101 to 125 of 1,426 SIEM Jobs in the UK

Azure and AWS. Relevant certifications (e.g., Microsoft SC-200, AWS Certified Cloud Practitioner). Proficiency in network/application protocols and operating systems. Experience with security tools (EDR, SOAR, SIEM). Preferred scripting/programming experience. Knowledge of cyber security legislation and best practices. Preferred experience dealing with incidents in a wide range of environments, including OT and ICS technologies. More ❯

analysts, promoting best practices in incident detection and response. Collaborate with threat intelligence teams to enhance detection capabilities and improve threat modeling. Oversee the continuous tuning and optimization of SIEM platforms and other security tools to reduce false positives and enhance detection accuracy. Contribute to red/blue team exercises to validate security controls and improve SOC readiness. Support compliance … and audit activities by providing expert analysis and reporting. Skills/Must Have: 4+ years of experience in a SOC, incident response, or cybersecurity operations role. Extensive experience with SIEM tools (e.g., Splunk, QRadar, Sentinel) and EDR solutions. Proficiency in scripting or programming languages (e.g., Python, PowerShell) for automation and data analysis. Threat Hunting Experience Strong analytical and problem-solving More ❯

techniques, tactics, and procedures (TTPs) used in detected attacks, from start to finish. Capture and feed attack chain details into detection capabilities. Ensure monitoring effectiveness by creating and updating SIEM/SOAR playbooks, adapting to evolving attacker TTPs. Use Intrusion Analysis skills to contribute to new detection techniques and research industry capabilities. Communicate with government or commercial security operations centers More ❯

the following: - Automation of SOC Processes Design and implement automation solutions to streamline repetitive tasks such as alert triaging, incident response, and reporting - Tool Integration Integrate various security tools (SIEM, SOAR, firewalls, etc.) to improve data flow and response coordination. - Optimization of Workflows Enhance and optimize SOC workflows for improved efficiency and reduced manual effort. - Development of Playbooks Create automated … SOAR platforms, Ansible, Phantom or similar). Proficiency in scripting languages (e.g., Python, PowerShell, Bash). Strong understanding of SOC processes, including incident response and threat detection. Experience with SIEM platforms (e.g., Splunk). Knowledge of security frameworks (e.g., NIST, MITRE ATT&CK). Skills Proficiency in automation tools (e.g., SOAR platforms, Ansible, Phantom). Expertise in scripting languages (e.g. … Python, PowerShell, Bash). Strong knowledge of SOC processes (incident response, threat detection). Experience with SIEM platforms (e.g., Splunk). Ability to integrate and automate security tools. Strong problem-solving and analytical skills. Experience in developing automated workflows and playbooks. Knowledge of security frameworks (e.g., MITRE ATT&CK, NIST). Strong collaboration and communication skills. Experience with log management More ❯

hands-on' shift-based roles, working as part of a 24/7 operation working in a standard rotation shift pattern. They are responsible for utilising the SOC's SIEM and SOAR toolsets to detect and investigate potential Security and Service Incidents occurring within the monitored networks. Main Duties Monitor, triage, analyse and investigate alerts, log data and network traffic … skills. Strong analytical skills Must have expertise on TCP/IP network traffic and event log analysis. Must have knowledge and hands-on experience of Microsoft Sentinel (or any SIEM tool). Must have administrative skills in several operating systems, such as Windows, OS X, and Linux Must be proficient in basic shell scripting, creating Snort rules, or other log More ❯

ideal for individuals looking to start or grow their career in cybersecurity, with opportunities for advancement and skill development. Key Responsibilities: Monitor security alerts and events from Microsoft Defender, SIEM and other security tools. Perform initial triage and analysis of security incidents. Escalate verified incidents to Tier 2/3 analysts as needed. Document incidents, investigations, and response actions in … degree in Cybersecurity, Information Technology, or related field (or equivalent experience). Basic understanding of networking concepts (TCP/IP, DNS, firewalls). Familiarity with security tools such as SIEM, antivirus, IDS/IPS, and endpoint protection. Strong analytical and problem-solving skills. Excellent written and verbal communication skills. Ability to work in a fast-paced, team-oriented environment. Ability More ❯

Analyst, you will be at the forefront of digital defence-leading incident response, improving detection mechanisms, and mentoring Junior Analysts. Your responsibilities will include: Analysing security incidents using advanced SIEM platforms (Microsoft Sentinel, Splunk) Leading incident response and driving improvements in detection and containment strategies Tuning and maintaining detection rules, using threat frameworks like Mitre Att&ck Collaborating with colleagues … the following experience: Proven experience in a Security Operations Centre (SOC) environment Previous experience working as a SOC Level 2/Cyber Security Analyst Strong hands-on expertise with SIEM tools such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (eg TCP/IP, VPNs, Firewalls) Skilled in incident response and threat intelligence analysis Familiarity with More ❯

individuals with UK citizenship. Key Responsibilities Triage incoming alerts and alarms from different security platforms and investigate/escalate them as appropriate. Proactively suggest improvements for existing EDR/SIEM alarms and create new ones based on threat intelligence and threat models. Track the progress of ongoing security incidents and provide handovers with other shifts to ensure consistent service to … analysts. What Will You Bring? For junior candidates: A passion for cybersecurity and a willingness to learn. Cyber Security Degree. Basic understanding of security concepts and tools, such as SIEM or firewalls. Strong communication and organizational skills. A proactive approach to problem-solving and the ability to work in a team. For experienced candidates: Cyber Security Degree. Proven time management … and project management skills. Hands-on experience in SOC operations and advanced SIEM tools. Proficiency in KQL (Kusto Query Language) within SIEM platforms. Demonstrated ability to execute threat-hunting activities and lead incident response. Exceptional communication skills, with the ability to engage stakeholders at all levels. Desirable Skills and Experience Practical experience with Microsoft Sentinel, Azure, and Defender. Knowledge of More ❯

national infrastructure through proactive monitoring, analysis, and improvement of cybersecurity postures. Essential Skills and Experience: Proven experience in a Security Operations Centre (SOC) environment. Strong hands-on expertise with SIEM tools such as Microsoft Sentinel and Splunk . Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ). Skilled in incident response and threat intelligence analysis … a Senior SOC Analyst , you will be at the forefront -leading incident response, improving detection mechanisms, and mentoring junior analysts. Your responsibilities will include: Analysing security incidents using advanced SIEM platforms ( Microsoft Sentinel , Splunk ). Leading incident response and driving improvements in detection and containment strategies. Tuning and maintaining detection rules, using threat frameworks like Mitre Att&ck . Collaborating More ❯

national infrastructure through proactive monitoring, analysis, and improvement of cybersecurity postures. Essential Skills and Experience: Proven experience in a Security Operations Centre (SOC) environment Strong hands-on expertise with SIEM tools such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ) Skilled in incident response and threat intelligence analysis Familiarity with … SOC Analyst , you will be at the forefront of digital defenceleading incident response, improving detection mechanisms, and mentoring junior analysts. Your responsibilities will include: Analysing security incidents using advanced SIEM platforms ( Microsoft Sentinel , Splunk ) Leading incident response and driving improvements in detection and containment strategies Tuning and maintaining detection rules, using threat frameworks like Mitre Att&ck Collaborating with colleagues More ❯

closing meetings. External Audit Coordination: Collaborate with external audit teams to streamline processes and provide requested documentation and evidence. Security Monitoring: Use tools such as Rapid7 InsightIDR or other SIEM solutions to assist with security monitoring and incident detection. Incident Response Support: Participate in incident response efforts, documenting security incidents and assisting in containment and recovery actions. Threat Identification: Contribute … audit and compliance frameworks, including ISO 27001, ISO 27701, ISO 42001, GDPR, DORA, Cyber Essentials, and Cyber Essentials Plus. Familiarity with CSOC tools such as Rapid7 InsightIDR or other SIEM solutions. Hands-on experience in internal and external audits, compliance assessments, and process improvement. Basic understanding of incident response frameworks and cybersecurity best practices. Exceptional analytical, organizational, and communication skills. More ❯

closing meetings. External Audit Coordination: Collaborate with external audit teams to streamline processes and provide requested documentation and evidence. Security Monitoring: Use tools such as Rapid7 InsightIDR or other SIEM solutions to assist with security monitoring and incident detection. Incident Response Support: Participate in incident response efforts, documenting security incidents and assisting in containment and recovery actions. Threat Identification: Contribute … audit and compliance frameworks, including ISO 27001, ISO 27701, ISO 42001, GDPR, DORA, Cyber Essentials, and Cyber Essentials Plus. Familiarity with CSOC tools such as Rapid7 InsightIDR or other SIEM solutions. Hands-on experience in internal and external audits, compliance assessments, and process improvement. Basic understanding of incident response frameworks and cybersecurity best practices. Exceptional analytical, organizational, and communication skills. More ❯

Azure AD, MFA, Conditional Access, SSO, and Privileged Access Management (PAM). • Lead threat monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. • Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). • Conduct regular security risk assessments, penetration tests, and vulnerability management across cloud services. … Azure AD, MFA, Conditional Access, Single Sign-On (SSO), and Privileged Access Management (PAM). • Threat Management & Incident Response: Ability to detect, respond to, and mitigate cyber threats using SIEM, endpoint security, and vulnerability management tools. • Networking & Infrastructure Security: Understanding of firewalls, VPNs, SD-WAN, DNS security, endpoint protection, and cloud security controls. • IT Service Management & Automation: Experience implementing ITIL More ❯

knowledge of networking protocols, operating systems, and cloud technologies. Strong understanding of security principles, practices, and frameworks (e.g., PCI, NIST, ISO 27001). Experience with security tools such as SIEM, IDS/IPS, endpoint protection, and penetration testing tools. Experience with public cloud security, specifically AWS, Azure, and Google Cloud Platform (GCP). You will have an advantage if you More ❯

knowledge of networking protocols, operating systems, and cloud technologies. Strong understanding of security principles, practices, and frameworks (e.g., PCI, NIST, ISO 27001). Experience with security tools such as SIEM, IDS/IPS, endpoint protection, and penetration testing tools. Experience with public cloud security, specifically AWS, Azure, and Google Cloud Platform (GCP). You will have an advantage if you More ❯

of security best practices and how to implement them at a business-wide level; Experience with managing, configuring, and deploying enterprise-grade security solutions in some of the following: SIEM Privileged Access Management/Identity Access Management/Multifactor Authentication Endpoint Detection & Response Network Access Control Cloud based architecture such as Azure/AWS Active Directory Soft skills including excellent More ❯

Azure AD, MFA, Conditional Access, SSO, and Privileged Access Management (PAM). Lead threat monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). Conduct regular security risk assessments, penetration tests, and vulnerability management across cloud services. … Azure AD, MFA, Conditional Access, Single Sign-On (SSO), and Privileged Access Management (PAM). Threat Management & Incident Response: Ability to detect, respond to, and mitigate cyber threats using SIEM, endpoint security, and vulnerability management tools. Networking & Infrastructure Security: Understanding of firewalls, VPNs, SD-WAN, DNS security, endpoint protection, and cloud security controls. IT Service Management & Automation: Experience implementing ITIL More ❯

programs for staff and ensure technical progress of their abilities * Performs other duties as assigned Skills/Abilities * Proficient with industry standard security technologies, including firewalls, IDS/IPS, SIEM tools, endpoint monitoring, etc. * Knowledge of incident response procedures and best practices * Familiarity with threat intelligence process and integration * Highly developed communication skills * Excellent organizational skills Education Bachelor's Degree More ❯

skilled and experienced Security Analyst to join our team. The ideal candidate will have a strong background in vulnerability management and experience working with Security Information and Event Management (SIEM) tools such as Microsoft Sentinel. You will play a critical role in ensuring the security of our cloud environments, infrastructure, and business units by identifying, analyzing, and addressing vulnerabilities and … of information to identify, analyze, and report on relevant threats and vulnerabilities. Continuously monitor and assess the threat landscape to adjust security measures accordingly. SIEM and EDR: Implement and manage SIEM tools such as Microsoft Sentinel to monitor and respond to security incidents. Utilize Endpoint Detection and Response (EDR) tools like Microsoft Defender to detect, investigate, and mitigate threats. Cloud … across the entire estate, ensuring compliance with security policies and standards. Qualifications: Proven experience in vulnerability management and the use of tools like Tenable One. Hands-on experience with SIEM tools, particularly Microsoft Sentinel. Experience deploying and managing vulnerability assessment and Attack Surface Management tools. Strong knowledge of cloud security, particularly in AWS and Azure environments. Proficiency with EDR tools More ❯

expertise in security tools and technologies, with the ability to work independently while collaborating effectively with cross-functional teams. Key Responsibilities: Use knowledge of security tools (EDR/XDR, SIEM, VM, etc.) to conduct detailed investigations. Coordinate and lead incident response activities, including detection, investigation, containment, eradication, and recovery in coordination with external stakeholders (HSP(s), Managed Security Service Providers More ❯

Organisational Environment. This role is critical in identifying and responding to security incidents to protect our customers information assets. What will you be doing? •Monitor Security Information & Event Management (SIEM) Tools: Continuously monitor SIEM tools to pro-actively engage with and investigate potential security incidents. •Incident Identification and Triage: Identify, analyse, and prioritize security incidents, escalating them as necessary within … Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field. •Experience: experience in IT Security or Security Operations Team. Network Security Experience may be considered if SIEM specific qualifications and exposure are evident in the applicant’s experience. •Desirable Certifications (any of): •Microsoft AZ-200 •ISC2 Certified in Cybersecurity •CompTIA Security+ Internal •CompTIA CySA+ •Demonstrable experience using … Microsoft Sentinel or Similar SIEM tooling. •Familiarity with security tools and technologies such as SIEM, IDS/IPS, firewalls, and antivirus software. •Proficiency in using log analysis tools and basic scripting languages (e.g., Python, PowerShell) is a plus Why come and work with us at Systal? Competitive salary and benefits package. Unrivalled training and development, ensuring you stay at the More ❯

ensure the integrity, confidentiality, and availability of information assets. Key Responsibilities: Monitor security alerts and events from various sources, including intrusion detection systems (IDS), firewalls, and SIEM (Security Information and Event Management) systems. Conduct initial analysis and triage of security incidents to determine the severity and impact. Assist in the investigation of security breaches and other cyber security incidents. Support … Basic understanding of networking concepts and protocols (TCP/IP, DNS, HTTP, etc.). Familiarity with security tools and technologies, such as firewalls, IDS/IPS, anti-virus software, and SIEM systems. Strong analytical and problem-solving skills. Ability to work in a fast-paced environment and manage multiple tasks simultaneously. Excellent communication and teamwork skills. Willingness to learn and More ❯

strong understanding of information security principles, including confidentiality, integrity, and availability. Experience with security tools and technologies, including vulnerability scanners, intrusion detection systems, and security information and event management (SIEM) systems. Excellent communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams. Strong problem-solving and analytical skills, with the ability to identify and mitigate complex More ❯

NAC, IPS/IDS, and SD-WAN. Understanding of Zero Trust Architecture, microsegmentation, and secure cloud networking (e.g., Azure, AWS, GCP). Experience with security information and event management (SIEM), threat intelligence, and vulnerability management. Excellent communication and documentation skills, with the ability to influence and educate stakeholders. Relevant certifications strongly preferred (e.g., CISSP, CCNP Security, CCIE Security, GIAC, Azure More ❯

a timely manner. Conduct vulnerability assessments and support remediation efforts. Perform threat hunting and root cause analysis on security incidents. Support the implementation and management of security tools (e.g., SIEM, IDS/IPS, endpoint protection). Collaborate with IT and development teams to secure systems, networks, and applications. Investigate phishing attempts, malware infections, and suspicious activities. Assist in creating and … . 2+ years of experience in a cybersecurity or IT security role. Technical Skills: Knowledge of networking protocols, firewalls, intrusion detection/prevention systems, and endpoint protection. Experience with SIEM tools such as Splunk, QRadar, or Sentinel. Familiarity with security frameworks and standards (e.g., NIST, ISO 27001, CIS). Understanding of threat vectors, malware behavior, and incident response procedures. Proficient More ❯