26 to 50 of 191 SIEM Jobs in the UK

/EDR across endpoints, O365, and Azure servers (P2), with a focus on advanced threat detection and automated response. Skilled in Microsoft Sentinel SIEM/SOAR setup, tuning, and KQL query development for detection engineering and incident investigation. PowerShell/Python scripting for automating Microsoft security tooling, plus experience securing ...

knowledge and experience, with AWS expertise and ideally also some GCP experience You have Python programming skills You have hands-on experience with firewalls, SIEM tools, vulnerability scanners and other security technologies that protect systems You enjoy problem solving, identifying vulnerabilities and evaluating threats You're a data driven decision ...

junior engineers Key experience & skills: Proven experience in an IT solutions, service desk or engineer role Strong knowledge of network security, firewalls, EDR, and SIEM tools Experience securing Microsoft Azure and/or AWS environments Hands-on endpoint security experience (Defender, Sophos, Bitdefender or similar) Understanding of Cyber Essentials/ ...

performance engineering (capacity planning, QoS, traffic engineering). Security Expertise Firewalls, VPNs, IDS/IPS, secure segmentation, Zero Trust architecture. Threat detection/response, SIEM integration, incident response. Compliance frameworks (ISO 27001, NIST, GDPR). Cloud & Hybrid Networking AWS/Azure/GCP networking (VPC/VNet, Transit Gateway, cloud ...

mitigate cyber risks at both national and local levels. Key Responsibilities Responsible or gathering, normalising, and integrating cybersecurity-related data from multiple sources (e.g., SIEM, threat feeds, vulnerability sources, and cloud platforms) to develop trends and to detect threats, vulnerabilities, and anomalies. Ability to translate raw data into meaningful insights ...

only monitor and respond to incidents but also provide guidance and support to junior team members. Your responsibilities will include: Continuous Monitoring: Oversee SIEM tools (including Splunk) to detect suspicious activity and ensure timely response. Incident Triage: Analyse alerts and logs to confirm genuine incidents and prioritise effectively. Initial Incident ...

scripting such as Python, Perl, Bash, PowerShell, C++. CREST Practitioner Intrusion Analyst/Blue Teams Level 1 or other SOC related certifications. Experience with SIEM technologies, namely Sentinel and Splunk, with some experience with QRadar. If you are interested in this role but not sure if your skills and experience ...

Experience Understanding of principles of network and boundary protection technologies (firewalls, mail gateways, load balancers, antivirus, IPS, IDS, Diodes) Understanding of Protective Monitoring systems (SIEM/SOC) and the principles of their deployment. Understanding of authentication and authorisation technologies (SAML, LDAP, PKI, etc) Understanding of encryption and protocols and structures ...

operations within a busy SOC, but also will have led SOC teams from a line-management, pastoral leadership, and ITSM perspective, ranging from SIEM use case tuning, to employee appraisals, KPI's and reporting metrics. About the Organisation Registers of Scotland (RoS) manages 21 land, property and other legal registers ...

Protection Act, and Cyber Essentials. The successful candidate will bring expertise in disaster recovery, business continuity, risk management, internal controls, and security technologies including SIEM, firewalls, EDR, MFA, encryption, Microsoft Purview, and Microsoft Entra. Experience with incident response, cyber forensics, enterprise security architecture, secure-by-design principles, and managing third ...

Protection Act, and Cyber Essentials. The successful candidate will bring expertise in disaster recovery, business continuity, risk management, internal controls, and security technologies including SIEM, firewalls, EDR, MFA, encryption, Microsoft Purview, and Microsoft Entra. Experience with incident response, cyber forensics, enterprise security architecture, secure-by-design principles, and managing third ...

Typical Contract Responsibilities: Leading trust-wide cyber-security monitoring, incident response and vulnerability management Strengthening identity, endpoint, cloud and network security controls (MFA, EDR, SIEM, firewalls, O365 security) Conducting risk assessments, audits and compliance checks aligned to safeguarding and data-protection standards Enhancing cyber-security policies, procedures and training across ...

policies, and standards Own vulnerability management, security monitoring, and incident response Ensure compliance with NCSC, PSN, PCI-DSS, GDPR and other national frameworks Manage SIEM, Microsoft security tooling (Sentinel/Defender/E5), identity & access, firewalls, and endpoint protection Advise on secure design for projects and change governance Prepare annual ...

private endpoints, WAF/Shield Encryption in transit and at rest using KMS, TLS, and secrets management Logging and monitoring: CloudTrail, CloudWatch, Config, centralised SIEM patterns Threat detection and posture management using AWS native services Dev/DevSecOps/Vulnerability Management Strong understanding of modern SDLC, CI/CD, and ...

through complex challenges with clarity and confidence. What you'll need to succeed You're a seasoned security professional with hands-on experience across SIEM, SOC, Azure, Microsoft 365 and enterprise network environments. You've led incident response, managed third-party suppliers and implemented threat detection strategies in hybrid organisations. ...

/TLS policy implementation Proven experience in incident response and troubleshooting Nice to have: Knowledge of cloud security (Azure or GCP) Experience integrating SIEM platforms Understanding of Zero Trust architecture and SD-WAN optimization If you're interested in this role, click 'apply now' to forward an up-to-date ...

benefits of establishing a healthy cyber security posture. Essential: Deep understanding of adversarial TTPs and threat actor lifecycles. Proven experience in malware, phishing, and SIEM log analysis. Strong grasp of threat modelling and risk assessment frameworks. Skilled in OSINT collection and analysis. Demonstrated leadership in CTI environments, including mentoring and ...

scripting such as Python, Perl, Bash, PowerShell, C++. CREST Practitioner Intrusion Analyst/Blue Teams Level 1 or other SOC related certifications. Experience with SIEM technologies, namely Sentinel and Splunk, with some experience with QRadar. If you are interested in this role but not sure if your skills and experience ...

junior engineers Key experience & skills: Proven experience in an IT solutions, service desk or engineer role Strong knowledge of network security, firewalls, EDR, and SIEM tools Experience securing Microsoft Azure and/or AWS environments Hands-on endpoint security experience (Defender, Sophos, Bitdefender or similar) Understanding of Cyber Essentials/ ...

and documentation Understanding of OSI model and protocols: DNS, HTTP/S, SSL, SMTP, FTP/S, LDAP/S Hands-on experience with SIEM platforms and/or packet capture tools If you thrive in fast-paced, challenging environments and want to make a real impact ...

investigations, analyse root causes, and recommend corrective actions. Experience developing and maintaining incident response plans and playbooks. Hands-on experience with tools such as SIEM, EDR, threat intelligence platforms, and forensic investigation tools. Strong knowledge of incident response frameworks (e.g., NIST, SANS). Deep understanding of current cybersecurity threats and ...

with live incidents, real attackers, and industry-leading tools — not just alert watching. What you'll be doing Monitoring, triaging & investigating alerts across SIEM/EDR/XDR Analysing attacker behaviour & building incident timelines Escalating incidents with clear technical context Using tools such as Microsoft Sentinel, Google SecOps, Defender ...

with live incidents, real attackers, and industry-leading tools — not just alert watching. What you'll be doing Monitoring, triaging & investigating alerts across SIEM/EDR/XDR Analysing attacker behaviour & building incident timelines Escalating incidents with clear technical context Using tools such as Microsoft Sentinel, Google SecOps, Defender ...

with live incidents, real attackers, and industry-leading tools — not just alert watching. What you'll be doing Monitoring, triaging & investigating alerts across SIEM/EDR/XDR Analysing attacker behaviour & building incident timelines Escalating incidents with clear technical context Using tools such as Microsoft Sentinel, Google SecOps, Defender ...

with live incidents, real attackers, and industry-leading tools — not just alert watching. What you'll be doing Monitoring, triaging & investigating alerts across SIEM/EDR/XDR Analysing attacker behaviour & building incident timelines Escalating incidents with clear technical context Using tools such as Microsoft Sentinel, Google SecOps, Defender ...