26 to 50 of 273 SIEM Jobs in the UK

experience who wants real technical ownership and variety across the full defensive lifecycle. What You’ll Be Doing Lead investigations, triage and containment using SIEM/EDR (Microsoft Sentinel preferred) Harden IAM, PIM/PAM , Windows/Linux, endpoint baselines and identity services Strengthen M365 security : Defender for Endpoint/… security hardening (Windows + Linux) Network security concepts (firewalls, IDS/IPS) Incident Response & Detection Hands-on IR: triage investigation containment recovery Experience with SIEM (Sentinel strongly preferred) Experience with EDR/XDR tools: Defender/CrowdStrike/SentinelOne Log analysis, packet captures, forensic investigation fundamentals Microsoft Security Defender suite ...

years' experience in information security within a global enterprise environment . Strong knowledge of cloud and network security (Azure, O365). Experienced in DLP, SIEM, and incident response processes. Familiar with ISO 27001/27002 and governance frameworks. CISSP or CEH certification preferred. Excellent communication, stakeholder management, and documentation skills. ...

processes Technical Expertise Proven experience implementing enterprise security platforms Strong understanding of security risk management tools and techniques Deep knowledge of security solutions including SIEM, PAM, IGA, email/web gateways and endpoint protection Experience with firewall technologies (highly desirable) Knowledge of cloud security standards and solutions (highly desirable) Strong ...

role are summarised below: · Security monitoring and incident response · Detection engineering - Develop, maintain, and enhance security detection content primarily for the Splunk SIEM, to enable the detection of threats across diverse platforms (e.g. cloud, endpoints, and networks) · Use frameworks like MITRE ATT&CK to map detection rules and maximise threat ...

security operations, including vulnerability management, access reviews, and incident response readiness. Provide insights and triage signals from security tooling (SAST, DAST, dependency scanning, SIEM). Work hands-on to perform internal security assessments or penetration testing. Manage relationships with external pentest providers, auditors, and assessors. Secure Development Lifecycle (SDLC) Partner ...

Assisting with Zero Trust Client configuration and rollout, including secure network and data access. Integrate Zero Trust solutions with identity providers (Entra AD, Okta), SIEM/SOAR systems, endpoint platforms, and data repositories. Assisting infrastructure teams in migrating legacy VPN, proxy, and firewall solutions to cloud native Zero Trust models ...

availability, resilience and security posture Your Technical Background You'll bring strong hands-on experience across: Infrastructure VMware/vSphere RHEL & Windows Server Trellix SIEM platforms Linux & Scripting Shell scripting REGEX Firewall configuration Microsoft Stack Active Directory DNS RDS Applications & Protocols LDAP Email, Chat & File standards Web & Chat protocols ...

Google Cloud. · Familiarity with Windows and/or Linux server administration, networking, and virtualisation. · Basic understanding of cybersecurity fundamentals and tools (firewalls, antivirus, SIEM). · Developing troubleshooting and problem-solving skills, with a willingness to learn and follow standards. · Ability to document processes and maintain technical records with guidance and ...

Proxy services, Network Access Control (NAC), Next[1]Generation Firewalls (NGFW), Intrusion Detection/Prevention Systems (IDS/IPS), and Security Information & Event Management (SIEM) integration, spanning physical, virtual, and cloud environments. Strong understanding of network security technology fundamentals including Zero Trust Architecture (ZTA) principles, Software[1]Defined Perimeter ...

architecture for ServiceNow SecOps modules - including Security Incident Response, Vulnerability Response, Threat Intelligence, and Configuration Compliance. Lead integration of ServiceNow with key cybersecurity tools: SIEM, SOAR, EDR, CMDB, threat intelligence platforms, and OT/ICS systems. Collaborate across cybersecurity, IT, engineering, and energy operations to define secure workflows and automation ...

architecture for ServiceNow SecOps modules including Security Incident Response, Vulnerability Response, Threat Intelligence, and Configuration Compliance. Lead integration of ServiceNow with key cybersecurity tools: SIEM, SOAR, EDR, CMDB, threat intelligence platforms, and OT/ICS systems. Collaborate across cybersecurity, IT, engineering, and energy operations to define secure workflows and automation ...

planning. * Experience in secure or Defence oriented environments. * ITIL based service management. Desirable Experience * VMware NSX and SDN, SDWAN and virtualised routing, VoIP, QoS, SIEM/log analysis tools. Knowledge of JSP, ISO 27001, NIST. Experience leading technical projects. * Existing SC/DV clearance. Qualifications * Cisco CCNP (required); CCIE desirable. ...

logging, and security operations. Develop, optimise, and tune KQL queries for detection engineering and threat hunting. Review and enhance security configurations across cloud and SIEM/SOAR platforms. Manage engagements through architecture, deployment, tuning, documentation, and customer enablement. Identify security gaps and recommend improvements across logging, identity, endpoint hardening, cloud … remediation of misconfigurations and optimisation of security deployments. Leverage scripting, APIs, and automation to streamline repeatable tasks. Integrate firewalls, EDR platforms, logging pipelines, and SIEM/SOAR tooling. Customer & Collaboration Act as a trusted technical advisor to security and engineering stakeholders. Communicate complex technical concepts clearly to both technical and ...

issues are remediated with Systems Engineers. Provide recommendations on identified risks regarding further potential treatment/mitigation options. Essential Skills: Experience in operating SIEM tools and vulnerability management software and being able to interpret and prioritise alerts, incidents and threat intelligence. You will also hold DV Clearance and ...

with DLP incident handling, remediation and reporting - Experience with the following products would be highly advantageous; Microsoft Defender for Endpoint, Thales, Crowdstrike Falcon and SIEM, CyberArk, Rapid7 and Palo Alto Products - CISSP or CEH certification desirable Lead Cloud Security Engineer (Azure) In accordance with the Employment Agencies and Employment Businesses ...

hardware and software cost models while defining long-term security standards and service offerings. System Implementation: Overseeing the rollout of security technologies, including firewalls, SIEM, DLP, and PKI systems. Stakeholder Engagement: Collaborating with executives, development teams, and customers to align security measures with business goals Essential Skills 10 + years ...

Experience with cloud platforms (Azure, AWS, or GCP) Exposure to DevSecOps tooling, CI/CD pipelines, or Infrastructure as Code Experience working with SIEM or monitoring tools This is an excellent long-term contract opportunity within a large-scale financial technology environment, offering hybrid flexibility and the chance to work ...

engineering or related fields Strong cloud security expertise across AWS and ideally GCP Experience working with compliance and regulatory frameworks Hands on experience with SIEM, firewalls and vulnerability management tools Scripting or coding capability for automation Excellent stakeholder communication skills Comfortable operating autonomously within a scale up environment What ...

engineering or related fields Strong cloud security expertise across AWS and ideally GCP Experience working with compliance and regulatory frameworks Hands on experience with SIEM, firewalls and vulnerability management tools Scripting or coding capability for automation Excellent stakeholder communication skills Comfortable operating autonomously within a scale up environment Whats ...

phishing attacks. Familiarity with network and endpoint investigation techniques, and security alert validation. Knowledge of threat scenarios and advanced testing of detection platforms like SIEM, EDR, and XDR. Experience in managing incident cases and developing mitigation strategies. Effective communication skills, with ability to advise leadership and produce technical and executive ...

Strong PowerShell scripting - Working in a Defence or Government environment Desirable Skills - Defence sector experience - VMware vSphere, vCenter, ESXi; awareness of NSX T - SIEM/monitoring experience - Ansible or other automation tools - Linux/Unix integration with AD - Secure WAN technologies (BGP/MPLS/VPN) - Existing SC/ ...

successful candidate will provide technical leadership and hands-on expertise across core cyber technologies, cloud security tooling, and vulnerability management processes. Expereince required: SIEM and logging platforms such as Splunk and Elastic Microsoft security tooling including Defender suite and O365 security services Security controls across both AWS and Azure environments ...

Experience with hybrid cloud environments (Azure, AWS) Experience with backup solutions (e.g., Veeam) Automation or scripting experience (PowerShell, Python) Experience with monitoring or SIEM tools ...

delivering enterprise-scale network security solutions, including: Zero Trust Network Access (ZTNA) Network Access Control (NAC) Next-Generation Firewalls (NGFW) IDS/IPS platforms SIEM integrations Support deployments across physical, virtual, and cloud environments. Document security architectures, threat models, control frameworks, and policy workflows aligned to industry standards. Required Technical ...

/Desirable BCS Business Analysis certification (or equivalent). ITIL 4 Foundation (or higher). Exposure to security/network technologies (e.g., firewalls, ZTNA, SIEM). Experience in regulated environments with strong governance/audit focus. Success Measures Clear traceability from requirements to controls/outcomes. High backlog readiness and ...