lead the organization's adversary emulation function, ensuring robust prevention and detection capabilities against modern cyber threats. With ongoing projects to refresh EDR andSIEM tools, you will be responsible for validating their effectiveness through threat-led sprints and creating or customizing attack detection rules. Responsibilities Define and execute adversary more »
hours. Skills and experience: * Experience of leading a SOC (would consider someone who has led a team in a related area) * Good understanding of SIEMand SOC tooling * An understanding of the whole killchain * Technical skills across Windows, Azure and good scripting skills * A hands-on leader who can act more »
or similar frameworks experience and certifications VMware VMware Cloud vSphere vSAN vCenter ESXi Dell VxRail Designing highly secure on prem infrastructure Cross Domain Gateways SIEM National Defence experience not essential but highly advantageous HLD and LLD Windows Data Diodes All applicants must either have or be able to obtain SC more »
At Direct Line Group, insurance is just the start. Combining decades of industry experience with talented people in every field from data, technology, customer care and auto repair, to HR, finance and procurement , we're a customer-obsessed market powerhouse. more »
Threat Intelligence which is actionable information (e.g. IOCs/TTPs), conduct threat hunting activities; leveraging and analyzing sources of information as available through the SIEM, in addition identify and investigate potential suspicious activity as well as helping organizations identify, isolate and contain security issues. You will support the initial implementation … type and severity. • Identify, create and implement improvements to procedures and processes, with the SOC Manager’s approval. • Identify opportunities for SOC and client SIEM platform configuration improvements, use case development, monitoring rule creation, tuning & optimization. • Stakeholder and Client Reporting, and engagement • Assist in architectural design to facilitate the onboarding … in managing Microsoft Sentinel as an MSSP, including Lighthouse, andmanagementand multi-customer environments using DevOps • Experience of onboarding, tuning, reporting and configuring SIEM solutions • Experience of threat intelligence • Leadership and mentoring experience and skills • Understanding of low-level concepts including operating systems and networking • Commercial experience in Penetration more »
fall into your shift pattern) as part of a 24x7 team. Principal Duties and Responsibilities Monitor and identify cyber security threats as well as SIEM alerts that pose a risk, or have the potential to pose a risk, to the client. Triage alerts & alarms across a broad range of security … logs Cloud technologies (AWS, Google Cloud, Azure) Active Directory, Group Policies, PowerShell Endpoint protection applications (Antivirus, Web Filtering, ATP, Encryption) IDP/IPS Systems SIEM tools SOAR is an added advantage Knowledge of malware capabilities, attack vectors and impact. Personal Qualities: Excellent interpersonal & customer service skills Ability to communicate technical more »
intelligence Responsible for providing security expertise to escalated incidents Act as the incident handler for P1/P2 incidents Provide and support In-depth SIEMand Incident notification toolset administration and configuration Fully utilize threat intelligence capabilities for proactive threat hunting Responsible for providing communication directly with CyberClans’ customers regarding … including threat hunting, incident response and incident investigation. Contribute to the design and development of defence and response strategies, knowledge base and playbooks. Monitoring SIEM alerts effectively to minimize downtime and restore services. Ensure investigation steps are clearly documented and accurately escalated when needed. Responsible for producing and maintaining documentation … analysis. Cloud technologies (AWS, Google Cloud, Azure) Active Directory, Group Policies, PowerShell Endpoint protection applications (Antivirus, Web Filtering, ATP, Encryption) IDP/IPS Systems SIEM tools (such as Splunk) SOAR is an added advantage Knowledge of malware capabilities, attack vectors and impact. Knowledge of the MITRE ATT&CK framework to more »
Cardiff, Wales, United Kingdom Hybrid / WFH Options
Volaris Group
Associate, Identity and Access Administrator Associate, Information Protection Administrator Associate or equivalent. Familiarity with threat intelligence platforms (TIPs) andsecurityinformationandeventmanagement (SIEM) systems for comprehensive threat analysis. Experience of implementing DMARC compliance across the business. MySQL and ClickHouse database platforms. Benefits We offer a competitive salary andmore »
be occasional travel to other company offices/data centres. Essential experience: - IDS/IPS, Firewall, VPN, EDR/XDR - SecurityInformationEventManagement (SIEM) tools - TCP/IP - Network Troubleshooting - Penetration testing - ITIL If this sounds of interest please apply or contact (url removed)/(phone number removed) Spectrum more »
relevant experience in: Have experience working in public sector, defence or ‘regulated’ organisations. Have SOC awareness and establishing SOC comms processes. Demonstrable experience in SIEM Procedure creation. Demonstrable experience of Secure by Design. Experience with Oracle Cloud and associated tooling. Have strong internal audit skills and experience. Have strong experience more »
Cyber Defence Analyst - DV Clearance Required! The Cyber Defence Analyst will join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal more »
Senior Cyber Detection Engineer Cloud Technical Lead You will be one of the team's subject matter experts on SIEM as well as cloud technologies. You will help mature how JPMC utilizes multiple SIEM solutions (primarily Splunk) for various use-cases within Cyber Operations. The ideal candidate will be someone … the cybersecurity organization and other technology groups. Strong collaboration and stakeholder engagement skills. Experience with the creation and tuning of alerting rules from a SIEMand other devices in response to changing threats. Ability to research TTPs and develop high fidelity detections in various tools/languages including but not … malware analysis (both static and dynamic), binary triage, and file format analysis. You will be one of the team's subject matter experts on SIEM as well as cloud technologies. You will help mature how JPMC utilizes multiple SIEM solutions (primarily Splunk) for various use-cases within Cyber Operations. The more »
smoothly as well as ordering new equipment and improving existing processes. Main projects will include: Patch Management, Windows 10 Deployment, Cloud Migration, MDM Deployment, SIEM Deployment, Perimeter Security & WAN Management, Cyber Essentials Level 2 & ISO 2001 (Not Essential!) The Ideal Candidate For this role it is essential that you are more »
ll need: Extensive experience of working within a SOC or adjacent role. Experienced in responding to cyber incidents. Conversant with common security tooling (E.g., SIEM, SOAR, EDR, NDR). Understanding of threat actors, their tactics, techniques, and procedures. Understanding of securityevent data, the value of different data sources andmore »
ll need: · Extensive experience of working within a SOC or adjacent role. · Experienced in responding to cyber incidents. · Conversant with common security tooling (E.g., SIEM, SOAR, EDR, NDR). · Understanding of threat actors, their tactics, techniques, and procedures. · Understanding of securityevent data, the value of different data sources andmore »
securityand a keen eye for identifying and mitigating digital threats. Experience in monitoring, analysing, and responding to security events and incidents. Proficiency with SIEM tools and understanding of the latest cyber security trends and threat landscapes. A collaborative mindset and the ability to communicate effectively across various teams. Certifications more »
in scripting languages such as BASH, PowerShell, and Python. Knowledge of databases like MySQL and PostgreSQL. Strong problem-solving and analytical skills. Understanding of SIEM solutions like Splunk. Familiarity with containerization and orchestration principles and tools such as Kubernetes, Docker Swarm, etc. Experience with automation tools like Ansible, Terraform, andmore »
will also be given a great opportunity to develop your technical skills and grow in a dynamic, successful company. You will need: Knowledge of SIEM tools e.g Microsoft Sentinel, Google Chronicle. Excellent knowledge of EDR tools e.g CrowdStrike, SentinelOne, Microsoft Defender. Experience providing BAU support. Experience in a SOC environment. more »
cyber defence hardware. • Support Junior Analysts to manage SOC systems. • Previous experience of Enterprise ICS/network architectures and technologies • Experience and knowledge of SIEM solutions; having the ability to identify use cases and their creation, their deployment and tuning. • Experience as a mentor/coach to junior analysts Your … C2M2) • Excellent communication skills • Experience of writing Defence/Government documentation Desirable Qualifications: • Broad Spectrum Cyber Course (SANS SEC401 or SEC501 or equivalent) • SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent) • Advanced Analyst Course (SANS SEC503 or equivalent more »
Helensburgh, Scotland, United Kingdom Hybrid / WFH Options
Lockheed Martin Corporation
with ITIL4 practices. Deliver concise progress reports and compelling presentations to clients. Serve as a subject matter expert in SecurityInformationandEventManagement (SIEM), providing recommendations for product enhancements. Conduct thorough analysis of SIEM outputs, promptly identifying and escalating any incidents or breaches. Provide assurance support to team members … Information Systems Security Professional (CISSP). Experience in Government/Ministry of Defence settings is advantageous. Proficiency in implementing ITIL processes. Strong expertise in SIEM operations. Competence in Risk Managementand NIST Cyber Security Controls. Client-facing experience with exceptional stakeholder management skills. Ability to thrive in a fast-paced more »
threats, threat actors, and the tactics and techniques adopted. Proven experience with programming - Python, Rust, C++ or other major languages Knowledge of SecOps tooling (SIEM, SOAR, TI). more »
Minimum 5 years’ experience working in a SOC environment and performing hands on analysis and investigation of security incidents, utilizing the relevant SOC tooling (SIEM, SOAR, EDR, XDR, etc) Prior experience working with/within MSSPs and an understanding of how to maximise their functionality (not essential, just a bonus more »
Manchester Area, United Kingdom Hybrid / WFH Options
InfoSec People Ltd
etc Excellent understanding of cybersecurity trends Ability to interpret customer landscape and challenges Strong presentation and client-facing skills Desired Skills: Knowledge across EDR, SIEM, Vulnerability Management Operational experience with security technologies Existing relationships in Manchester area Self-motivation and ability to work autonomously Job Specifics: This is a hybrid more »
Sales experience Proven B2B enterprise experience focusing on IAM, Cybersecurity and GRC Proven understanding of technology solutions in domains of IAM, Cyber securityandSIEM Proven track record of successfully driving the adoption of SaaS solutions within enterprise accounts, with expertise in forecasting, sales planning, and sales operations. Exceptional skills more »