26 to 50 of 1,371 SIEM Jobs in the UK

Qualifications: Proven experience in a cyber security or information security engineering role. Strong knowledge of network and system security, encryption, and authentication protocols. Experience with security tools such as SIEM, vulnerability scanners, firewalls, antivirus, and endpoint protection platforms. Familiarity with cloud security (AWS, Azure, or GCP) and hybrid environments. Good understanding of regulatory frameworks and standards (ISO 27001, NIST, PCI More ❯

Services Are you an experienced Cyber Security Engineer looking for a new challenge? Do you have a background in Cyber Security with a strong understanding of security technologies, including SIEM, EDR, firewalls, VPNs, and cloud security (AWS, Azure, GCP) in an MSP or similar environment, along with hands-on experience with Splunk/MS Sentinel/QRadar and KQL? Here … infrastructure services will allow you to achieve great things by working with brilliant colleagues, and clients, on exciting projects. Responsibilities: Design, implement, and manage advanced security solutions, including firewalls, SIEM, IDS/IPS, endpoint protection, and cloud security. Lead technical presentations, demonstrations, workshops and architecture design sessions, explain, demonstrate, and architect the solution to help solve client security challenges and … Cybersecurity, Information Technology, or related field (or equivalent experience). 4yrs+ of experience in a cybersecurity role within an MSP or similar environment. Strong understanding of security technologies, including SIEM, EDR, firewalls, VPNs, and cloud security (AWS, Azure, GCP). Strong hands-on experience with Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and Detection Rule languages such as KQL. More ❯

build, and support of the Security Operations technology infrastructure. Responsibilities include: Provide effective incident management through monitoring and analysis of Security Events and Incidents on a diverse range of SIEM tools and monitoring capabilities. Triage, mitigate and escalate incidents accordingly, while capturing and recording pertinent information. Perform appropriate contingency and containment procedures in response to planned or unexpected events. Produce … hour shift pattern, to include daytime, nighttime and weekend work. What it takes: 3+ years’ experience of working in a SOC environment or Cybersecurity role. Experience of working with SIEM tools. Experience of Incident Response and/or forensic skills. Thorough understanding of Cybersecurity Tactics, Techniques and Procedures (TTPs). Understanding of vulnerability management, gap remediation, risk logging, and tracking. More ❯

and alerts associated with cyber threats, intrusions, and compromises alongside a team of global security analysts following documented SLOs and processes. Analyze events using security tooling and logging (e.g., SIEM, EDR) and assess potential risk/severity level of cyber threats; escalate higher-risk events to dedicated incident response and management teams in the CFC according to established processes. Collaborate … Cloud Infrastructure (AWS, Azure, GCP), and Security Technologies (Anti-Virus, Intrusion Prevention, Web Application Firewalls) Interest in developing knowledge across common Incident Response and Security Monitoring applications such as SIEM (e.g., Qradar, Splunk), EDR (e.g., FireEye HX, CrowdStrike Falcon, Microsoft Defender), and SOAR (Palo Alto XSOAR, Google Secops/Chronicle) Desire to build technical skills and hands-on knowledge in … and reverse engineering In-depth knowledge of network and host security technologies and products (such as firewalls, network IDS, scanners) and improve these skills Security monitoring technologies, such as SIEM, IPS/IDS, UEBA, DLP, among others Scripting and automation Additional Information Benefits package includes: Flexible work environment, working hybrid or in the office if you prefer. Great compensation package More ❯

Policies and Standards and a proficient understanding of the Microsoft 365/Azure platforms/AWS Responsibilities: Monitor security event logs and alerts generated by various security technologies, including SIEM, IDS/IPS, firewalls, and endpoint protection systems. Conduct host forensics, network forensics, log analysis, and malware triage in support of incident response investigations. Identify, analyze, and assess potential insider More ❯

Policies and Standards and a proficient understanding of the Microsoft 365/Azure platforms/AWS Responsibilities: Monitor security event logs and alerts generated by various security technologies, including SIEM, IDS/IPS, firewalls, and endpoint protection systems. Conduct host forensics, network forensics, log analysis, and malware triage in support of incident response investigations. Identify, analyze, and assess potential insider More ❯

ensure compliance with industry regulations (ISO 27001, NIST, GDPR, etc.). Lead incident response efforts, including investigating security breaches, coordinating remediation, and reporting findings. Implement and maintain endpoint protection, SIEM solutions, and threat intelligence platforms . Collaborate with IT and DevOps teams to ensure secure architecture and cloud security measures . Provide security awareness training for employees and promote a … network security principles, protocols, and technologies (firewalls, VPNs, IDS/IPS, NAC, etc.). Hands-on experience with security frameworks such as ISO 27001, NIST, CIS Controls. Proficiency in SIEM tools, vulnerability management, and penetration testing techniques . Familiarity with cloud security models (AWS, Azure, GCP) and securing hybrid environments. Experience in security operations, threat intelligence, and forensic analysis . More ❯

of applications by implementing secure coding practices, conducting code reviews, and performing vulnerability assessments. Information Security: Protect sensitive information by developing and enforcing security policies and procedures. Maintain the SIEM tools, make sure security logs generated from security systems and devices are configured and safeguarded properly. Incident Response: Investigate security breaches, conduct forensic investigations, and mount incident responses. System Audits … ICO, familiar with GDPR regulation. Strong knowledge of IT internal control and audit, information security officer is highly recommended. Network Security (Routing, Firewall, Switch, Internet Gateway) and Security Products (SIEM, EDR, etc.), familiar with SIEM tools such as Splunk, Solarwinds, ManageEngine, etc. Documentation: Document any security breaches and assess their damage. Requirements: Education: Bachelor's degree in Computer Science, Cybersecurity … Windows Server MCSE- Microsoft Certified Solution Expert; MCITP-Microsoft Certified IT Professional; VMware Certified Professional; CCNA/CCNP Experience with security tools and technologies such as intrusion detection systems, SIEM, and vulnerability management tools. Familiarity with regulatory requirements and industry standards related to IT security. If you're interested in this role, click 'apply now' to forward an up-to More ❯

knowledge of networking protocols, operating systems, and cloud technologies. Strong understanding of security principles, practices, and frameworks (e.g., PCI, NIST, ISO 27001). Experience with security tools such as SIEM, IDS/IPS, endpoint protection, and penetration testing tools. Experience with public cloud security, specifically AWS, Azure, and Google Cloud Platform (GCP). You Will Have An Advantage If You More ❯

well as UK NIS/NIS2 directives, and other relevant security regulations. In-depth understanding of general security principles. In-depth understand of how security technologies like firewalls, EDR, SIEM, TVM operate in a coherent manner. Excellent communication, reporting and presentation skills. Ability to plan, prioritise, be proactive and manage own workload. Understand up-to-date security threats and common More ❯

knowledge of networking protocols, operating systems, and cloud technologies. Strong understanding of security principles, practices, and frameworks (e.g., PCI, NIST, ISO 27001). Experience with security tools such as SIEM, IDS/IPS, endpoint protection, and penetration testing tools. Experience with public cloud security, specifically AWS, Azure, and Google Cloud Platform (GCP). You will have an advantage if you More ❯

within the AI sector. What will I bring to the role? Significant experience in a similar role. Hands-on experience with security technologies such as firewalls, IDS/IPS, SIEM, endpoint protection, encryption, and vulnerability scanners. Proficiency in security frameworks and standards such as NIST, ISO 27001, and CIS controls. Strong understanding of network protocols, firewalls, VPNs, and encryption techniques. More ❯

cyber threat intelligence, and incident response, ensuring the protection of BCG’s global network. You will work closely with the Security Operations Center (SOC), Security Information and Event Management (SIEM), and Managed Security Service Provider (MSSP) to enhance detection and response capabilities. Your expertise will contribute to strengthening our security posture and minimizing business risks associated with cyber threats. What … You Do? Act as a Tier 3 Incident Responder, supporting complex investigations into cyber security incidents. Conduct proactive threat hunting to detect and neutralize emerging threats. Monitor and analyze logs via SIEM, EDR, and network traffic analysis tools for potential attack indicators. Investigate security incidents, including malware infections, phishing attacks, and unauthorized access attempts. Develop and enhance incident response playbooks … solving skills, with an investigative mindset to identify security threats. Experience with malware analysis, including static and dynamic analysis techniques. Ability to develop and refine threat-hunting methodologies and define SIEM use cases. Familiarity with global cybersecurity regulations and compliance frameworks (GDPR, NIST, ISO 27001, etc.). Ability to work under pressure in a fast-paced, dynamic security environment. Experience More ❯

and modern frameworks (e.g., Django, Node.js , React). Expert-level scripting and automation skills (e.g., Python, Bash, PowerShell) for workflow automation, tooling, and log analysis. Proficient in log analysis, SIEM usage/configuration, threat hunting, and querying tools to support detection and response. Familiarity with static and dynamic analysis techniques and vulnerability mitigation. Strong understanding of modern cloud platforms-especially … OSCP, GCIH, GWAPT, or CISSP. Familiarity with security frameworks such as NIST CSF, MITRE ATT&CK, OWASP ASVS, or ISO 27001. Experience with commercial security tools such as EDR, SIEM, CSPM, CNAPP, vulnerability scanners, bug bounty platforms, WAFs, or compliance automation platforms. Prior experience driving security engineering for a SaaS-based company. Experience leveraging automation or AI/ML tools More ❯

log analysis, and analytics. Practical experience with network security architecture and cloud technologies. Experience with IAM tools like AD, Azure AD, access policies, and privileged access management. Skills in SIEM content development, security monitoring, incident detection, and response. Threat hunting and IR experience in Windows/Linux and cloud/hybrid environments. Proficiency with SIEM, log management, scripting languages (Python More ❯

high-profile clients from cyber threats Engage in technical design, implementation & incident response Benefit from a collaborative & innovative security team Your Impact: Design, implement & manage next-gen security solutions (SIEM, IDS/IPS, endpoint protection, cloud security) Lead technical workshops & architecture design sessions Drive security strategy & compliance initiatives (ISO 27001, NIST, GDPR) Perform threat detection, incident response & forensic analysis What … We’re Looking For: 4+ years in Cyber Security within an MSP or similar environment Hands-on expertise in SIEM, EDR, firewalls, VPNs, cloud security (AWS, Azure, GCP) Experience with Palo Alto XSOAR or similar platforms Familiarity with security compliance & best practices Certifications (CISSP, CEH, OSCP, CISM, Security+) are a big plus! Ready to take your Cyber Security career to More ❯

role, with at least 2 years as a Security Engineer In-depth knowledge of security protocols, encryption, authentication, and risk management Hands-on experience with security technologies such as SIEM, IDS/IPS, firewalls, and endpoint protection Strong understanding of cloud security (AWS, Azure, Google Cloud) and network security architecture Experience conducting vulnerability assessments, incident response, and forensics using tools More ❯

security as a primary requirement). Drive adoption and integration of the latest security technologies. Installing, configuring, updating, and monitoring security tools and software, such as antivirus, encryption, authentication, SIEM etc. Evaluate, research and manage emerging cyber security threats. Support the incident management process, through Root Cause Analysis. Responding to and resolving security incidents and events, such as malware infections More ❯

network perimeter security, including firewalls, WAF, anti-virus, and O365 compliance & security centre. Familiarity with NIST (CSF Framework 2.0), ISO 27001, PCI-DSS, and GDPR. Experience operating and managing SIEM solutions, vulnerability management tools, and secure configuration tooling. Ability to use PowerShell and Python scripting for security automation. Experience working in or with agile and/or SecOps oriented teams. More ❯

security, including firewalls, WAF, anti-virus, and O365 compliance & security centre . Familiarity with NIST (CSF Framework 2.0), ISO 27001, PCI-DSS, and GDPR . Experience operating and managing SIEM solutions , vulnerability management tools, and secure configuration tooling. Ability to use PowerShell and Python scripting for security automation. Experience working in or with agile and/or SecOps oriented teams More ❯

national infrastructure through proactive monitoring, analysis, and improvement of cybersecurity postures. Essential Skills and Experience: Proven experience in a Security Operations Centre (SOC) environment Strong hands-on expertise with SIEM tools such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ) Skilled in incident response and threat intelligence analysis Familiarity with … Analyst , you will be at the forefront of digital defence—leading incident response, improving detection mechanisms, and mentoring junior analysts. Your responsibilities will include: Analysing security incidents using advanced SIEM platforms ( Microsoft Sentinel , Splunk ) Leading incident response and driving improvements in detection and containment strategies Tuning and maintaining detection rules, using threat frameworks like Mitre Att&ck Collaborating with colleagues More ❯

and liaise with the custiomer and the Service Delivery Manager as well and ensuring the actions of the SOC Analysts follow best practice. Job Duties Security Monitoring: & Investigation: Monitoring SIEM tools to assure high a level of security operations delivery function Oversee and enhance security monitoring systems to detect and analyse potential security incidents. Conduct real-time analysis of security … vulnerabilities, integrating threat intelligence into security monitoring processes. Contribute to the development of threat intelligence feeds to enhance proactive threat detection. Proactively hunt for threats within enterprise environments using SIEM and EDR solutions. Fine-tune SIEM detection rules, correlation alerts, and log sources to reduce false positives. Analyse threat intelligence feeds, map findings to MITRE ATT&CK framework, and provide … mechanisms. Conduct adversary simulation exercises to test and improve detection capabilities. Generate detailed reports on emerging threats, attack trends, and security posture improvements. Monitored and analysed security logs from SIEM platforms to identify suspicious activity. Security Tool Management: Manage and optimise SIEM tools, ensuring they are properly configured and updated to maximize effectiveness. Own the development and implementation of SOC More ❯

and liaise with the custiomer and the Service Delivery Manager as well and ensuring the actions of the SOC Analysts follow best practice. Job Duties Security Monitoring: & Investigation: Monitoring SIEM tools to assure high a level of security operations delivery function Oversee and enhance security monitoring systems to detect and analyse potential security incidents. Conduct real-time analysis of security … vulnerabilities, integrating threat intelligence into security monitoring processes. Contribute to the development of threat intelligence feeds to enhance proactive threat detection. Proactively hunt for threats within enterprise environments using SIEM and EDR solutions. Fine-tune SIEM detection rules, correlation alerts, and log sources to reduce false positives. Analyse threat intelligence feeds, map findings to MITRE ATT&CK framework, and provide … mechanisms. Conduct adversary simulation exercises to test and improve detection capabilities. Generate detailed reports on emerging threats, attack trends, and security posture improvements. Monitored and analysed security logs from SIEM platforms to identify suspicious activity. Security Tool Management: Manage and optimise SIEM tools, ensuring they are properly configured and updated to maximize effectiveness. Own the development and implementation of SOC More ❯

cause analysis and liaise with the customer and the Service Delivery Manager as well and ensuring the actions of the SOC Analysts follow best practice. Security Monitoring: & Investigation: Monitoring SIEM tools to assure high a level of security operations delivery function Oversee and enhance security monitoring systems to detect and analyse potential security incidents. Conduct real-time analysis of security … vulnerabilities, integrating threat intelligence into security monitoring processes. Contribute to the development of threat intelligence feeds to enhance proactive threat detection. Proactively hunt for threats within enterprise environments using SIEM and EDR solutions. Fine-tune SIEM detection rules, correlation alerts, and log sources to reduce false positives. Analyse threat intelligence feeds, map findings to MITRE ATT&CK framework, and provide … mechanisms. Conduct adversary simulation exercises to test and improve detection capabilities. Generate detailed reports on emerging threats, attack trends, and security posture improvements. Monitored and analysed security logs from SIEM platforms to identify suspicious activity. Security Tool Management: Manage and optimise SIEM tools, ensuring they are properly configured and updated to maximize effectiveness. Own the development and implementation of SOC More ❯

hours. Support Major Incident Response activity, from a Protective Monitoring perspective, including supporting teams in identification, containment, and remediation of security related threat. Identify opportunities for SOC and client SIEM platform configuration improvements, use case development, monitoring rule creation, tuning & optimization. Assist in architectural design to facilitate the onboarding of new information systems, including the assessment, parsing, onboarding of log … as an MSSP, including Lighthouse, and management and multi-customer environments using DevOps. Level 3 SOC Analyst/Senior Cyber Security and/or security operations experience. Experience with SIEM platforms, including IBM QRadar, Microsoft Sentinel and LogRhythm. In-depth experience with Microsoft Sentinel, including use case and rule development, workbook/playbook creation, KQL & Logic Apps/SOAR. Experience … of onboarding, tuning, reporting, and configuring SIEM solutions. Experience of threat intelligence. Leadership and mentoring experience and skills. Understanding of low-level concepts including operating systems and networking. Commercial experience in Penetration Testing and/or Security Monitoring. Understanding of networking and infrastructure design. Knowledge/experience of one or more System administration (Linux, Windows, Mac). Cyber security degree More ❯