151 to 175 of 189 SIEM Jobs in the UK

effective cyber incident detection, response, and threat mitigation across cloud, endpoint, and network environments. Key Responsibilities: Develop, maintain, and enhance security detection content for SIEM platforms (e.g., Splunk) to detect threats across diverse environments. Collaborate with security teams to identify gaps in detection, logging, and alerting based on business risks … . Required Experience & Skills: Strong technical expertise in cybersecurity, including threat hunting, attacker tactics, monitoring, alerting, and incident response. Experience with detection engineering and SIEM alert development. Solid understanding of core cybersecurity concepts: network security, cloud security, cryptography, and forensics. Familiarity with scripting or programming (Python, Bash, C/C++ ...

senior security leaders, with the ability to diagnose challenges and deliver strategic recommendations 10+ years of hands-on experience in deploying and integrating SIEM/security analytics solutions within large enterprise environments 8+ years of experience with Security Operations Center (SOC) tooling, processes, and workflows Hands-on technical mastery across … SIEM, SOAR, EDR, cloud security, and threat intelligence Ability to conceive, architect, and develop effective correlation and detection rules Familiarity with a range of SIEM technologies, such as Splunk and IBM QRadar, is a plus. Strong expertise in Regular Expressions (Regex) Relevant bachelor's degree or industry-recognized qualifications (CISSP ...

senior security leaders, with the ability to diagnose challenges and deliver strategic recommendations 10+ years of hands-on experience in deploying and integrating SIEM/security analytics solutions within large enterprise environments 8+ years of experience with Security Operations Center (SOC) tooling, processes, and workflows Hands-on technical mastery across … SIEM, SOAR, EDR, cloud security, and threat intelligence Ability to conceive, architect, and develop effective correlation and detection rules Familiarity with a range of SIEM technologies, such as Splunk and IBM QRadar, is a plus. Strong expertise in Regular Expressions (Regex) Relevant bachelor's degree or industry-recognized qualifications (CISSP ...

cyber-attacks. Configuration and maintenance of the NMC central Microsoft Azure, Lighthouse and Sentinel platform. Development, maintenance, and deployment of detection rules and other SIEM content. Creation of custom solutions using both low-code and traditional development approaches. Providing support to forces for the configuration of Sentinel and log sources. … Leveraging Microsoft support for technical assistance and information regarding roadmap features. What you need to succeed in the role Experience of supporting and developing SIEM platforms in the context of a Security Operations Centre. Experience of log source configuration and parsing, as part of a SIEM implementation, including experience ...

team, providing frontline defence and hands-on technical support across a modern IT environment. What you'll do Monitor and triage security alerts from SIEM and endpoint protection tools. Investigate potential threats and escalate complex incidents where needed. Support vulnerability management and patching processes. Apply hardening techniques to Linux systems … and/or cloud platforms (Azure or AWS). Familiarity with scripting (PowerShell, Bash, or Python) is a plus. Any experience with security tooling (SIEM, EDR, vulnerability scanners) is beneficial. Why join? Structured training plan with funded certifications (e.g., Security+, SC-900, AZ-900). Clear progression path into advanced ...

complex security incidents. Your day will include: Leading incident response activities: investigating alerts, conducting threat hunting, and managing escalations. Tuning and configuring Splunk SIEM to reduce false positives and enhance detection accuracy. Handling advanced security investigations, including malware analysis, forensic reviews and sensitive internal cases. Correlating logs across multiple systems … excellent communication and stakeholder engagement. Youll bring: Strong background in SOC operations, ideally with experience in networking or infrastructure. Hands-on experience with Splunk SIEM, including configuration, tuning and creating meaningful detection use cases. Proven experience in incident response, threat hunting and malware investigation. Exposure to digital forensics and ...

and analysis. * Incident readiness and handling as part of the Computer Security Incident Response (CSIRT) team. * Monitor and administer Security Information and Event Management (SIEM). * Malware analysis and forensics research. * Understanding/differentiation of intrusion attempts and false positives. * Investigation tracking and threat resolution. * Vulnerability identification & mitigation/remediation. ...

class incident response functions to detect, protect, respond, and sustain operations within cyberspace. What you will do: Support SOC Manager to deliver the following SIEM, IR tools platform management including all design, implementation and administration activities , Use cases preparation and implementation, connector deployment, maintenance & health checks Responsible for operational activities … shell) Demonstrated experience working in all phases of the SDLC Deep understanding and experience using cyber security operations, security monitoring, endpoint (EDR), Network, and SIEM Tools. Prior SOC experience a plus Extensive knowledge of network and server security protocols, technologies, and products. Industry recognized certifications (CISSP, GCIH, GCFA, OSCP ...

auditor, security auditor, or GRC analyst. Excellent planning, prioritization, and documentation skills. Broad technical knowledge of IT systems (OS, databases, firewalls, SIEM, DLP). Cloud Platforms: AWS and Azure. AI Knowledge: Understanding of AI principles and security implications. Solutions/Technical Network Architecture: Ability to design secure technical solutions and … network architectures. Controls Experience: Strong background in implementing and assessing security controls. Splunk Knowledge: Familiarity with SIEM tools and log analysis. CyberArk: Experience with privileged access management solutions. Package Salary: Up to £120,000 Up to 20% Bonus Hybrid, with travel to London Career Development Opportunities Benefits: Pension scheme, professional ...

and team activities. Main duties of the job Lead and manage cyber security operations, ensuring the effective use of Security Information and Event Management (SIEM) systems, access controls, and incident response tools. Oversee the monitoring, investigation, and resolution of security incidents and vulnerabilities. Support delivery of national cyber initiatives, policies … security activities and resources for the IT systems and applications within a large complex organisation. Previous experience in managing Security Information and Event Management (SIEM) systems Skills and Attributes Essential Technical Adaptability skills to learn and assess new methodologies or technologies quickly, understanding their wider implications and where appropriate implement ...

Assessment Papers, Risk Treatment Plans, Risk Business Cases, and Security Management Plans. Knowledge and experience in security architecture and Security Information and Event Management (SIEM) tools, including Splunk, Defender, Sentinel, ELK, and Tenable Threat Modeling System solutions. Demonstrable knowledge of cybersecurity frameworks and standards, including the NCSC Cyber Assessment Framework ...

investigation Naturally inquisitive mindset Understanding of the Cyber Kill Chain and the phases of security incident response Responsibilities Analyse and investigate alerts generated by SIEM platforms Support the day to day maintenance and tuning of SIEM and Next Gen UBA tools, including rules, alerts, and reports Take ownership ...

technical work and mentoring others. Senior SOC Analyst essential skills Proven experience working within a SOC environment, ideally 3+ years Strong knowledge of SIEM, incident management and threat intelligence Experience with cloud security, networking and information security principles Understanding of IDAM, RBAC and joiners, movers and leavers processes Ability … consent for your application to be processed and submitted to the client in conjunction with this vacancy only. Key skills: Senior SOC Analyst, SOC, SIEM, Incident Response, Cloud Security, Threat Intelligence, IDAM, ISO 27001, Team Leadership ...

looking for a Managing Security Engineer (SIEM), you will lead the design, implementation and documentation of security monitoring platforms. You will ensure the right tooling is in place to protect and monitor our clients, working closely with cross-functional teams to assess risk, design security controls and define testing requirements. … . Advanced knowledge of SPL, KQL and EQL, focused on detection quality and noise reduction. Experience with automation and Infrastructure-as-Code in SIEM environments. Deep understanding of SIEM platform operations, including clustering, high availability, disaster recovery, scaling and performance optimisation. Strong problem-solving skills with a proactive approach ...

responding to complex cyber threats across cloud, endpoint, and network environments. Key responsibilities: Develop, maintain, and enhance detection rules and alerts, primarily within Splunk SIEM, to identify threats across diverse platforms. Analyse triggered alerts, triage incidents, and respond to security events on a rota basis, including on-call duties. Conduct … ideally from engineering or a hands-on IT/security role. Proficient in scripting or programming (Python, Bash, or similar). Practical experience with SIEM platforms (preferably Splunk), cloud environments, endpoints, and network monitoring. Familiarity with detection engineering, threat intelligence, and modern attacker techniques (TTPs). Sole British National with ...

malware, ransomware, data breaches, and APT activity Take ownership of escalations from SOC L1 and drive incidents through to resolution Perform detailed analysis using SIEM and EDR tools such as Splunk and Microsoft Defender Conduct forensic analysis to determine root cause, scope, and impact Support containment, eradication, and recovery activities … Strong experience operating as a SOC L2 or equivalent CERT role Proven incident response capability in enterprise or MSSP environments Hands-on experience with SIEM platforms, ideally Splunk Experience with EDR technologies, preferably Microsoft Defender Solid understanding of network, endpoint, and cloud security fundamentals Experience investigating complex threats including ransomware ...

keep up with demand. In this varied role, you will act as a key member of the digital estate, monitoring real-time outputs from SIEM and endpoint protection systems while playing a hands-on role in incident management. Your work will bridge the gap between daily operations and long-term … join a market-leading business at an exciting time of growth with the opportunity to further develop your career. The Role: Daily analysis of SIEM, email security, and endpoint protection outputs. Investigation and reporting of security incidents and technical issues. Regular vulnerability scans and supporting internal/external audits. Creation ...

Data & Information Security Analyst – Hybrid Our client is urgently looking for an experienced Data & Information Security Analyst to join their team on a Fixed-Term contract basis, for 18 months initially with a view to ...

Data & Information Security Analyst – Hybrid Our client is urgently looking for an experienced Data & Information Security Analyst to join their team on a Fixed-Term contract basis, for 18 months initially with a view to ...

Role Overview We are seeking a contract XSIAM Consultant with strong expertise in Palo Alto Networks security technologies and solid experience across XDR and SIEM environments. This role sits within the Security Operations function and is focused on improving threat detection, automation, visibility, and response using XSIAM. *For this role … Design and manage security automation workflows within XSIAM Integrate and optimise XDR capabilities to support proactive threat detection and response Set up and maintain SIEM-style log ingestion, correlation rules, and enrichment pipelines Build custom dashboards and reports to provide real-time security insights Troubleshoot complex issues related to XSIAM ...

Requirements: Circa 5 years' experience in a related IT role, with strong exposure to security operations Hands-on experience managing security products such as SIEM, TVM and PAM platforms Hold recognised industry certifications such as CISSP, CCSP or vendor specific certifications Experience working with and overseeing outsourced security functions Strong … technical skills across the E5/Microsoft 365/Defender suite Familiarity with technologies such as SIEM, PAM, Endpoint Protection, EDR, IPS/IDS, MFA, Encryption and Next Gen Firewalls Experience supporting cyber security event triage, incident response and recovery Strong knowledge of operational security management and tooling This role ...

both technical and GRC security experience. Key Responsibilities: Oversee security incident management and response Threat management Configure, implement and maintain security tools such as SIEM, XDR, EDR, vulnerability management Implement and maintain security controls Conduct vendor risk assessments, support internal and external audits Governance, risk and compliance Skills & Experience: Proven … experience in Cyber Security operations, threat management Strong knowledge of SIEM, XDR, EDR, vulnerability management, firewalls and network security Good understanding of risk management, vendor security assessments and compliance Understanding of UK regulations, including Cyber Essentials, ISO27001, NIST On Offer: Salary up to £65,000 Hybrid working - approximately 2 days ...

Security Manager to evolve SOC capability Senior SOC Analyst essential skills Proven experience in a SOC or similar security operations environment Strong knowledge of SIEM, incident management and threat intelligence Understanding of cloud technologies and modern networking Experience with IDAM, JML processes and ITSM frameworks Ability to lead, support and … develop junior analysts Strong communication and stakeholder engagement skills Key skills: Senior SOC Analyst, SOC, SIEM, Security Incident Management, Threat Intelligence, Cloud Security, IDAM, ISO 27001, Team Leadership ...

/OpenShift Multi-cloud platforms Collaborate with security, DevOps and infrastructure teams to integrate CyberArk with AD/LDAP, SAML/OIDC identity providers, SIEM (e.g. Splunk), ITSM, and MFA solutions . Lead installation, configuration, testing and handover of CyberArk secrets-management solutions into Run & Maintain teams. Provide architectural leadership … integrating CyberArk Conjur/Credential Provider for application and DevOps secrets. Demonstrable experience integrating CyberArk with: AD/LDAP SAML/OIDC identity providers SIEM tools ITSM/ticketing systems At least one MFA platform Solid understanding of DevOps and cloud-native ecosystems, including Kubernetes, OpenShift, containers, Jenkins, CI/ ...

incidents, you'll guide junior analysts, ensure smooth shift transitions, and help refine the tools and processes that keep the operation resilient. Responsibilities Oversee SIEM platforms and other monitoring tools to detect suspicious activity. Review and triage alerts, analysing logs to prioritise incidents effectively. Carry out containment measures and escalate … Contribute to the ongoing improvement and optimisation of security monitoring systems. What you'll need to succeed Hands-on experience with SPLUNK or similar SIEM tools in a SOC environment. Strong analytical mindset with the ability to solve problems under pressure. Excellent communication skills-both written and verbal-and ...