1 to 25 of 95 Remote SIEM Jobs in the UK

Essentials Plus). Experience aligning infrastructure builds with cyber security standards such as NCSC guidance, CIS benchmarks, or Microsoft Security Baselines. Experience implementing monitoring, logging, and alerting toolsets including SIEM and threat detection platforms. Understanding of data classification, encryption, and secure storage/access principles. Familiarity with endpoint protection platforms and vulnerability management tools. Experience securing hybrid identity solutions and More ❯

or solutions architecture role. Background working with or for a VAR, Systems Integrator, or Security Vendor highly desirable . Technical Expertise Strong understanding of enterprise security technologies, including firewalls, SIEM/SOAR, IAM, DLP, SASE, Zero Trust, and cloud security. Working knowledge of AWS, Azure, and GCP security services. Broad understanding of networking, virtualisation, and enterprise infrastructure. CISSP, CCSP, or More ❯

and on-premise troubleshooting environments * Relevant Azure security certifications (e.g. AZ-500, Azure Security Engineer Associate), IS(phone number removed) Auditor * Familiarity with security automation and monitoring tools (e.g. SIEM/SOAR) * Proficiency with Cisco and/or Meraki network admin (LAN, VPN, Firewalls) For more information or immediate consideration for this opportunity, please contact Charlie Grant at CPS Group More ❯

of security investigations best practice including the use of Microsoft Purview and computer forensics an advantage. Experience of utilising and monitoring Information Security solutions e.g. email/web gateways, SIEM, Endpoint protection etc. Strong awareness of Cloud services and supporting security solutions & standards. Good understanding of cloud native and devops practices including pipelines and associated processes Hands on experience of More ❯

Leading investigations into escalated security events and incidents Driving containment, remediation, and root-cause analysis for major incidents Performing malware analysis, reverse engineering, and threat hunting Developing and optimising SIEM use cases (Splunk, QRadar) Shaping SOC runbooks, playbooks, and incident response procedures Supporting client stakeholders with incident reporting and recommendations Staying ahead of emerging threats and integrating threat intelligence Acting More ❯

programming language - Demonstrable experience in using SOAR tooling and its application - Application of data science against large datasets involving unstructured data and designing data models - Knowledge of using SIEM platforms to identify suspected security events and creating content to enhance the platform - Knowledge of custom API's to leverage the SOAR's functionality - Ability to communicate to other stakeholders across More ❯

programming language - Demonstrable experience in using SOAR tooling and its application - Application of data science against large datasets involving unstructured data and designing data models - Knowledge of using SIEM platforms to identify suspected security events and creating content to enhance the platform - Knowledge of custom API's to leverage the SOAR's functionality - Ability to communicate to other stakeholders across More ❯

AD) Microsoft Purview Microsoft Intune Azure Security Center Information Security (On-Premise): Firewalls (e.g. Palo Alto, Fortinet) Intrusion Detection/Prevention Systems (IDS/IPS) Endpoint Protection Platforms (EPP) SIEM tools (on-prem or hybrid) Identity & Access Management (IAM) Patch management and vulnerability scanning Data Loss Prevention (DLP) Candidate Profile Proven experience delivering large-scale cyber and information security programmes More ❯

creation, and threat modelling. The Senior SOC Engineer will play a key role in building and optimising detection and response strategies, ensuring robust protection against evolving threats. Key Responsibilities SIEM Engineering & Management Deploy, configure, and maintain the QRadar SIEM platform. Onboard and normalise log sources across on-premises and cloud environments. Develop and optimise analytical rules for threat detection, anomaly … Modelling & Use Case Development Lead threat modelling exercises using frameworks such as MITRE ATT&CK, STRIDE, and Cyber Kill Chain. Translate threat models into actionable detection use cases and SIEM rules. Prioritise detection engineering based on business risk and impact. Reporting & Collaboration Produce reports and dashboards to communicate security posture and incident trends. Partner with IT, DevOps, and compliance teams … to clients. Participate in continual service improvement initiatives, recommending changes to address recurring incidents. Skills & Qualifications Eligible for, or already holding, SC Clearance. Proven expertise in IBM QRadar and SIEM engineering. Strong knowledge of log formats, parsing, and normalisation. Proficiency in SIEM query languages such as KQL, SPL, AQL. Scripting experience with Python or PowerShell for automation. Deep understanding of More ❯

Regulatory requirement expertise - Cyber Essentials Plus, ISO 27001 and GDPR Microsoft security tools - Defender, Entra ID, Purview Cloud platform exposure - Azure preferred Broad experience of configuring and management of SIEM tooling Certifications CISSP, CISM are a non-negotiable Hands-on expertise with identity and access management, endpoint protection, vulnerability and patch management and cloud security. Ability to explain complex technical More ❯

Proven experience leading and managing technical teams. Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO/IEC 27001, IAM). Proficiency with cybersecurity tools and platforms (e.g., SIEM, SOAR, SAS, Sandboxes, EDR solutions and cloud technologies). Working of knowledge of access control principles, cloud technologies (CNAPP, CSPM), data retention, and encryption methodologies. Excellent problem-solving, investigative mindset More ❯

Network, Application Logs Security frameworks/Standards (NIST, CIS, ISO27001) Scripting & Automation (PowerShell, Azure CLI, Azure Logic Apps) MITRE ATT&CK, Threat Modelling Knowledge of CVEs and security vulnerabilities SIEM Tools, Cyber Hunting Techniques Operational threat intelligence and common attack vectors Security vulnerabilities, technical reports Cyber Defence Manager will pay a salary range of £70,000 to £85,000 plus More ❯

Network, Application Logs Security frameworks/Standards (NIST, CIS, ISO27001) Scripting & Automation (PowerShell, Azure CLI, Azure Logic Apps) MITRE ATT&CK, Threat Modelling Knowledge of CVEs and security vulnerabilities SIEM Tools, Cyber Hunting Techniques Operational threat intelligence and common attack vectors Security vulnerabilities, technical reports Cyber Defence Manager will pay a salary range of £70,000 to £85,000 plus More ❯

exercises Champion cloud security principles across product engineering teams Incident Management & Monitoring: Lead incident response for security risks and issues raised by SOC teams Manage implementation of logging and SIEM integration for comprehensive monitoring Prioritise and oversee vulnerability remediation across the platform Support penetration testing activities and security audits Collaboration & Leadership: Build strong relationships with central security teams and contribute More ❯

organisational procedures and business continuity plans. Operate tools and processes to identify vulnerabilities and support timely patching across systems and infrastructure. Configure and maintain security tools and systems (e.g. SIEM, firewalls) in accordance with defined policies and procedures. Support the production of security metrics and documentation; share knowledge and best practice with colleagues to promote security awareness. Skills and experience More ❯

interest in technology Experience of Information Security standards and frameworks Awareness and understanding of the Information Security threat landscape Understanding of Information Security solutions e.g. email/web gateways, SIEM, Endpoint protection etc. Knowledge/experience working with next gen security solutions Awareness of Cloud security solutions and standards is highly advantageous Experience working within recognised Information Security frameworks and More ❯

AD) Microsoft Purview Microsoft Intune Azure Security Center Information Security (On-Premise): Firewalls (e.g. Palo Alto, Fortinet) Intrusion Detection/Prevention Systems (IDS/IPS) Endpoint Protection Platforms (EPP) SIEM tools (on-prem or hybrid) Identity & Access Management (IAM) Patch management and vulnerability scanning tools Data Loss Prevention (DLP) solutions Candidate Profile: Strong hands-on experience in cyber and information More ❯

Qualifications Required: 5+ years in cyber security leadership with a strong technical security background. Expertise in Microsoft & Azure security environments (cloud, hybrid, on-prem). Hands-on experience with SIEM, EDR, and XDR solutions for security monitoring. Certifications preferred: CISSP, CISM, AZ-500, SC-200, SC-100. Strong knowledge of ISO 27001, NIST, CIS benchmarks, and security governance. Experience leading More ❯

Qualifications Required: 5+ years in cyber security leadership with a strong technical security background. Expertise in Microsoft & Azure security environments (cloud, hybrid, on-prem). Hands-on experience with SIEM, EDR, and XDR solutions for security monitoring. Certifications preferred: CISSP, CISM, AZ-500, SC-200, SC-100. Strong knowledge of ISO 27001, NIST, CIS benchmarks, and security governance. Experience leading More ❯

Qualifications Required: 5+ years in cyber security leadership with a strong technical security background. Expertise in Microsoft & Azure security environments (cloud, hybrid, on-prem). Hands-on experience with SIEM, EDR, and XDR solutions for security monitoring. Certifications preferred: CISSP, CISM, AZ-500, SC-200, SC-100. Strong knowledge of ISO 27001, NIST, CIS benchmarks, and security governance. Experience leading More ❯

Qualifications Required: 5+ years in cyber security leadership with a strong technical security background. Expertise in Microsoft & Azure security environments (cloud, hybrid, on-prem). Hands-on experience with SIEM, EDR, and XDR solutions for security monitoring. Certifications preferred: CISSP, CISM, AZ-500, SC-200, SC-100. Strong knowledge of ISO 27001, NIST, CIS benchmarks, and security governance. Experience leading More ❯

Qualifications Required: 5+ years in cyber security leadership with a strong technical security background. Expertise in Microsoft & Azure security environments (cloud, hybrid, on-prem). Hands-on experience with SIEM, EDR, and XDR solutions for security monitoring. Certifications preferred: CISSP, CISM, AZ-500, SC-200, SC-100. Strong knowledge of ISO 27001, NIST, CIS benchmarks, and security governance. Experience leading More ❯

and help shape our strategy using frameworks such as OWASP, SASE, and Zero Trust. What We're Looking For Essential: Proven experience in cyber security engineering, including vulnerability management, SIEM, WAFs, and secure infrastructure design. Strong knowledge of TCP/IP, firewalls, routing, access controls, and threat-based security approaches. Excellent communication skills with the ability to create and maintain More ❯

code (IaC) deployments across Azure. Lead container, API, and web application security initiatives, including code reviews. Support threat modelling, vulnerability management, and penetration testing activities. Drive logging integration with SIEM tools, enabling SOC monitoring and incident response. Coach engineering teams on cloud security principles and manage audit-related actions. What You'll Bring Essential Skills: Deep expertise in Azure security More ❯

threats by researching, testing, and implementing new solutions. What we'd love you to bring: A solid grounding in network and system security (think firewalls, VPNs, IDS/IPS, SIEM). Knowledge of security frameworks (ISO 27001, NIST, CIS, etc.) and how to actually apply them. Experience with cloud platforms (AWS, Azure, GCP) and securing them. Scripting or coding chops More ❯