226 to 250 of 286 SIEM Jobs in the UK

session monitoring and recording Support service account discovery and lifecycle management Onboard servers, network devices, and systems into PAM platforms Integrate PAM solutions with SIEM tools for monitoring and alerting Troubleshoot technical issues related to connectors, sessions, and access controls Produce clear technical documentation and operational runbooks Ensure alignment with … controls and security best practices Experience across Windows, Linux/Unix, and network environments Knowledge of Active Directory and privileged account management Familiarity with SIEM integration and security event monitoring Understanding of security frameworks such as ISO 27001 and NIST Strong troubleshooting and problem-solving skills Ability to obtain security ...

evolving cyber threats. As the SecOps Lead, you will manage security monitoring and incident response activities while providing strategic direction for security tools including SIEM and Endpoint Detection & Response (EDR) platforms. You will work closely with internal teams and external security partners to strengthen our threat detection capabilities and improve … strengthen the organisation's security posture and defensive controls. Skills & Experience Experience in Cyber Security or Security Operations leadership Proven experience working with SIEM platforms such as Google Chronicle or similar. Strong knowledge of network security, threat detection, and incident response. Experience analysing malware, security alerts, and attack patterns. Understanding ...

will be responsible for designing, implementing and maintaining our next-generation detection and log management platforms. This role sits at the intersection of SIEM engineering, cloud security, and advanced log pipeline management, ensuring that our enterprise maintains world-class detection fidelity, threat visibility and compliance across diverse environments. You will … closely with our Cyber Security Operation Centre, wider security functions, specialist 3rd party security suppliers and our global IT and business teams. Key Responsibilities: SIEM engineering & Operations: Development of advanced detection rules, correlation searches, and playbooks to improve threat detection and response Perform log source onboarding, parsing, and data normalisation ...

maturity across the environment. This is a hands-on technical role suited to a seasoned cyber security professional with deep expertise in endpoint security, SIEM engineering, and threat detection engineering, alongside the ability to mentor and uplift existing team capability. Key Responsibilities Lead the deployment, configuration, and ongoing management … dashboards, correlation searches, and data models Act as a senior escalation point for high-priority security incidents, supporting containment and remediation using EDR and SIEM tooling Develop and implement SOAR automation workflows to streamline detection and response processes Conduct proactive threat hunting activities using advanced queries and behavioural analytics Support ...

capable of turning raw data into actionable intelligence. Key Responsibilities Endpoint Strategy: Lead the deployment, policy configuration, and maintenance of the CrowdStrike Falcon platform. SIEM Mastery: Work with our SOC partner to architect and optimize Splunk dashboards, alerts, and data models to identify sophisticated threats. Incident Response: Serve … technical escalation point for high-priority security incidents, utilizing EDR and SIEM tools for rapid containment. Automation: Develop "SOAR" workflows (Security Orchestration, Automation, and Response) to reduce manual intervention and improve response times. Threat Hunting: Proactively search for undetected malicious activity using specialized queries. Training. Build up the Crowdstrike, Splunk ...

capable of turning raw data into actionable intelligence. Key Responsibilities Endpoint Strategy: Lead the deployment, policy configuration, and maintenance of the CrowdStrike Falcon platform. SIEM Mastery: Work with our SOC partner to architect and optimize Splunk dashboards, alerts, and data models to identify sophisticated threats. Incident Response: Serve … technical escalation point for high-priority security incidents, utilizing EDR and SIEM tools for rapid containment. Automation: Develop "SOAR" workflows (Security Orchestration, Automation, and Response) to reduce manual intervention and improve response times. Threat Hunting: Proactively search for undetected malicious activity using specialized queries. Training. Build up the Crowdstrike, Splunk ...

existing team to elevate their technical skill sets. Key Responsibilities Endpoint Strategy: Lead the deployment, policy configuration, and maintenance of our CrowdStrike Falcon platform. SIEM Mastery: Collaborate with our SOC partner to architect and optimize Splunk dashboards, alerts, and data models. Incident Response: Act as the technical escalation point … high-priority incidents, utilizing EDR and SIEM tools for rapid containment. Automation & Hunting: Develop SOAR workflows to improve response times and proactively hunt for undetected malicious activity. Upskilling: Directly train the existing team in CrowdStrike, Splunk, and advanced security analysis. Your Profile We are seeking a candidate who brings ...

existing team to elevate their technical skill sets. Key Responsibilities Endpoint Strategy: Lead the deployment, policy configuration, and maintenance of our CrowdStrike Falcon platform. SIEM Mastery: Collaborate with our SOC partner to architect and optimise Splunk dashboards, alerts, and data models. Incident Response: Act as the technical escalation point … high-priority incidents, utilizing EDR and SIEM tools for rapid containment. Automation & Hunting: Develop SOAR workflows to improve response times and proactively hunt for undetected malicious activity. Upskilling: Directly train the existing team in CrowdStrike, Splunk, and advanced security analysis. Your Profile We are seeking a candidate who brings ...

ground running and elevate an evolving security function. Key Responsibilities Endpoint Security Leadership: Own deployment, configuration, and optimisation of CrowdStrike Falcon SIEM Optimisation: Partner with the SOC to enhance Splunk dashboards, alerts, and data models Incident Response: Act as escalation point for high-priority incidents, driving rapid containment Threat Hunting … development Certifications (Desirable) Cyber Security: CompTIA Security+, Network+, CySA+, GSEC CISSP, GCIH, GCIA, CCSP CrowdStrike (ideally 2+): CCFA (Falcon Administrator) CCFR (Falcon Responder) CCSE (SIEM Engineer) Splunk: Splunk Certified Cybersecurity Defense Engineer (preferred) Why Apply? Shape and optimise a modern SOC capability Work with best-in-class tools (CrowdStrike & Splunk ...

ownership, and a drive to continuously improve the security posture of complex systems. Familiarity with some of the following: Cloudflare (DDoS protection, WAF), OSS SIEM tools (Splunk, Elastic, etc), Incident management platforms (e.g. Incident.io, PagerDuty) Familiarity with at least one of the following CI/CD systems (Github Actions, Concourse … governance frameworks (e.g., CIS Benchmarks, NIST, SOC2, ISO 27001, PCI DSS) and how to operationalize them. Hands-on experience with building and maintaining a SIEM comprised of open-source and hosted components Experience securing consumer-facing web and iOS/Android applications Experience designing policies and administering Vault & other Hashicorp ...

Join our leading consulting firm's Technology & Transformation practice as a Security Engineer (permanent or FTC, hybrid working). Help secure major financial services clients' platforms from cloud infrastructures and DevSecOps pipelines to Zero Trust ...

technical work and mentoring others. Senior SOC Analyst essential skills Proven experience working within a SOC environment, ideally 2+ years Strong knowledge of SIEM, incident management and threat intelligence Experience with cloud security, networking and information security principles Understanding of IDAM, RBAC and joiners, movers and leavers processes Ability … consent for your application to be processed and submitted to the client in conjunction with this vacancy only. Key skills: Senior SOC Analyst, SOC, SIEM, Incident Response, Cloud Security, Threat Intelligence, IDAM, ISO 27001, Team Leadership ...

detect and respond to threats quickly and efficiently. Install, configure and maintain security monitoring tools Ensure SOC tooling is optimised and operating effectively Support SIEM platforms and threat intelligence tooling Work with teams to assess risk and design security controls Apply updates, patches and follow change processes Stay current with … emerging threats and recommend improvements SOC ENGINEER ESSENTIAL SKILLS Strong understanding of information security fundamentals Experience with SIEM tools such as Sentinel or Splunk Familiarity with security monitoring technologies Analytical mindset with strong problem solving skills Ability to manage multiple priorities and meet deadlines Strong communication and collaboration skills ...

tooling is operating effectively to protect client environments. Work with teams to assess risks, design controls and define testing requirements. Support senior engineers with SIEM, threat intelligence and malware analysis platforms. Apply patches/updates, raise changes and follow agreed processes. Keep up to date with threats and recommend improvements. … busy environment. ompTIA Network+ (or similar) or equivalent knowledge. It would be great if you had: Experience with Azure or AWS security features. SIEM experienceespecially Sentinel or Splunk. If you are interested in this role but not sure if your skills and experience are exactly what were looking for, please ...

tooling is operating effectively to protect client environments. Work with teams to assess risks, design controls and define testing requirements. Support senior engineers with SIEM, threat intelligence and malware analysis platforms. Apply patches/updates, raise changes and follow agreed processes. Keep up to date with threats and recommend improvements. … busy environment. ompTIA Network+ (or similar) or equivalent knowledge. It would be great if you had: Experience with Azure or AWS security features. SIEM experience—especially Sentinel or Splunk. If you are interested in this role but not sure if your skills and experience are exactly what we’re looking ...

real risk and business impact Act as the link between technical security and the wider business, translating requirements clearly Drive improvements across: SOC/SIEM capability (currently OpenText) Incident response and vulnerability management Penetration testing and security assurance Cloud security across Microsoft and Google environments Support key transformation programmes, particularly … isolation What We're Looking For Proven background in Information/Cyber Security with a hands-on approach Experience across core security operations (SIEM, incident response, vulnerability management, cloud security) Comfortable working across both Microsoft and Google cloud environments Experience managing or mentoring junior team members Able to operate ...

and assess alerts escalated by the outsourced SOC; validate their accuracy and determine potential impact. Initial Investigation: Perform first-line investigation using available tools (SIEM, Device Logs, firewall logs and SIEM alerts). User Interaction: Engage with affected end users or asset owners to collect additional information, verify events … including malware, phishing, lateral movement and privilege escalation. Working knowledge of network fundamentals, windows/Linux system logs and authentication systems. Working knowledge of SIEM platforms (e.g. Microsoft sentinel, Splunk, Elastic, QRadar). Desirable: Awareness of security frameworks and methodologies (NIST CSF, MITRE ATT&CK, ISO27001). Qualifications: Desirable: CompTIA ...

department, working in security operations. Strong alert triage, incident response, security monitoring, and threat analysis. Experience handling real-world security incidents and working with SIEM, EDR, or vulnerability management tools. Ideally have a strong bachelor’s degree in computer science, Information Security, Cyber Security or related field with any SIEM ...

experience needed. Skills & Experience Required: 3+ years of experience as a SOC/Security Engineer within a cloud environment Experience with a range of SIEM, SOAR and vulnerability management tools Experience advising on security best practices and developing SOC playbooks Networking and infrastructure experience, including with Firewalls and IDS/… vibrant office with some of the most forward-thinking technical people Key Responsibilities: Hands-on detection, investigation, and response to security incidents through SIEM and other security tools, carrying out forensic and root-cause analysis Analyse emerging threats and provide recommendations to mitigate risks, and plans to resolve security threats ...

telemetry, capable of turning raw data into actionable intelligence. Key Responsibilities Endpoint Strategy: Lead the deployment, policy configuration, and maintenance of the CrowdStrike Falcon SIEM Mastery: Work with our SOC partner to architect and optimize Splunk dashboards, alerts, and data models to identify sophisticated threats. Incident Response: Serve … technical escalation point for high-priority security incidents, utilizing EDR and SIEM tools for rapid containment. Automation: Develop "SOAR" workflows (Security Orchestration, Automation, and Response) to reduce manual intervention and improve response times. Threat Hunting: Proactively search for undetected malicious activity using specialized queries. Training . Build up the Crowdstrike ...

provide out-of-hours escalation support when required. This is a highly technical, hands-on role where youll lead threat hunting, develop and tune SIEM detections, and help mature SOC processes and response playbooks. Youll also play a key role in mentoring analysts and raising the overall technical capability … and this role will continue to evolve as AI-driven detection, automation, and response capabilities are introduced. You will: Develop, tune, and maintain SIEM detection rules across customer environments Conduct proactive threat hunting and threat intelligence research Act as a senior escalation point for Cyber Security Analysts Coach and mentor ...

Responsibilities of the Security Operations Shift Lead Lead investigations into escalated security incidents, assessing attack vectors, scope, and business impact. Correlate telemetry across SIEM, EDR, network, and cloud data sources to form complete incident narratives. Direct containment, eradication, and recovery actions in partnership with IT/OT stakeholders. Own medium … Preferred Certifications: GCIA, GCIH, CompTIA CySA+, Microsoft SC-200, Splunk Power User (or equivalent). Technical Expertise: Strong analytical mindset with deep knowledge of SIEM/EDR tooling. Understanding of adversary behaviour, malware characteristics, and incident-handling methodologies. Shift Structure & Security Conditions of the Security Operations Shift Lead 14 shifts ...

and lifecycle management Onboarding Windows Server, Linux/Unix and network devices onto PAM platforms Managing privileged accounts in Active Directory Integrating PAM with SIEM for logging, alerting and monitoring Producing clear documentation, runbooks and technical configuration records Troubleshooting connector and session-related issues What the client is looking … management) Solid knowledge of credential vaulting , password rotation and session monitoring/recording Experience integrating PAM into complex infrastructures (servers, network devices, AD, SIEM) Familiarity with security frameworks such as ISO 27001 and NIST CSF Strong troubleshooting skills and a methodical, security-focused mindset Ability to obtain SC-level national ...

enhancing detection efficacy, reducing false positives, and ensuring robust coverage against evolving threat landscapes. Key Responsibilities Design and implement detection use cases across SIEM and SOAR platforms using threat intelligence and incident data Develop, map, and maintain detection logic aligned to MITRE ATT&CK frameworks Continuously tune and optimise correlation … evolve a repository of use cases, KPIs, and SOC performance metrics Requirements 6+ years of commercial experience in SOC content engineering, detection engineering, or SIEM administration Strong hands-on experience with SIEM platforms and query languages (e.g. SPL, KQL) Solid understanding of detection engineering principles, data modelling, and regex Proven ...

doing: Overseeing Security Operators during shifts, ensuring continuous security monitoring Performing initial investigations of potential threats using Security Incident and Event Management (SIEM) tools Monitoring SIEM systems for faults and anomalies Contributing to routine security incident management by identifying, prioritising, and escalating threats Supporting the confidentiality, integrity, and availability ...