176 to 200 of 270 SIEM Jobs in the UK

nation-state activity. In this Senior SOC Analyst role, you will: Monitoring, triaging and investigating security alerts in highly secure environments Analysing threats using SIEM, endpoint telemetry, network traffic and logs Supporting live incident response, escalation and containment activities Enhancing detections, rules and playbooks aligned to MITRE ATT&CK Producing … and adversary behaviour To secure this Senior SOC analyst role, you will have: Proven experience working in a Security Operations Centre (SOC) Hands-on SIEM experience (Microsoft Sentinel, Splunk, or similar) Strong understanding of MITRE ATT&CK and modern detection techniques Confident analysis across logs, endpoints and network traffic Solid ...

functional technical teams during major incidents, drive containment and recovery, and own post-incident reviews and playbooks. The role includes mentoring CIRT analysts , enhancing SIEM/SOAR automation, and continuously improving processes using frameworks such as MITRE ATT&CK, NIST 800-61, and PCI DSS. What this job is really … Incident Response, or Threat Hunting and are comfortable leading complex investigations, not just following a runbook.? You've used InsightIDR or another MDR/SIEM platform for rule creation, tuning and dashboards, and you're not afraid of SOAR tools like InsightConnect or Cortex XSOAR.? Python or PowerShell are part ...

adoption within the security strategy. Apply foundational security principles to new technologies and unconventional scenarios while enabling organisational objectives. What We're Looking For SIEM/SOAR: Proficiency in SIEM concepts, data source integration, and creating SOAR runbooks. Security Stack : Hands-on with EDR, XDR, WAF, and email security solutions. ...

with enterprise architecture and security policies. Design and architect solutions across various security domains including: Data Loss Prevention (DLP) Security Information and Event Management (SIEM) Identity and Access Management (IAM) Endpoint Detection and Response (EDR), MDM, and Endpoint Management tools Cloud and On-Prem Security Solutions Collaborate with stakeholders such … knowledge of emerging security threats and best practices to continuously enhance solution designs. Qualifications - Proven experience designing security solutions across multiple domains including DLP, SIEM, IAM, and Endpoint Security. Bachelor’s degree in computer science, Cybersecurity, Information Systems, or related field (master’s preferred). Experience in cybersecurity with 3+ ...

Assessment Papers, Risk Treatment Plans, Risk Business Cases, and Security Management Plans. Knowledge and experience with security architecture and Security Information and Event Management (SIEM) tools, such as Splunk, Defender, Sentinel, ELK, and Tenable Threat Modelling System solutions. Extensive understanding of cybersecurity threats, attack vectors, vulnerabilities, and security controls. Demonstrable ...

both technical and GRC security experience. Key Responsibilities: Oversee security incident management and response Threat management Configure, implement and maintain security tools such as SIEM, XDR, EDR, vulnerability management Implement and maintain security controls Conduct vendor risk assessments, support internal and external audits Governance, risk and compliance Skills & Experience: Proven … experience in Cyber Security operations, threat management Strong knowledge of SIEM, XDR, EDR, vulnerability management, firewalls and network security Good understanding of risk management, vendor security assessments and compliance Understanding of UK regulations, including Cyber Essentials, ISO27001, NIST On Offer: Salary up to £65,000 Hybrid working - approximately 2 days ...

cloud security operations, contribute to engineering projects, and play an active role in global incident response. Key Responsibilities Monitor and investigate SOC tickets, including SIEM analysis and liaising with users as needed. Complete a full knowledge handover with the departing engineer and ensure all tickets are fully documented. Support cloud … team. Work flexibly to accommodate occasional early-morning calls with global (ANZ) teams. Requirements Proven experience in cloud security operations (AWS preferred). Strong SIEM investigation and SOC workflow knowledge. Hands-on skills with Terraform, Ansible, and AWS security tooling. Clear communication skills and comfort working with global stakeholders. ...

internal or external threats Conducting privileged account reviews Performing vulnerability and risk assessments Analysing security breaches to determine root cause Contributing to enhancing the SIEM platform Supporting continuous improvement across CSOC operations What you bring: Basic understanding of security threats and compromise methods Knowledge of servers, clients, and network technologies … management, and expectation management skills Desirable SC-200, CompTIA Security+, or related certifications Previous SOC experience Hands-on cyber incident response experience Experience with SIEM platforms, vulnerability assessments or antivirus tooling What can we offer you? Through our one of a kind training programme, the Littlefish Academy, you can increase ...

response process. Key Responsibilities: Investigate and respond to security alerts and incidents Perform threat analysis and incident investigation Analyse security logs and events using SIEM platforms Support the development of detection rules and threat monitoring Work with Tier 1 analysts to investigate and escalate complex threats Contribute to continuous improvement … Required Skills: Experience working within a SOC or security operations environment Strong understanding of security threats, vulnerabilities and attack techniques Hands-on experience with SIEM platforms (Splunk, Sentinel, QRadar, Elastic) Knowledge of endpoint security tools and incident response processes Strong analytical and investigative skills Nice to Have: Experience with CrowdStrike ...

incidents, overseeing team members and ensuring technical excellence throughout delivery. Support detection engineering and SecOps enhancement initiatives, including identifying coverage gaps in EDR/SIEM tooling and contributing to orchestration and automation playbooks. Work directly with client technical teams, acting as a trusted advisor and primary point of contact during … least two of the following areas: Digital forensics and technical incident response Enterprise security operations tooling and processes Detection engineering within EDR/SIEM environments, including addressing ATT&CK TTP coverage gaps Enterprise IT networks and Active Directory Cloud platforms such as Microsoft 365, Azure, AWS or GCP You will ...

incidents, overseeing team members and ensuring technical excellence throughout delivery. Support detection engineering and SecOps enhancement initiatives, including identifying coverage gaps in EDR/SIEM tooling and contributing to orchestration and automation playbooks. Work directly with client technical teams, acting as a trusted advisor and primary point of contact during … least two of the following areas: Digital forensics and technical incident response Enterprise security operations tooling and processes Detection engineering within EDR/SIEM environments, including addressing ATT&CK TTP coverage gaps Enterprise IT networks and Active Directory Cloud platforms such as Microsoft 365, Azure, AWS or GCP You will ...

across multiple SOC platforms and customer environments Oversee the full incident lifecycle detection, response, escalation, post-incident review Ensure effective use and optimisation of SIEM and SOAR platforms (Splunk, Sentinel, QRadar) Drive operational consistency using ITIL-aligned processes and CREST-aligned best practices Act as the senior point of contact … development Experience operating SOC services across multiple customers and security environments Deep understanding of incident management, escalation, and service delivery under pressure Knowledge of SIEM/SOAR tooling, ideally Splunk and/or Microsoft Sentinel Strong working knowledge of NIST, MITRE ATT&CK, ISO 27001, CREST, and ITIL Confident communicator ...

Delivery Own end-to-end technical design for Network Security services, including: Zero Trust Network Access (ZTNA) NGFW, NAC, IDS/IPS Proxy services SIEM/SOAR integrations Define and assure non-functional requirements (availability, scalability, performance, security, operability) Maintain architecture diagrams, security workflows, threat models, and integration contracts aligned … building, and operating enterprise network security platforms Deep hands-on expertise in one or more of: ZTNA, NGFW, NAC, IDS/IPS Proxy services SIEM/SOAR integrations Strong understanding of Zero Trust Architecture and policy-based access control Proven DevSecOps, IaC, and CI/CD experience Solid grounding ...

strong understanding of their monitored environments, log sources, and detection coverage. Your responsibility is to ensure Security technologies and services, spanning SOC operations, SIEM/XDR/EDR, Vulnerability & Exposure Management, and Security Automation & Orchestration (SOAR) are aligned to the client's strategy and objectives, adopted effectively, and continuously improved … owning success plans, roadmaps, and delivery outcomes. Technical and Professional Qualifications Practical experience with SOC platforms and technologies, including Microsoft Sentinel, CrowdStrike NG SIEM/XDR, Tenable One, EDR/EPP, and related SOC tools. Strong understanding of infrastructure, operating systems (Windows/Linux), Active Directory/identity management, and ...

strong understanding of their monitored environments, log sources, and detection coverage. Your responsibility is to ensure Security technologies and services, spanning SOC operations, SIEM/XDR/EDR, Vulnerability & Exposure Management, and Security Automation & Orchestration (SOAR) are aligned to the client's strategy and objectives, adopted effectively, and continuously improved … owning success plans, roadmaps, and delivery outcomes. Technical and Professional Qualifications Practical experience with SOC platforms and technologies, including Microsoft Sentinel, CrowdStrike NG SIEM/XDR, Tenable One, EDR/EPP, and related SOC tools. Strong understanding of infrastructure, operating systems (Windows/Linux), Active Directory/identity management, and ...

strong understanding of their monitored environments, log sources, and detection coverage. Your responsibility is to ensure Security technologies and services, spanning SOC operations, SIEM/XDR/EDR, Vulnerability & Exposure Management, and Security Automation & Orchestration (SOAR) are aligned to the client's strategy and objectives, adopted effectively, and continuously improved … owning success plans, roadmaps, and delivery outcomes. Technical and Professional Qualifications Practical experience with SOC platforms and technologies, including Microsoft Sentinel, CrowdStrike NG SIEM/XDR, Tenable One, EDR/EPP, and related SOC tools. Strong understanding of infrastructure, operating systems (Windows/Linux), Active Directory/identity management, and ...

strong understanding of their monitored environments, log sources, and detection coverage. Your responsibility is to ensure Security technologies and services, spanning SOC operations, SIEM/XDR/EDR, Vulnerability & Exposure Management, and Security Automation & Orchestration (SOAR) are aligned to the client's strategy and objectives, adopted effectively, and continuously improved … owning success plans, roadmaps, and delivery outcomes. Technical and Professional Qualifications Practical experience with SOC platforms and technologies, including Microsoft Sentinel, CrowdStrike NG SIEM/XDR, Tenable One, EDR/EPP, and related SOC tools. Strong understanding of infrastructure, operating systems (Windows/Linux), Active Directory/identity management, and ...

strong understanding of their monitored environments, log sources, and detection coverage. Your responsibility is to ensure Security technologies and services, spanning SOC operations, SIEM/XDR/EDR, Vulnerability & Exposure Management, and Security Automation & Orchestration (SOAR) are aligned to the client's strategy and objectives, adopted effectively, and continuously improved … owning success plans, roadmaps, and delivery outcomes. Technical and Professional Qualifications Practical experience with SOC platforms and technologies, including Microsoft Sentinel, CrowdStrike NG SIEM/XDR, Tenable One, EDR/EPP, and related SOC tools. Strong understanding of infrastructure, operating systems (Windows/Linux), Active Directory/identity management, and ...

strong understanding of their monitored environments, log sources, and detection coverage. Your responsibility is to ensure Security technologies and services, spanning SOC operations, SIEM/XDR/EDR, Vulnerability & Exposure Management, and Security Automation & Orchestration (SOAR) are aligned to the client's strategy and objectives, adopted effectively, and continuously improved … owning success plans, roadmaps, and delivery outcomes. Technical and Professional Qualifications Practical experience with SOC platforms and technologies, including Microsoft Sentinel, CrowdStrike NG SIEM/XDR, Tenable One, EDR/EPP, and related SOC tools. Strong understanding of infrastructure, operating systems (Windows/Linux), Active Directory/identity management, and ...

strong understanding of their monitored environments, log sources, and detection coverage. Your responsibility is to ensure Security technologies and services, spanning SOC operations, SIEM/XDR/EDR, Vulnerability & Exposure Management, and Security Automation & Orchestration (SOAR) are aligned to the client's strategy and objectives, adopted effectively, and continuously improved … owning success plans, roadmaps, and delivery outcomes. Technical and Professional Qualifications Practical experience with SOC platforms and technologies, including Microsoft Sentinel, CrowdStrike NG SIEM/XDR, Tenable One, EDR/EPP, and related SOC tools. Strong understanding of infrastructure, operating systems (Windows/Linux), Active Directory/identity management, and ...

strong understanding of their monitored environments, log sources, and detection coverage. Your responsibility is to ensure Security technologies and services, spanning SOC operations, SIEM/XDR/EDR, Vulnerability & Exposure Management, and Security Automation & Orchestration (SOAR) are aligned to the client's strategy and objectives, adopted effectively, and continuously improved … owning success plans, roadmaps, and delivery outcomes. Technical and Professional Qualifications Practical experience with SOC platforms and technologies, including Microsoft Sentinel, CrowdStrike NG SIEM/XDR, Tenable One, EDR/EPP, and related SOC tools. Strong understanding of infrastructure, operating systems (Windows/Linux), Active Directory/identity management, and ...

strong understanding of their monitored environments, log sources, and detection coverage. Your responsibility is to ensure Security technologies and services, spanning SOC operations, SIEM/XDR/EDR, Vulnerability & Exposure Management, and Security Automation & Orchestration (SOAR) are aligned to the client's strategy and objectives, adopted effectively, and continuously improved … owning success plans, roadmaps, and delivery outcomes. Technical and Professional Qualifications Practical experience with SOC platforms and technologies, including Microsoft Sentinel, CrowdStrike NG SIEM/XDR, Tenable One, EDR/EPP, and related SOC tools. Strong understanding of infrastructure, operating systems (Windows/Linux), Active Directory/identity management, and ...

strong understanding of their monitored environments, log sources, and detection coverage. Your responsibility is to ensure Security technologies and services, spanning SOC operations, SIEM/XDR/EDR, Vulnerability & Exposure Management, and Security Automation & Orchestration (SOAR) are aligned to the client's strategy and objectives, adopted effectively, and continuously improved … owning success plans, roadmaps, and delivery outcomes. Technical and Professional Qualifications Practical experience with SOC platforms and technologies, including Microsoft Sentinel, CrowdStrike NG SIEM/XDR, Tenable One, EDR/EPP, and related SOC tools. Strong understanding of infrastructure, operating systems (Windows/Linux), Active Directory/identity management, and ...

strong understanding of their monitored environments, log sources, and detection coverage. Your responsibility is to ensure Security technologies and services, spanning SOC operations, SIEM/XDR/EDR, Vulnerability & Exposure Management, and Security Automation & Orchestration (SOAR) are aligned to the client's strategy and objectives, adopted effectively, and continuously improved … owning success plans, roadmaps, and delivery outcomes. Technical and Professional Qualifications Practical experience with SOC platforms and technologies, including Microsoft Sentinel, CrowdStrike NG SIEM/XDR, Tenable One, EDR/EPP, and related SOC tools. Strong understanding of infrastructure, operating systems (Windows/Linux), Active Directory/identity management, and ...

strong understanding of their monitored environments, log sources, and detection coverage. Your responsibility is to ensure Security technologies and services, spanning SOC operations, SIEM/XDR/EDR, Vulnerability & Exposure Management, and Security Automation & Orchestration (SOAR) are aligned to the client's strategy and objectives, adopted effectively, and continuously improved … owning success plans, roadmaps, and delivery outcomes. Technical and Professional Qualifications Practical experience with SOC platforms and technologies, including Microsoft Sentinel, CrowdStrike NG SIEM/XDR, Tenable One, EDR/EPP, and related SOC tools. Strong understanding of infrastructure, operating systems (Windows/Linux), Active Directory/identity management, and ...