microsoft Defender XDR to conduct in-depth incident response. - Correlate multi-source telemetry (network, endpoint, identity, cloud) to identify and contain threats. Threat Hunting & Detection Engineering - Perform proactive threat hunting using KQL within Microsoft Sentinel. - Develop and fine-tune custom analytics rules, workbooks, and hunting queries. - Apply the MITRE ATT More ❯

practices (, ISO 27001, NIST, CIS). Strong understanding of network security, application security, cryptography, and cloud security. Experience with security tools and technologies such as firewalls, IDS/IPS, SIEM, and endpoint protection. Excellent analytical, problem-solving, and communication skills. Ability to work independently and manage multiple projects simultaneously. SC (Security Clearance) or DV (Developed Vetting) clearance is preferred, or More ❯

will possess strong communication and incident management skills and will be committed to ensuring the highest level of security, compliance, and user experience. Responsibilities: Investigate security alerts from our SIEM tool and 3rd party MSSPs, and to provide appropriate incident response actions. Liaise with technology and business stakeholders in relation to cyber security issues/incidents providing clear descriptions and … teams. Supporting out-of-hours incident investigations via an On-Call rota, covering 24*7*365 alongside our 3rd party MSSP. Monitor, analyse and optimise SecOps tool performance (e.g. SIEM, PAM), identify potential issues, and recommend and implement proactive solutions. Develop and maintain SecOps documentation, policies, and procedures. Collaborate with stakeholders to understand business requirements and implementing security controls that … problems in a simple manner to non-technical audiences Strong understanding of OT infrastructure, networking, and end-user computing. Experience writing Kusto Query Language (KQL) for creating and tuning SIEM queries and alerts. Proficient in configuration and troubleshooting of multi-factor authentication (MFA), Privileged Access Management (PAM) and Security Information & Event Management (SIEM) systems, in particular Microsoft Sentinel. Desirable Experience More ❯

meetings and communications to ensure their needs are met and any issues are addressed, assisting the service delivery manager with technical issues. Triage and analysis of alerts from multiple SIEM’s and Platforms (Microsoft Sentinel, Microsoft Defender, SentinelOne and AppGuard) and intelligence monitoring capabilities, prior to escalation to the Shift Leader in accordance with the customer contracted Service Level Agreements. More ❯

meetings and communications to ensure their needs are met and any issues are addressed, assisting the service delivery manager with technical issues. Triage and analysis of alerts from multiple SIEM’s and Platforms (Microsoft Sentinel, Microsoft Defender, SentinelOne and AppGuard) and intelligence monitoring capabilities, prior to escalation to the Shift Leader in accordance with the customer contracted Service Level Agreements. More ❯