176 to 200 of 213 SIEM Jobs in the UK

for security solutions, ensuring alignment with enterprise architecture and security policies. Design and architect solutions across various security domains including: Data Loss Prevention (DLP) Security Information and Event Management (SIEM) Identity and Access Management (IAM) Endpoint Detection and Response (EDR), MDM, and Endpoint Management tools Cloud and On-Prem Security Solutions Collaborate with stakeholders such as IT operations, application teams … documentation. Maintain up-to-date knowledge of emerging security threats and best practices to continuously enhance solution designs. Qualifications - Proven experience designing security solutions across multiple domains including DLP, SIEM, IAM, and Endpoint Security. Bachelor's degree in computer science, Cybersecurity, Information Systems, or related field (master's preferred). Experience in cybersecurity with 3+ years in a security architect More ❯

and have a solid background in Cyber Security Engineering working within a high-threat government environment, with the following skills and experience: Proficiency in Security Information and Event Management (SIEM), including tools such as Splunk, Defender, Sentinel, ELK, and Tenable Threat Modelling System solutions, as well as with IDS/IPS and vulnerability scanners. Experience in Protective Monitoring & SOC operation More ❯

Management: Plan and execute major database upgrades and periodic patching to maintain system stability. Database Logging & Monitoring: Configure and manage database logs for integration into a SIEM (Security information and event management) solution for monitoring and security compliance. High Availability & Failover Management: Monitor, maintain and orchestrate manual failover and failback procedures to maintain uptime. Automation & Scripting: Develop scripts using SQL More ❯

is operational and hands-on, maintaining and enhancing existing tools and controls, monitoring vulnerabilities and ensuring systems are patched and secure. Responsibilities: * Managing and optimising security tools and platforms (SIEM, XDR, IDAM policies etc.) * Monitoring vulnerabilities, investigating incidents and implementing corrective actions * Supporting patching compliance and vulnerability remediation * Ensuring security best practices are applied across networks, applications and systems * Participating … network engineering * Some exposure to, or a growing focus on, cybersecurity and vulnerability management * Understanding of network devices, configurations and security principles * Familiarity with common tools and concepts (e.g. SIEM, DLP, endpoint protection, firewalls, Cisco Secure Connect, etc.) * Confidence to identify issues, suggest improvements and work collaboratively across teams * A genuine passion for cyber security * Certifications such as CISSP, SC More ❯

part of a small, expert team responsible for protecting enterprise systems and data. This role offers hands-on involvement with a wide range of technologies-from endpoint detection and SIEM platforms to firewalls, MFA, and vulnerability management-providing a well-rounded foundation in enterprise security operations. You'll gain exposure to advanced security practices, assist in running and responding to … threat detection systems, and contribute to projects that strengthen security across the organisation. Key Responsibilities Monitor and respond to security alerts and incidents (EDR, SIEM, Identity Protection, SOAR). Assist in vulnerability scanning and remediation activities. Help manage systems such as email and web security gateways, VPNs, MFA, SSO, and mobile device security. Support the maintenance of security certificates, PAM More ❯

offers a great shift pattern, ensuring you regularly have 5 days off and at least 2 weekends off per month. Key Responsibilities: Deliver excellent and thorough security analysis, taking SIEM output and actioning it accordingly. Push for improvements across the overall monitoring capability. Engage with a wide range of stakeholders, with varying levels of technical understanding. Be flexible on location … wellbeing. Suggest ideas for improving CND’s own internal security posture. Be proactive with client requirements, offering guidance and input to highly technical challenges. Essential Skills: Experience working with SIEM tools such as ArcSight, Splunk, LogRhythm, or AlienVault. Understanding of how to get the best from available tooling. Exposure to building capability and consulting with customers to change their environment. More ❯

of greenfield Identity and Access Management and Privileged Access Management solutions. You'll provide hands-on technical leadership, ensure secure-by-design implementation, and contribute to the development of SIEM/SOC capabilities. Key Responsibilities Lead end-to-end IAM/PAM design and delivery. Integrate IAM/PAM telemetry into SIEM tooling. Provide technical oversight for MSPs and vendors. … OpenID Connect . Familiarity with ISO 27001, NIST CSF, CAF & GDPR . Experience leading or overseeing MSPs. Current SC clearance . Desirable: Knowledge of Microsoft Sentinel, Splunk, or Elastic SIEM . Experience in SOC build or cyber transformation projects. Degree/HND in a relevant STEM field. More ❯

days on, 4 days off rotation. RESPONSIBILITIES: • Triage security events and employ a methodical and coherent response to security incidents adopting playbooks where necessary.• Competently operate a chosen SIEM (e.g. Splunk/QRadar/LogRhythm) for incident investigations, or for the development of monitoring dashboards.• Utilise playbooks, existing knowledge and accurate online resources for guidance when responding to incidents.• Utilise … attacks.• Stay up to date with current vulnerabilities, attacks, and countermeasures.• Identify, respond and remediate cyber events generated through monitoring technologies. EXPERIENCE: • Preferred experience with operating or administrating a SIEM (e.g. Splunk/QRadar/LogRhythm).• Solid understanding of networks including the TCP/IP stack, typical organisation architectures, and common protocols abused by malware.• Experience in security event … paced and demanding environment while remaining calm.• Strong verbal and written communication and collaboration skills.• Security industry specific and core technical accreditations such as OSCP, GIAC, CCNA.• Certification demonstrating SIEM operational competences.• Proficient with one or more programming languages (e.g. Python, PowerShell, Java, C#).Join us and be part of a team that values innovation, quality, and continuous improvement. If More ❯

Advise clients on regulatory requirements (e.g., GDPR, HIPAA, CCPA) and align security programs to meet compliance obligations. Strengthen database security through access management, auditing, and patch control. Integrate with SIEM platforms to monitor, analyze, and respond to potential data and application security incidents. Collaborate with development and infrastructure teams to embed security seamlessly into business processes and IT solutions. Required …/in transit), masking, anonymization. Hands-on experience with Data Loss Prevention (DLP) tools and strategies. Proficiency in database security controls, including access, auditing, and patch management. Familiarity with SIEM platforms for monitoring and analysis of data/application security events. Understanding of data classification principles and lifecycle management practices. Knowledge of privacy regulations (GDPR, HIPAA, CCPA) and ability to More ❯

recommending enhancements where appropriate Key Requirements: Circa 5 years’ experience in a related IT role, with strong exposure to security operations Hands-on experience managing security products such as SIEM, TVM and PAM platforms CISSP certification (mandatory) Experience working with and overseeing outsourced security functions Strong technical skills across the E5/Microsoft 365/Defender suite Familiarity with technologies … such as SIEM, PAM, Endpoint Protection, EDR, IPS/IDS, MFA, Encryption and Next Gen Firewalls Experience supporting cyber security event triage, incident response and recovery Strong knowledge of operational security management and tooling This role offers the chance to work in a highly regulated, security-focused environment with genuine breadth across cloud, infrastructure and applications. You will gain exposure More ❯

council offers its employees development opportunities, as well as a fair and flexible workplace. The council is a Living Wage Employer. Responsibilities: Assist in monitoring network traffic and using SIEM tools (e.g. FortiSIEM, Microsoft Sentinel) to detect suspicious activity and triage security risks. Support incident reporting and response, including risk assessments and vulnerability scans. Gain hands-on experience managing firewalls … within 48 hours. Handle walk-up incidents and participate in major incident responses. Support the ICT security incident response process and maintain the ICT Risk Register. Manage security dashboards (SIEM, FortiMail, FortiConsole, SOPHOS, Windows Defender). Oversee job assignments and SLA performance across teams. Support projects aligned with the Cyber Assessment Framework (CAF). Assist in updating and maintaining IT More ❯

designing, enhancing, and maintaining our scalable Microsoft Sentinel platform and other Microsoft security technologies. From developing data connectors and automation workflows to tuning detection rules, you'll ensure our SIEM infrastructure is high-performing, compliant, and aligned with evolving threat landscapes. Working closely with SOC analysts, cloud teams, and incident responders, you'll architect tailored use cases, build automated playbooks More ❯

best practices - Engagement with the R&D Cyber Defence Centre for Cyber Solutions/Products Skill Set Essential - Good knowledge of multiple SOC tooling including IDPS/Firewalls/SIEM/Splunk/Email & Web Protection etc. - Experience of implementing and fault finding Firewall technologies including Cisco ASR/Palo Alto/Fortinet - Excellent understanding of network technologies - Experience of … management AD/LDAP (IDM and PAM) Syslog management Cisco Networking (LAN and WAN) Satellite Powershell automation and scripting VMExplorer Backup and Restores ISO 27001 and cyber essentials McAfee SIEM Disaster recovery and service continuity More ❯

Location: Farnborough (Onsite) Salary: Excellent basic salary plus bonus and Vodafone benefits Working Hours: Full time 37.5 hours per week – Mon to Fri Who We Are We're here to build a network the UK can count on – one that More ❯

Candidate MUST BE SECURITY CLEARED As a Security Information & Event Monitoring (SIEM) Engineer, you are responsible for maintaining the SIEM platform. This includes onboarding log sources, creating custom parsers, developing analytic rules, creating automation for triage and remediation, and integrating with other Information Technology and Operational Technology SSE platforms at pace. You will: Develop the security monitoring platform, ensuring optimal … in infrastructure projects to develop, plan, and implement solutions for security monitoring. Design, implement, and maintain detection rulesets. Scope, plan, and track log integrations. Guide, develop, and grow the SIEM Engineering team. Collaborate with the wider Threat Detection & Response team to ensure the SIEM platform meets their day-to-day needs and support incidents as necessary. You have Proven hands … on SIEM Engineering background. Extensive experience working with security logs across multiple domains identity and access, network, system, data, application, cloud and multiple product types. Proficiency in data analysis and scripting languages (e.g., PowerShell, Python). Strong Security Orchestration, Automation and Response (SOAR) knowledge. Team leadership experience with great collaboration and stakeholder management skills More ❯

information security strategy. Lead and mentor a small team of IT security professionals. Own ISO 27001 implementation and Cyber Essentials Plus certification. Manage operational security: endpoint protection, M365 security, SIEM/SOC, vulnerability management, and incident response. Lead security projects. Build strong relationships with stakeholders and deliver security awareness training. What We’re Looking For: Proven experience in information security … management, ideally in professional services. Hands-on experience with ISO 27001 and Cyber Essentials Plus. Strong technical knowledge: endpoint security, M365/Entra ID, SIEM, network security, encryption, backup/recovery. Certifications highly desirable: CISM, CISSP, ISO 27001 Lead Implementer . Excellent communicator, strategic thinker, and supportive team leader. Why Apply: This is your chance to shape the security strategy More ❯

and maintain positive working relationships with them Pre-requisites: Experience of more than 12 years in advanced security technologies Strong security professional skilled in Security Information and Event Management (SIEM), Vulnerability Management and Security Intelligence, IDAM, Digital Rights Management (DRM), Anti-APT, Data Leak Prevention (DLP), Phishing simulation tools etc Experience in managing P1 incidents Experience in managing shift roster More ❯

Month Initial | Inside IR35 | Fully Remote Opus are working with a key client on a Security Engineer contract to support the implementation of Defender XDR including hands on configuration, SIEM integration and related security solutions. This initial 3-month contract can be completed on a fully remote basis and is determined as Inside IR35, offering £500–£525 per day. Key … Skills : Microsoft Defender XDR: Endpoint, Identity, Office 365, Cloud Apps Microsoft Sentinel: KQL, playbook development, SIEM optimisation Privileged Identity Management (PIM) and change control workflows Advanced threat detection, incident response, and threat hunting Log collection via Azure Monitoring Agent and Firewall Management Centre Responsibilities: Configure and fine-tune Microsoft Defender XDR in line with approved designs Participate in Microsoft FastTrack … engagements Integrate Defender XDR with Sentinel SIEM for enhanced detection and response Develop Kusto queries and automation playbooks Support PoC setup for Microsoft Copilot for Security Connect syslogs from on-prem servers and firewalls to Sentinel If this Security Engineer role sounds like a good fit, please apply with your most up to date CV and I’ll be in More ❯

controls supporting risk mitigation and contributing to the continual improvement of the business's security composure. Responsibilities: * Provide expertise on application, network and infrastructure security * Monitor security solutions including SIEM, threat detection and data security, endpoint protection, network analytics for alerts * Provide documentation for technical standards to meet corporate security policies/industry best practice * Perform security reviews, identify gaps … root cause of security issues and design appropriate solutions Required Experience: * Prior experience working within the security industry, with a strong background in M365 infrastructure. * Experience of working with SIEM tools * Exposure to email security tools (Sophos, O365 etc) * Excellent patch management skills (Intune SCCM, MECM Endpoint Manager and WSUS) * Experience with vulnerability scanning and management (Insight VM) * Experience with More ❯

landscape. Key Responsibilities: Design and deliver Microsoft 365 and Azure security solutions in line with best practices and industry standards. Implement and configure tools such as Microsoft Defender, Sentinel (SIEM/XDR), Entra, and Purview. Support internal and client environments post-deployment through troubleshooting, optimisation, and user training. Contribute to pre-sales engagements, including solution design, scoping, and client presentations. … relevant areas - Azure (AZ), Security (SC), Power Platform (PL), Modern Work (MS), or Copilot/AI. Strong consulting experience in the design and implementation of Microsoft Defender solutions and SIEM/XDR. Technical, hands-on expertise configuring and deploying Azure, Entra, and Purview. Proven ability to independently design and implement Microsoft 365 security technologies. Excellent communication, presentation, and documentation skills More ❯

landscape. Key Responsibilities: Design and deliver Microsoft 365 and Azure security solutions in line with best practices and industry standards. Implement and configure tools such as Microsoft Defender, Sentinel (SIEM/XDR), Entra, and Purview. Support internal and client environments post-deployment through troubleshooting, optimisation, and user training. Contribute to pre-sales engagements, including solution design, scoping, and client presentations. … relevant areas - Azure (AZ), Security (SC), Power Platform (PL), Modern Work (MS), or Copilot/AI. Strong consulting experience in the design and implementation of Microsoft Defender solutions and SIEM/XDR. Technical, hands-on expertise configuring and deploying Azure, Entra, and Purview. Proven ability to independently design and implement Microsoft 365 security technologies. Excellent communication, presentation, and documentation skills More ❯

project teams to drive continuous improvement and align delivery with customer needs. · Help customers get the most from our services, including platforms such as Rapid7, Microsoft Defender, and other SIEM tools. · Contribute to reporting and analysis, including SLAs, threat detection trends, vulnerability findings, and investigation outcomes. · Stay aware of cyber security developments, including emerging threats, attacker techniques, and industry best … actions are taken to maintain trust and service quality. Key Skills and Behaviours · Experience in service delivery management within a managed services or cyber security operations setting (e.g. SOC, SIEM, MDR, threat monitoring). · A strong grasp of ITIL principles and service management disciplines (ITIL v3/v4 certification preferred). · Familiarity with ServiceNow or similar ITSM tools · Experience with More ❯

and policy enforcement. Define and measure KPIs, SLAs, and success metrics (e.g., threat coverage, latency impact, policy adherence). Ensure integration of SSE tools with identity providers (Azure AD), SIEM platforms (e.g., Splunk), and DevSecOps pipelines. Support change, readiness, and adoption across business and technical teams. Manage security vendor relationships and roadmap alignment during evaluation and rollout. Drive delivery in … Gatekeeper, Apigee, etc. a plus. ? Nice to Have Cloud certifications (Azure, AWS, GCP) Experience working in regulated environments (e.g., finance, government) SAFe Agile or Scrum certifications Prior experience with SIEM/SOAR integration, API security, or Identity Governance ?? Why Join Us Play a key role in shaping enterprise-wide secure access architecture Work with a forward-thinking, cross-functional security More ❯

and policy enforcement. Define and measure KPIs, SLAs, and success metrics (e.g., threat coverage, latency impact, policy adherence). Ensure integration of SSE tools with identity providers (Azure AD), SIEM platforms (e.g., Splunk), and DevSecOps pipelines. Support change, readiness, and adoption across business and technical teams. Manage security vendor relationships and roadmap alignment during evaluation and rollout. Drive delivery in … Gatekeeper, Apigee, etc. a plus. Nice to Have Cloud certifications (Azure, AWS, GCP) Experience working in regulated environments (e.g., finance, government) SAFe Agile or Scrum certifications Prior experience with SIEM/SOAR integration, API security, or Identity Governance Why Join Us Play a key role in shaping enterprise-wide secure access architecture Work with a forward-thinking, cross-functional security More ❯

functions Experience of managing end-to-end projects and product lifecycles using development methodologies such as Kanban, PRINCE2, RUP, and Scrum Proven experience in Security Information and Event Management (SIEM) with a strong focus on Attack Surface Management, and Threat Detection and Response Essential : Managing and prioritising the backlog for multiple security products to ensure effective delivery and continuous improvement More ❯