176 to 200 of 223 SIEM Jobs in the UK

Monitor security logs and alerts from various sources, including intrusion detection systems, Endpoint Detection and Response (EDR) systems, and security information and event management (SIEM) tools. Investigate and analyse security incidents whether raised by our customer or internally to identify root cause and develop appropriate mitigation strategies. Execute security response more »

will play a pivotal role in safeguarding our organization's critical infrastructure and data against cyber threats. Your expertise in designing, implementing, and maintaining SIEM solutions will help us proactively identify and mitigate security incidents, ensuring the confidentiality, integrity, and availability of our systems. Responsibilities: - Work with the technical lead …/SME for the CSOC and SIEM service offering by managing and improving the platforms to meet the requirements of the business and/or client - Assist in establishing and maintaining processes, tooling and metrics that help provide a high level of productivity, supportability, and operational readiness - Actively participate in … implemented through onboarding or continuous improvement activities Qualifications & Experience: Professional experience of working in an Incident Response Team or a similar environment Knowledge of SIEM platforms such as Azure Sentinel, Microsoft Defender, Splunk, ArcSight, QRadar, or LogRhythm. Strong analytical and problem-solving skills with the ability to handle complex security more »

/7, dealing daily with over 200 million log events and providing support for over 5,000 network devices. We are specialists in SIEM, our services backed by our EDGE methodology built up through dozens of major deployments and hundreds of use cases with many of the UK’s largest …/security-consulting/managed-and-hosted-security-services/Primary Responsibilities § Monitor global IDS, Network Intruder, Firewall, DDoS detection and mitigation, availability and SIEM platforms looking for potential threats, vulnerabilities and indicators of compromise. § Provide Incident remediation and prevention documentation and recommendations to customers based on defined procedures and … continuous improvement of SOC procedures and documentation. § Perform other duties as assigned. Experience/Skills § Practical knowledge of security and networking toolsets such as SIEM, IDS, Vulnerability Management, Availability Monitoring, packet capture and other threat detection technologies. § Pre-existing, in-depth knowledge of common network protocols. § Pre-existing, in-depth more »

type and severity. Identify, create and implement improvements to procedures and processes, with the SOC Manager's approval. Identify opportunities for SOC and client SIEM platform configuration improvements, use case development, monitoring rule creation, tuning & optimisation Assist in architectural design to facilitate the onboarding of new information systems, including the … SOC Analyst/Senior Cyber Security and security operations experience Experience in managing Microsoft Sentinel, including Lighthouse Experience of onboarding, tuning, reporting and configuring SIEM solutions Experience of threat intelligence Leadership and mentoring experience and skills Understanding of low-level concepts including operating systems and networking Commercial experience in Penetration more »

documentation in consideration of current industry best practices. Work with MSSP and service owners to ensure the onboarding of all log sources into the SIEM solution Create alert use cases to correlate suspicious activities across assets and environments to identify patterns of anomalous activity Improve security incident response playbooks and … and qualifications for success: Knowledge of adversarial tactics, techniques, procedures (TTPs) and industry standard frameworks (e.g. Mitre ATT&CK). Hands on knowledge of SIEM and SOAR solutions, Identity and Access Management and Data Loss Prevention technologies, including FortiSIEM, Q-Radar, McAfee Web Gateway, McAfee ePolicy Orchestrator, Darktrace and Microsoft … Defender and Sentinel Working with security technologies including SIEM, SOAR, EDR, NAC, AD, DLP,/AV, IDS/IPS, Web Filtering, Email Filtering, Behavioural Analytics, TCP/IP Protocols, network analysis, and network/security applications. Developing incident response playbooks/processes, Security Orchestration, Automation and Response (SOAR), red-team more »

5+ years commercial experience with the following technologies/systems: Firewall/NIDS/DLP/Anti -Virus/Identity Awareness/URL Filtering SIEM Enterprise Desktop and Server Anti-Virus/Malware and endpoint protection technologies Vulnerability Security Scanning Microsoft Windows Server family of products. Operational experience of PCI … Good understanding of TCP/IP Identity and access management systems Active Directory, GPO Configuration Citrix/VMWare Experience of managing and developing a SIEM system, and feeding events into a SOC in order to identify and alert on security incidents Understanding of security issues and ability to allocate work more »

engineering team. Knowledge: • Knowledge of big data technologies and ecosystems (e.g., NiFi). • Knowledge of current market and emerging leaders in data analytical and SIEM platforms. • Knowledge of network security implementations (e.g., host-based IDS, IPS), including their function and placement in a network. • Knowledge of intrusion detection systems and … ICS/network architectures and technologies. • Working with frameworks and technologies that support data-intensive distributed applications. • Experience maintaining and administrating data analytical and SIEM platforms. • Experience using host and network-based IDS/IPS • Experience using packet capture solutions. • Skill in developing and deploying signatures. • Skill to apply cybersecurity … Cyber Foundation Pathway, SANS SEC 301 Intro to Information Security, SANS 401 Security Essentials Bootcamp. • Certified engineer in a market leading data analysis/SIEM platform. • SANS SEC501 Advanced Security Essentials Enterprise Defender. • SANS SEC 511 Continuous Monitoring & Security Operations. • SANS SEC555: SIEM with Tactical Analytics more »

robust security controls including IAM, network security, data protection, and security monitoring. - Implement and manage cloud security tools and services like Azure Security Center, SIEM solutions (Splunk, ELK, Azure Sentinel), and conduct regular security assessments and penetration testing. - Develop and enforce cloud security policies, procedures, such as NIST, ISO … understanding of cloud security controls, tools (Azure Security Center), and services. - Familiarity with security testing methodologies like penetration testing and vulnerability assessments. - Experience with SIEM tools (Splunk, ELK, Azure Sentinel) and incident response/forensics. - Knowledge of security frameworks (NIST, ISO 27001, SOC 2) and relevant certifications (CISSP, CCSP). more »

work within a four-day operational rota, collaborating closely with Digital Forensic and Incident Response teams. Responsibilities include: Security Monitoring and Incident Detection: Utilizing SIEM tools to identify potential security incidents and anomalies. Analyzing alerts and log data to assess the severity and impact of threats. Incident Response and Analysis … and security-related activities. Security Tools Management: Configuring, updating, and maintaining security tools such as firewalls, intrusion detection/prevention systems, endpoint protection, and SIEM solutions. more »

Lead SOC Engineer/Manager (SC Cleared) London/WFH to £70k Are you an experienced SOC Engineer with a strong knowledge of SIEM combined with leadership experience? You could be progressing you career in an impactful role at a tech company that provide cyber security products to a range … role in ensuring the security and resilience of both internal and client based information systems. You'll provide subject matter expertise, selecting the appropriate SIEM platform and then once it's embedded ensuring BAU and leading security monitoring, carrying out indepth investigations and actively participating in incident response. This is … About you: You're an experienced SOC Analyst with the ability to troubleshoot and resolve complex security issues You have a strong understanding of SIEM systems e.g. IBM QRadar, FortiSIEM, Splunk, Sentinel and are able to recommend the right tool for the job You have a good understanding of IT more »

practical understanding of some of the core security frameworks (NIST, Cyber Essentials +, ISO27001), and a level of understanding of core security analysis tools (SIEM, IAM/PAM, Firewalls, EDR, Vulnerability scanning tools etc). Your new role will involve Assisting with the implementation and enhancement of the security strategy … risk and compliance) background Experience working with 3rd party suppliers and MSSPs on the enhancement of organisational security Some technical cyber experience (utilisation of SIEM/Vulnerability/IAM tools) Excellent communication skills alongside a proactive and business solution-focused mindset Thorough understanding of, and practical application experience of, commonplace more »

PowerShell is a plus). Knowledge of Anti-virus, Endpoint Detection and Response, Vulnerability Management, and Patching. Familiarity with Security Information and Event Management (SIEM). Experience with CI tools, such as Azure DevOps or GitHub Actions. Experience in pipeline builds, release packaging, and artifact management. Experience with enterprise-wide more »

vulnerability assessments and tune tools according the VA results. Participate in architecture design and analysis related to security automation. Experience: Extensive experience with EDR, SIEM, SOAR tools. Proven experience in on-boarding new customers into SIEM tool. Experience of supporting and configuring Vulnerability Scanners and their reporting. Creating/modifying more »

responding to security incidents. You will work closely with our clients, providing essential security training and guidance. Your expertise in the Microsoft Stack and SIEM tools will be crucial in maintaining and enhancing our client's security posture. Key Responsibilities: Security Monitoring and Incident Response: Monitor and analyse security events … using SIEM tools Investigate security incidents and breaches, and implement containment and remediation actions Develop and maintain incident response procedures Client Interaction and Training: Provide security training to clients on tools such as Lookpoint and Check Point Conduct regular security awareness sessions to ensure clients are up-to-date with … related field (preferred but not required) Experience: Proven experience as a SOC Analyst or in a similar role within managed services Strong experience with SIEM tools and security incident management Proficiency with the Microsoft Stack, including Azure, M365, and Defender Experience with technologies outside SIEM, such as Palo Alto, Fortinet more »

Splunk software across the platforms & infrastructure managed by the Engineering & Run & Operate teams. The DevSecOps Engineer will also oversee logging & Security Information & Event Management (SIEM) aspects of infrastructure, collaborating with application development teams to resolve issues & enhance security measures within the CI/CD pipeline. If you have a background … As a DevSecOps Engineer within the Run & Operate chapter, you'll manage & deploy the environment in a secure & optimised manner, including managing the logging & SIEM aspects of the infrastructure & coordinating with application development teams to resolve issues. You'll work with the rest of the squad to incorporate more security … management * DevOps or software development roles, with a focus on security. * Security tools such as vulnerability scanners, intrusion detection systems, & security information & event management (SIEM) solutions. * Multi cloud environments AWS & Azure etc. * Using & managing Splunk including defining data streams, indices & ingests & dashboards * CI/CD pipelines & adding security tooling to more »

Espire infolabs is looking forSIEM Onboarding Engineer for London, UK with remote working flexibility, Job Title: SIEM Onboarding Engineer Job Type: FTC-Fixed Term Contract(6 Months + Possible extensions) Job Location: London, UK(Remote) Job Description: The SIEM Onboarding Engineer plays a critical role in enhancing our organizations security … posture by integrating various devices and data sources into our SIEM environment, utilizing OpenSearch. The SIEM Onboarding Engineer will work closely with business units to identify devices for onboarding, manage the data pipeline, and assist other engineers in configuring their data sources to provide a resilient pipeline.The SIEM Onboarding Engineer … tool whenever possible. Responsibilities: Device Integration: Work with various business units to identify devices and data sources that need to be onboarded to our SIEM (OpenSearch with Security Analytics). Data Pipeline Management: Configure and manage data collection agents to ensure data is reliably ingested into the SIEM. Automation: Leverage more »

threats as they arise. Required Skills: Experience with Qualys, Microsoft Defender, and Ironscales Ability to identify and mitigate network vulnerabilities Understanding of firewalls, proxies, SIEM, antivirus and IDPS concepts Experience of working directly with SIEM/SOC and how to get the best from this service Ability to develop and … evolve SOC and SIEM operation with third party Experience with network penetration testing and techniques Develop and promote best practice for information security, and conduct threat research Experience writing detail incident reports and documenting detections so that future breaches can be mitigated effectively Desirable skills: Experience working in a multi more »

area of Endpoint Management (Antivirus/DLP, endpoint security and Forensics), including, Disk Encryption, Anti-Malware, Device and Application Control, event collection & monitoring and SIEM platform guidance methodologies. Essential Responsibilities/Qualifications Proven track-record in a similar role . Be responsible for Endpoint Protection related designs and deployments across … Encryption techniques, Event monitoring, Anti-Malware and Endpoint protection software, (Trellix product experience as additional advantage) . Strong subject matter knowledge in relation to SIEM tool configuration, logging, alerting and monitoring. Strong knowledge of forensics tools, (Axiom product experience as additional advantage) Demonstrable subject matter knowledge in at least one more »

area of Endpoint Management (Antivirus/DLP, endpoint security and Forensics), including, Disk Encryption, Anti-Malware, Device and Application Control, event collection & monitoring and SIEM platform guidance methodologies. Essential Responsibilities/Qualifications Proven track-record in a similar role . Be responsible for Endpoint Protection related designs and deployments across … Encryption techniques, Event monitoring, Anti-Malware and Endpoint protection software, (Trellix product experience as additional advantage) . Strong subject matter knowledge in relation to SIEM tool configuration, logging, alerting and monitoring. Strong knowledge of forensics tools, (Axiom product experience as additional advantage) Demonstrable subject matter knowledge in at least one more »

related products and services to ensure that CLS is equipped with appropriate industry best tools and solutions Operational Operate and maintain controls related to SIEM, DLP, Vulnerability Management, DLP, Cyber Threat Intelligence, Endpoint Protection, etc with an emphasis on cloud deployments and implementations. Conduct IT Security risk assessments for all … team to help design, implement and maintain security Prepare for, identify (hunt) and remediate cyber threats Operate and maintain IT Security controls related to SIEM, DLP, Vulnerability Management, Cyber Threat Intelligence, DLP, Endpoint Protection, etc. Participate in an on-call rotation to act as an escalation point for events requiring … business audiences) Excellent time management and organizational skills combined with technical IT Security acumen Expert knowledge of Firewalls, TCP/IP, IPS, DLP, proxies, SIEM, & Endpoint Protection software Financial and/or Banking industry experience preferred What we offer Holiday - UK/Asia: 25 holiday days and 3 ‘life days more »

Focussing on developing highly secure pipelines while using Terraform to deploy into the Azure Cloud. You'll also require skills in the likes of SIEM and familiar with the likes of DAST & SAST testing. Finally, strong knowledge of frameworks like ISO & NIST is required. Any experience of the OT/… though; they'll consider a more mid-level candidate with strong foundations Tech-Stack essentials are: Azure (ideally but will consider AWS/GCP), SIEM, ELK, Terraform, Security tools & Scripting Company working heavily in Green-technology, Carbon-Emissions & Sustainability Please submit your CV to be considered and Ben Griffiths from more »

Microsoft Sentinel (SIEM) Consultant/Engineer Up to £85,000 Remote An innovative Consultancy with a Microsoft Security Solutions Partner with additional multi vendor security product complements are expanding their service offerings, adding this key role to their expansion. They tailor and implement complete Microsoft/Azure solutions to customers … at an enterprise and mid market level, supporting them with expert SIEM services, advice and guidance on the Microsoft security product stacks. They require a SIEM specialist who is able to support the delivery of end-to-end solutions and provide additional Microsoft Sentinel expertise to clients. This role will … and external customers. The Role: This is a client-facing role and the successful candidate with have strong experience deploying and engineering Microsoft Sentinel (SIEM) solutions. You will provide specialist advice, recommendations and oversight to external clients and internal colleagues that are implementing Sentinel solutions. Responsibilities: · Designing, engineering and deploying more »

from both a practical and management perspective. The role involves setting up, fine-tuning, and gathering intelligence from a Security Information and Event Management (SIEM) system. The IT Security Specialist will be responsible for reviewing infrastructure plans, adding recommendations, and procuring penetration tests from third-party services. They will ensure … adheres to the GDPR requirements. They will also develop and deliver annual IT security training and ensure compliancewith our Phishing Simulations Responsibilities: Develop and manage the SIEM, ensuring the effective capture and analysis of security data. Review infrastructure plans to identify potential security weaknesses and recommend enhancements. Coordinate with third … Assist other departments in developing policies and procedures to comply with GDPR, working with the DPO outsourcing company. Skills and Qualifications: Proven experience with SIEM tools and incident response Strong understanding of network infrastructure and security protocols Experience with GDPR, data security and other compliance regulations Experience with GDPR, data more »

Security Services and Solutions providers as they expand their SOC capability with the growth of SMC customers. An accredited Managed SOC service offering multiple SIEM vendor services, although with a primary focus on Microsoft Sentinel, they're looking for 2 experienced Security Operations Analysts to support the growth of the … The Role: In this role you will be a senior member of the Managed Services team and play a pivotal role in the Sentinel SIEM service offering. You will support the maturation of the service through the implementation of documentation, processes and policies that will improve and maintain the efficiency … and support junior SOC Analysts in their personal growth . Provide support to customers on the use of the SOC Managed Service and the SIEM tool Create policies and documentation to support the maturation of the SOC practice Work closely with the Head of Security and Compliance to improve the more »

Cyber Security Engineer, M&A, £635(inside) 10 months +Extension – SIEM, SOAR, IdAM, Vulnerability Management, Trellix Are you a Cyber Security Engineer and ready to take on a pivotal role in a global business? Working on a M&A, the largest in its sector. You will be joining the team … maintain cyber action plan. Track and communicate progress, risks, and issues. Review, report, and sign-off Infrastructure designs. Security Tooling (EDR, Vulnerability Management, IdAM, SIEM, SOAR). Input/review into cyber security design artefacts (HLD/LLD) and provide security engineering consultancy. Implementation cyber security support activities (configuration, connectivity more »