151 to 175 of 366 SIEM Jobs in the UK

/ML infrastructure or high-performance computing environments. Proven ability to detect and stop sophisticated attacks. Experience with distributed systems, GPU cluster security, and cloud-native monitoring. Proficiency with SIEM platforms and detection technologies. Strong programming skills in Python, KQL, SPL, or similar. Technical Expertise Deep understanding of AI/ML attack vectors such as adversarial examples, model inversion, and More ❯

preferred. Compliance knowledge required in ISO27001, PCI and GDPR. Possibly a certified ethical hacker Knowledge of Security technologies is essential, such as network appliances, firewall administration, AD, IAM, PAM, SIEM, UEBA, AV, IDS/IPS and MDM solutions Understanding of common frameworks, such as ITIL or LEAN is preferred Good exposure of user environment management, including desktops/laptops, profile More ❯

readiness and security visibility across critical systems. About You: Extensive experience leading security operations functions, including incident response, threat detection, and security monitoring at scale. Strong technical expertise in SIEM, logging infrastructure, and cloud security (AWS, Kubernetes, serverless architectures). Proven leadership in mentoring and managing Security Operations Engineers, fostering a high-performance security team. Deep understanding of security automation More ❯

Management frameworks, Security incident analysis, digital forensics, crisis management, SOC operations and supporting tools Strong knowledge and practical experience of cyber security platforms/tooling including IDS/IPS, SIEM, EDR/MDR, and system/device hardening would be advantageous. Also, during your professional experience you will have gained experience in an OT/IT or electronics engineering/ More ❯

BA Cyber products Maintain detailed documentation of BA security policies, procedures, and incidents What you'll bring to British Airways: High proficiency in Security Tools and Technologies, such as; SIEM, Vulnerability Management, EDR and Identity Experience in leading and mentoring a team of security professionals and an ability to foster a collaborative and learning-oriented environment Proven track record of More ❯

Specialist or in a similar role within network security ️ Strong knowledge of networking protocols (e.g., TCP/IP, DNS, HTTP) and network security tools (e.g., firewalls, IDS/IPS, SIEM) ️ Experience with security frameworks such as NIST, CIS, and ISO 27001 ️ Familiarity with cloud security and hybrid network environments is a plus ️ Relevant certifications such as CCNP Security, CISSP, or More ❯

and experience relevant to this role: Proven experience in a pre-sales or solution consulting role within the cyber security domain Strong knowledge of security technologies such as XDR, SIEM, EDR, identity management, email security, cloud security, etc. Familiarity with regulatory and compliance frameworks (e.g., ISO 27001, NIS, NIST, GDPR) Excellent communication and presentation skills, both technical and non-technical More ❯

new logo customers across a range of services and multi vendor solutions, including Microsoft security, compliance and identity services. Managed SOC Managed XDR Cloud Security (M365, Azure, AWS) Managed SIEM (Sentinel + multi vendor) Security Professional Services Pen Testing Red Teaming ISO27001/Cyber Essential Plus Apps/Infra testing You role will be to drive sales across through a More ❯

19th August What You’ll Be Doing Architect and deploy Microsoft Purview (DLP, classification, compliance) Implement the Defender suite (Endpoint, Identity, Cloud Apps, Office 365) Build and tune Sentinel SIEM: analytics rules, playbooks, KQL, automation Design Zero Trust controls via Entra ID: Conditional Access, PIM, RBAC Lead client-facing workshops and contribute to presales and security strategy Create LLDs/ More ❯

19th August What You'll Be Doing Architect and deploy Microsoft Purview (DLP, classification, compliance) Implement the Defender suite (Endpoint, Identity, Cloud Apps, Office 365) Build and tune Sentinel SIEM: analytics rules, playbooks, KQL, automation Design Zero Trust controls via Entra ID: Conditional Access, PIM, RBAC Lead client-facing workshops and contribute to presales and security strategy Create LLDs/ More ❯

principles Hands-on experience with data analysis, modeling, and correlation at scale Operating systems internals and forensics experience for macOS, Windows & Linux Domain experience managing and working with current SIEM and SOAR platforms Experience developing tools and automation using common DevOps toolsets and programming languages Understanding of malware functionality and persistence mechanisms Ability to analyze endpoint, network, and application logs More ❯

ON THE TEAM) Lab 1: Cloud Enterprise and Computer Security Data & Analytics (KQL/SQL or BigQuery for GCP) Kubernetes (K8s) Power Platform and PowerShell Lab 2: Security Operations SIEM management Advanced logging Cyber Defence Centre tooling DLP technical policy development Ability to build and train machine learning models to address business needs Lab 3: Modern Workplace Security Power Platform More ❯

VPC/VPN Route 53 AWS Organisations S3 (Storage Tiers, Lifecycles) CloudFront distribution Experience with proactive management and team ownership of cloud infrastructure Beneficial Experience: AWS certifications Familiarity with SIEM solutions and Security Incident Management Cybersecurity awareness or certification Data engineering familiarity (EMR, ETL) Coaching or mentoring experience Key Behaviours: Excellent problem-solving skills Flexibility to experiment and adapt quickly More ❯

Computer Science, or a related field; advanced degree preferred. Experience in insider risk, counterintelligence, cybersecurity, or a related discipline. Hands-on experience with insider threat detection tools such as SIEM, UEBA, UAM, DLP, and other monitoring technologies. Strong understanding of insider risk frameworks, regulatory and privacy requirements, and relevant laws. Familiarity with SOC or Fusion Centre operations, including threat monitoring More ❯

an experienced team. You'll be at the heart of their SecOps function, helping to shape and improve their cyber capabilities. What they are looking for : Someone comfortable with SIEM, EDR, and vulnerability management tooling (Rapid7, CrowdStrike, Qualys etc.) Scripting and automation Strong foundational IT and networking knowledge Familiarity with patching solutions and email security tools A proactive mindset and More ❯

HAVE (DEPENDING ON THE TEAM) Lab 1: Cloud Enterprise and Computer Security Data & Analytics (KQL/SQL or BigQuery for GCP) Power Platform and PowerShell Lab 2: Security Operations SIEM management Advanced logging DLP technical policy development Ability to build and train machine learning models to address business needs Power Platform and PowerShell WORKING WITH US We're proud to More ❯

Cloud & Modern Workplace: Microsoft 365, Azure AD, Intune, Teams, Conditional Access - On-Premise Infrastructure: Windows Server, VMware, Hyper-V, DNS, DHCP, Active Directory - Security & Compliance: Cyber Essentials+, ISO27001, Firewalls, SIEM, EDR, VPN - Remote Monitoring & Management (RMM): Patch Management, NAble, Proactive Monitoring - Licensing Models: Microsoft CSP, NCE, OV, SPLA, Volume Licensing This is a brilliant opportunity for a results-driven IT More ❯

escalated cases. • Proven leadership capability with experience line managing analysts, conducting performance reviews, and overseeing HR-related duties. • Experience providing ticket quality assurance and training delivery. • Familiarity with leading SIEM, endpoint and XDR security platforms, in multi-tenant MSSP environments. • Willingness to obtain or hold relevant security certifications, such as SBT BTL2 and CREST CRIA. More ❯

requirements. Excellent communication and stakeholder management skills. Comfortable working in a fast-paced, iterative, and agile environment. Preferred Experience: Solid understanding of cyber security concepts such as threat detection, SIEM, anomaly detection, and incident response. Experience with tools for tracking ML models in production (e.g., MLflow). We encourage you to apply even if your experience is not a More ❯

on threat detection and incident response ️ Strong knowledge of threat intelligence sources, analysis techniques, and cybersecurity frameworks (e.g., MITRE ATT&CK) ️ Hands-on experience with security tools such as SIEM, IDS/IPS, EDR, and network traffic analysis platforms ️ Proficiency in scripting and automation for threat hunting and investigation (e.g., Python, PowerShell, Bash) ️ Certifications such as OSCP, GCIH, or CREST More ❯

Azure A strong understanding of software development methodologies and practices Ability to Rapid Risk Assessment and Threat Modeling Other technical skills required: Azure Security Monitoring including Application Insights, and SIEM Excellent communication skills to guarantee stakeholder alignment and successful outcomes at all stages of Product delivery and ongoing support This is a great opportunity and salary is dependent upon experience. More ❯

in forming collaborative working relationships with customers and other internal stakeholders. Confidence in effectively communicating technical incidents or security threats to non-technical stakeholders. Previous experience of working with SIEM and log monitoring tools. SC-200, SC-900 or equivalent certification would be beneficial but not essential. To be considered for this role, you must be UK based and eligible More ❯

components to ensure visibility and completeness of data collection. Linux Proficiency : Administer and troubleshoot Linux-based systems, with command-line fluency and scripting ability (e.g. Bash, Python) to support SIEM operations, log parsing, and agent deployment. Detection Engineering & Threat Rules : Develop and tune custom detection rules using ESQL , EQL , and Lucene syntax to identify malicious activity. Use MITRE ATT&CK … assist SOC analysts in conducting triage and escalation. SOC Maturity & Policy Development : Contribute to the development of SOC processes and policies , including detection logic lifecycle, alert tuning procedures, and SIEM configuration governance. Play a key role in maturing the operational use of SIEM tooling and automation within the SOC environment. Defence Writing & JSP Familiarity : Prepare formal documentation in line with … Infrastructure environments. Familiarity with security frameworks such as MITRE ATT&CK , NIST CSF , or ISO 27001 including how to map TTP's to Rule coverage. Experience with SOAR or SIEM enrichment tools (e.g., TheHive, MISP, Cortex). Knowledge of additional log forwarding/processing tools (e.g. Elastic Agent, Fluentd). Exposure to vulnerability management and threat intelligence platforms such as More ❯

as financial services, defence, or critical national infrastructure. Strong knowledge of nation-state campaigns, cybercrime ecosystems, and structured analytical techniques. Hands-on experience with STIX/TAXII, TIP/SIEM integration, and frameworks such as MITRE ATT&CK. Current or eligible for SC/DV clearance. CREST CTI Manager or equivalent certification. Desirable skills: Experience in intelligence-led threat modelling More ❯

security assessment tools Management of security with regards to new systems acquisition. Deliver in person Cyber Security training programmes. Requirements: Networking experience Cyber Security Active Directory and Virtualisation experience. SIEM experience Email Security Vulnerability Management The Package: If successful our client is offering a salary between £40,000 - £42,000 per annum, favourable holiday allowance. How to Apply : If you More ❯