151 to 175 of 273 SIEM Jobs in the UK

and Service Owners Support projects such as: Firewall migrations, data centre moves, cloud connectivity, segmentation initiatives Zero Trust or least privilege initiatives Integration with SIEM/SOAR tooling Required Skills: Strong hands-on experience administering Palo Alto NGFWs in enterprise environments Proven experience with Panorama for centralised policy and device … Security Cloud security/networking exposure: Azure/AWS/GCP, cloud-native firewalls, transit networking VM-Series deployments, Terraform/automation exposure SIEM integration experience: Splunk/Sentinel/QRadar log forwarding and use-case support Scripting/automation: Python, PowerShell, Ansible, PAN-OS API, IaC patterns Experience ...

including Copilot, Azure OpenAI, and agentic systems-ensuring proper guardrails, risk assessments, and data protection. Participate in cloud monitoring, detection & incident response , working with SIEM/XDR tooling and platform/application teams. Collaborate closely with data governance to ensure appropriate classification, labeling, access control, and lifecycle management of sensitive … using Microsoft Purview. Practically skilled in AI security , including risk identification, secure integration patterns, and AI governance models. Experience with cloud monitoring, incident response, SIEM/XDR operations. Ability to translate complex security risks into clear business language and actionable recommendations. Desirable Skills Experience with secure data platforms (Azure Data ...

tooling is operating effectively to protect client environments. Work with teams to assess risks, design controls and define testing requirements. Support senior engineers with SIEM, threat intelligence and malware analysis platforms. Apply patches/updates, raise changes and follow agreed processes. Keep up to date with threats and recommend improvements. … busy environment. ompTIA Network+ (or similar) or equivalent knowledge. It would be great if you had: Experience with Azure or AWS security features. SIEM experienceespecially Sentinel or Splunk. If you are interested in this role but not sure if your skills and experience are exactly what were looking for, please ...

detection Experience developing and maintaining SOC playbooks and standard operating procedures Solid working knowledge of the MITRE ATT&CK framework Hands-on experience with SIEM or XDR platforms, e.g. Microsoft Sentinel, Splunk, or ELK Excellent stakeholder management and communication skills Understanding of ITIL service management principles Experience working with multiple … subject to required skills, your application to our client in conjunction with this vacancy only. KEY SKILLS SOC Manager, Security Operations Centre, Incident Response, SIEM, Microsoft Sentinel, Splunk, ELK, MITRE ATT and CK, ITIL, CREST ...

technical teams, and stakeholders to coordinate responses and share information. Provide input on and help optimise security tools, such as EDR/XDR and SIEM platforms. Expectation to assist with other tasks requested by line manager. OT SOC Engineer Desired Skills/Qualifications/Experience The following list highlights … IEC62443. Basic understanding of: ICS/SCADA systems and OT network architecture. Common OT protocols (Modbus, DNP3, OPC). Experience/Understanding of SIEM/SOAR solutions and OT-specific monitoring platforms (e.g. Nozomi Vantage). Knowledge of network environments (routing/switching/VLANS/Security/Wireless/ ...

activities. Investigate and respond to security incidents across host, identity, email, SaaS and cloud workloads. Use and tune security tooling such as EDR, DLP, SIEM and SOAR to improve detection and response effectiveness. Apply frameworks such as MITRE ATT&CK and the cyber kill chain to map, detect and disrupt … detection engineering , incident response, digital forensics, security operations, threat hunting, threat intelligence, with exposure to the others. Strong experience with security tooling: EDR, DLP, SIEM, SOAR. Solid background in threat investigation and incident response. Good understanding of MITRE ATT&CK, cyber kill chain and common attacker tradecraft. Familiarity with offensive ...

modules: Network & Cloud: Configure network devices and explore cloud computing models like IaaS and SaaS. Digital Security: Learn to protect data using risk management, SIEM tools and vulnerability assessments. IT Support: Manage helpdesk tickets, resolve technical issues and configure operating systems. Data Management: Source, cleanse and analyse data to present ...

office) Employer: Specialist Data & Observability Consultancy This consultancy helps organisations turn high-volume, noisy telemetry and log data into clear, decision-ready insight - feeding SIEM platforms, observability stacks, and data lakes click apply for full job details ...

and remediation, and act as the escalation point for Tier 1 analysts. You’ll play a key part in threat hunting, detection engineering, improving SIEM capability and strengthening the organisation’s overall security posture. This is a hands-on, high-impact role where your expertise genuinely makes a difference. What … Owning complex incident response, containment and root cause analysis • Providing technical escalation support to junior analysts • Conducting threat intelligence analysis and sharing insights • Enhancing SIEM rules and detection logic • Supporting onboarding of new data sources and improving correlations • Leading post-incident reviews and reporting • Engaging in vulnerability lifecycle management and ...

those actions through to completion with technical teams. What you’ll be doing Monitor and investigate security events across cloud and internal infrastructure using SIEM/security monitoring tools, distinguishing genuine threats from false positives. Lead and support incident response activities (containment, remediation, recovery and post-incident reviews). … and pragmatic). Essential experience Security operations experience in a SaaS, cloud or regulated technology environment. Experience triaging and responding to security alerts using SIEM tooling (Microsoft Sentinel advantageous). Strong grounding in Azure security: identity & access management, network security, hardening and vulnerability management. Experience with vulnerability assessments/penetration ...

those actions through to completion with technical teams. What you’ll be doing Monitor and investigate security events across cloud and internal infrastructure using SIEM/security monitoring tools, distinguishing genuine threats from false positives. Lead and support incident response activities (containment, remediation, recovery and post-incident reviews). … and pragmatic). Essential experience Security operations experience in a SaaS, cloud or regulated technology environment. Experience triaging and responding to security alerts using SIEM tooling (Microsoft Sentinel advantageous). Strong grounding in Azure security: identity & access management, network security, hardening and vulnerability management. Experience with vulnerability assessments/penetration ...

technical work and mentoring others. Senior SOC Analyst essential skills Proven experience working within a SOC environment, ideally 3+ years Strong knowledge of SIEM, incident management and threat intelligence Experience with cloud security, networking and information security principles Understanding of IDAM, RBAC and joiners, movers and leavers processes Ability … consent for your application to be processed and submitted to the client in conjunction with this vacancy only. Key skills: Senior SOC Analyst, SOC, SIEM, Incident Response, Cloud Security, Threat Intelligence, IDAM, ISO 27001, Team Leadership ...

Strong experience with CyberArk, BeyondTrust, Delinea, or similar PAM tools Solid understanding of Active Directory, LDAP, and authentication mechanisms Experience integrating PAM solutions with SIEM, IAM, or security platforms Experience working in cloud environments such as AWS, Azure, or GCP Scripting experience using PowerShell or Python for automation Understanding … SKILLS PAM Engineer, Privileged Access Management, CyberArk, BeyondTrust, Delinea, Cyber Security Engineer, Identity and Access Management, Active Directory, Azure, AWS, PowerShell, Python, IAM, SIEM ...

Role - Database Security Consultant Location -3 days from Canary Wharf office and 2 days from home Contract - Inside IR35 Job Description Key Responsibilities: Security Onboarding & Product Integration: Collaborate closely with Product Team to integrate and ...

with cloud security across AWS, Azure or Google Cloud Understanding of network security, encryption, authentication and access control Experience with security tooling such as SIEM, IDS, firewalls and vulnerability assessment tools Knowledge of threat modelling and risk assessment TO BE CONSIDERED: Please either apply through this advert or emailing … client in conjunction with this vacancy only. KEY SKILLS Security Architect, Cyber Security, ISO 27001, NIST, Cloud Security, AWS, Azure, Risk Assessment, Threat Modelling, SIEM, Defence ...

technical work and mentoring others. Senior SOC Analyst essential skills Proven experience working within a SOC environment, ideally 3+ years Strong knowledge of SIEM, incident management and threat intelligence Experience with cloud security, networking and information security principles Understanding of IDAM, RBAC and joiners, movers and leavers processes Ability … consent for your application to be processed and submitted to the client in conjunction with this vacancy only. Key skills: Senior SOC Analyst, SOC, SIEM, Incident Response, Cloud Security, Threat Intelligence, IDAM, ISO 27001, Team Leadership ...

someone looking to develop their cyber security career within a structured SOC Key Responsibilities: Monitor security alerts and events across the organisation's SIEM platform Perform initial triage and investigation of security alerts Escalate potential security incidents to senior analysts Assist with incident response and threat detection activities Support vulnerability … incident records and documentation Work collaboratively with IT and security teams Required Skills: Basic understanding of cyber security principles and threat landscapes Familiarity with SIEM tools or security monitoring platforms Knowledge of networking fundamentals and operating systems Strong analytical and problem-solving skills Interest in developing a career within cyber ...

Compromise (IOCs) and attacker behaviour Analyse adversary techniques and map activity to the MITRE ATT&CK framework Develop, tune and maintain detection rules for SIEM and EDR platforms Threat Intelligence Management Collect, validate and analyse cyber threat intelligence from multiple sources Monitor emerging threats, vulnerabilities and attack trends Produce clear … Keywords Cyber Threat Intelligence Analyst, Threat Intelligence Analyst, Cyber Threat Analyst, Threat Hunter, Cyber Security Analyst, Microsoft Sentinel, Defender XDR, KQL, Kusto Query Language, SIEM, EDR, MITRE ATT&CK, Threat Hunting, Cyber Threat Intelligence, Malware Analysis, IOCs, OSINT, SOC, Incident Response, Blue Team, Microsoft Security, Azure Security, MSP, Managed Services ...

driven response actions. - Optimize scoring, deduplication, false-positive reduction, and prioritization logic. - Collaborate with engineers to expose TIP data via APIs and downstream systems (SIEM, EDR, ASM). - Contribute to feedback loops for continuous improvement of intelligence quality and relevance. 4. Platform Governance & Data Quality - Define and enforce intelligence data … deploying, configuring, and operating TIPs in production environments. - Strong understanding of STIX 2.x, TAXII, IOC lifecycle management, and intelligence ontologies. - Experience integrating TIPs with SIEM, SOAR, EDR, and vulnerability management tools. - Proven ability to customize workflows, scoring models, enrichment logic, and automation. Technical & Platform Skills - Strong familiarity with APIs, JSON ...

tiered access model, legacy AD decommissioning, secure hybrid environments Microsoft 365 & Cloud Security Microsoft Defender XDR (Endpoint, Identity, Office 365, Cloud Apps) Microsoft Sentinel (SIEM): log ingestion, alert tuning, detection rules, incident workflows Intune & Endpoint Management: device compliance, MDM/MAM, BYOD enforcement Endpoint, Infrastructure & Asset Security Network, DNS & Access … Azure Firewall, VPN security, and network segmentation of azure infrastructure PowerShell scripting for security, identity, and infrastructure tasks Security automation using Logic Apps and SIEM workflows if required The salary on offer for this role is up to £60,000. ...

search for a Cyber Security Analyst. This is an ideal role for someone looking to apply their understanding of typical SOC tooling (SIEM, EDR, Vulnerability) in a public service environment with a large and diverse digital estate and it is a key role in helping LCC's vulnerability management, security … security team to develop and implement procedures and policies that are aligned with the NCSC Cyber Assessment Framework (CAF) Working with service providers around SIEM outputs and EDR tools, undertaking IT Health Checks, infrastructure monitoring & security gap remediation. Responding to security tickets, analysing the potential severity and following through with ...

international Consultancy firm, specialist in Cyber Security and looking for a Senior Security Engineer to take a lead role in advanced engineering work for SIEM and XDR , escalated security incident response, and advanced threat hunting. What this job is really about Owning M icrosoft Sentinel and Defender XDR so they … habit, not a once-a-month exercise: building KQL hunts, mapping to MITRE ATT&CK, and turning "interesting patterns" into hardened detections.? Making the SIEM/XDR bill make sense : understanding ingestion, licensing, and where to cut noise without cutting visibility. Who this will suit You've already run security ...

built for you. You will: As our Tier 3 Analyst, youll play a critical role in strengthening our CSOC: Develop, optimise, and maintain SIEM detections across diverse customer estates Lead structured threat hunting informed by intelligence and hypothesis-driven methods Manage complex incidents including scoping, containment strategy, and root cause … Proven background within a SOC or equivalent operational security function Demonstrable ownership of incidents within demanding SLA environments Strong working knowledge of SIEM, EDR, and email security platforms Practical experience with Microsoft XDR technologies Ability to create and tune detections using KQL Track record of supporting or mentoring other analysts ...

Project Manager with a broad Technical and Cyber background, with proven experience of bringing a Platform live, with strong knowledge of GRC, CMDBs, SIEM tooling as well as Service acceptance criterias, key artefacts and good understanding of how to build out a Data Lake.Key Requirements: · Proven experience … implementation (into live) · Previous experience of building out a CMDB and good understanding of how to build out a Data Lake · Excellent knowledge of SIEM tooling and commercial understanding of bringing data in from different places · Strong knowledge of Service acceptance criterias and key artefacts · Ability to ensure projects align ...

standards. You will play a key role in clearing an immediate backlog of assurance deliverables while providing technical oversight to junior engineers and supporting SIEM integration activities. This is a hybrid East London role with no trackside/site access required. Key Responsibilities Cybersecurity Governance & Assurance Produce and maintain: Cyber … Provide design assurance for: Secure communications Firewalls (e.g., Cisco, Juniper) Switching and routed network environments Assess effectiveness of implemented security controls in networked systems SIEM Integration Support Produce documentation for SIEM onboarding: Data source identification Logging requirements Use-case and control alignment Support assurance activities for SIEM integration (e.g., Microsoft ...