276 to 300 of 304 SIEM Jobs in the UK

this role Role overview: Good Security analyst skills, knowledge of working in a MOD SOC environment beneficial, knowledge of MOD environment and culture. Ability to operate standard SOC tools (SIEM), incident investigation, detection engineering Embedded with an existing Customer SOC, Capgemini supply a level of cyber expertise and corporate experience, assisting the customer in regular SOC activities, as well as … of current cyber issues, vulnerabilities and exploits through research, technical reports and briefs. Your skills and experience: Experienced Tier 2 SOC analyst. Knowledge of Data networks. Knowledge & experience with SIEM tool sets and security management tools. Desirable Security Qualifications (CompTIA S+/N+/CySA+, AWS, MS, SANS, CISSP etc.). Ideally have some experience with UK MOD Your security More ❯

this role Role overview: Good Security analyst skills, knowledge of working in a MOD SOC environment beneficial, knowledge of MOD environment and culture. Ability to operate standard SOC tools (SIEM), incident investigation, detection engineering Embedded with an existing Customer SOC, Capgemini supply a level of cyber expertise and corporate experience, assisting the customer in regular SOC activities, as well as … of current cyber issues, vulnerabilities and exploits through research, technical reports and briefs. Your skills and experience: Experienced Tier 2 SOC analyst. Knowledge of Data networks. Knowledge & experience with SIEM tool sets and security management tools. Desirable Security Qualifications (CompTIA S+/N+/CySA+, AWS, MS, SANS, CISSP etc.). Ideally have some experience with UK MOD Your security More ❯

integrity of core systems and platforms. You will work closely with the SOC Manager across daily activities of the Security Operations Center, continuously monitoring security alerts and incidents using SIEM tools (Splunk) to create detection use cases, analyse security event data for proactive threat hunting and conduct research on the latest threats and vulnerabilities to enhance incident response readiness and … About you: You are degree educated in Cyber Security or Computer Science You have strong experience in Security Operations and Incident Response You have experience of performing analysis with SIEM technologies, Splunk preferred You have experience with proactive threat hunting using MITRE ATT&CK or similar frameworks You have a deep understanding of security appliances/tools such as host More ❯

this role Role overview: Good Security analyst skills, knowledge of working in a MOD SOC environment beneficial, knowledge of MOD environment and culture. Ability to operate standard SOC tools (SIEM), incident investigation, detection engineering Embedded with an existing Customer SOC, Capgemini supply a level of cyber expertise and corporate experience, assisting the customer in regular SOC activities, as well as … of current cyber issues, vulnerabilities and exploits through research, technical reports and briefs. Your skills and experience: Experienced Tier 2 SOC analyst. Knowledge of Data networks. Knowledge & experience with SIEM tool sets and security management tools. Desirable Security Qualifications (CompTIA S+/N+/CySA+, AWS, MS, SANS, CISSP etc.). Ideally have some experience with UK MOD Your security More ❯

Cloud Security Expert - Freelance (Contract) - DV/eDV/UKIC Cleared Location : United Kingdom, Hybrid Position : Freelance/Contract, 12+ months Clearance : Active DV, eDV, or UKIC required About the Role PRG is partnering with a Defence client to recruit More ❯

practices for threat detection, incident response, and monitoring are applied. What You Will Ideally Bring: Deep, hands-on experience with Microsoft Sentinel and Azure security services. Strong understanding of SIEM concepts, log ingestion, and security operations workflows. Proven ability to design and deliver scalable and resilient security monitoring solutions. Experience acting as a trusted advisor/SME for security operations … and SIEM tools. Excellent communication skills with the ability to work closely with customers remotely. Strong problem-solving, analytical, and threat-hunting abilities. Contract Details: Duration: 6 months Location: Remote Day Rate: Up to £500 per day ( Outside IR35 More ❯

to be better, be more and ultimately, be more fulfilled. SOC Consultant Hybrid-3 days onsite Requirement: 10+ years of experience in Cyber security Designing & implementation on Network Security, SIEM, SOAR & Threat Intelligence. Key Responsibilities: Lead Sentinel Deployment for OT SOC Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response. Log Source Integration … the OT landscape. Incident Response Automation Design and implement playbooks using Logic Apps to automate incident response workflows for common OT security events. Execution of the use cases on SIEM, SOAR & Threat Intelligence Build custom workbooks and dashboards to visualize OT security posture, threat trends, and SOC performance metrics. More ❯

to be better, be more and ultimately, be more fulfilled. SOC Consultant Hybrid-3 days onsite Requirement: 10+ years of experience in Cyber security Designing & implementation on Network Security, SIEM, SOAR & Threat Intelligence. Key Responsibilities: Lead Sentinel Deployment for OT SOC Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response. Log Source Integration … the OT landscape. Incident Response Automation Design and implement playbooks using Logic Apps to automate incident response workflows for common OT security events. Execution of the use cases on SIEM, SOAR & Threat Intelligence Build custom workbooks and dashboards to visualize OT security posture, threat trends, and SOC performance metrics. More ❯

week in London office) Essential Experience: As an associate security analyst you will triage and investigate cyber security alerts and reports from users experience using security tools (e.g., EDR, SIEM) to support the investigation and response to cyberincidents Experience with SIEM tools (experience of Splunk preferred but experience of Microsoft Sentinel or anequivalent SIEM tool is acceptable) Experience in AWS More ❯

week in London office) Essential Experience: As an associate security analyst you will triage and investigate cyber security alerts and reports from users experience using security tools (e.g., EDR, SIEM) to support the investigation and response to cyber incidents Experience with SIEM tools (experience of Splunk preferred but experience of Microsoft Sentinel or an equivalent SIEM tool is acceptable) Experience More ❯

We are currently recruiting for a Senior Security Engineer with experience in SIEM/SOAR that is eager to join UK GOV department - SC Cleared envionmen t for a short term contract until end of the year 2025 About the role: Work in the Monitoring and Integration Platform Team and deliver against the initial phase of the security monitoring project … onboarding several critical services that are proactively monitored by the in-house SOC (Security Operations Centre). Essential Experience: 2+ years in security platforms management (SIEM, SOAR). Enterprise-level monitoring and supporting large user bases (10,000+ users). Create/manage security playbooks and knowledge of public sector standards. Experience in Xsiam correlation/playbooks and Cortex XDR More ❯

We are currently recruiting for a Senior Security Engineer with experience in SIEM/SOAR that is eager to join UK GOV department - SC Cleared envionmen t for a short term contract until end of the year 2025 About the role: Work in the Monitoring and Integration Platform Team and deliver against the initial phase of the security monitoring project … onboarding several critical services that are proactively monitored by the in-house SOC (Security Operations Centre). Essential Experience: 2+ years in security platforms management (SIEM, SOAR). Enterprise-level monitoring and supporting large user bases (10,000+ users). Create/manage security playbooks and knowledge of public sector standards. Experience in Xsiam correlation/playbooks and Cortex XDR More ❯

council offers its employees development opportunities, as well as a fair and flexible workplace. The council is a Living Wage Employer. Responsibilities: Assist in monitoring network traffic and using SIEM tools (e.g. FortiSIEM, Microsoft Sentinel) to detect suspicious activity and triage security risks. Support incident reporting and response, including risk assessments and vulnerability scans. Gain hands-on experience managing firewalls … within 48 hours. Handle walk-up incidents and participate in major incident responses. Support the ICT security incident response process and maintain the ICT Risk Register. Manage security dashboards (SIEM, FortiMail, FortiConsole, SOPHOS, Windows Defender). Oversee job assignments and SLA performance across teams. Support projects aligned with the Cyber Assessment Framework (CAF). Assist in updating and maintaining IT More ❯

remain at the required security posture against baseline requirements Develop and document system security baselines. Work with the Protective Monitoring engineering team to ensure logs are forward to the SIEM capability Work with the customer and appropriate agencies to develop new policies, design processes, and procedures, and develop technical designs Assess system vulnerabilities, implement risk mitigation strategies, validate secure systems … Endpoint Security Products Working knowledge of the accreditation process for secure/sensitive systems Experience in producing/updating Design artefacts Understanding of the implementation, operation and maintenance of SIEM products Understanding of network and boundary protection technologies (firewalls, mail gateways, load balancers, anti-virus) Understanding of authentication and authorisation technologies (SAML, LDAP, PKI, etc) Understanding of security infrastructure in More ❯

tools such as Microsoft Defender, Purview, Symantec, CrowdStrike, or equivalent. Platform Integration & Automation: Drive automation for device onboarding, compliance validation, and health monitoring. Ensure endpoint telemetry is integrated with SIEM platforms and observability stacks. Partner with platform and infrastructure teams to enforce secure device baselines and policies. Build self-healing, zero-trust-aligned architectures for secure device management. Observability & Event … Qualifications: Familiarity with zero-trust security models and endpoint detection and response (EDR). Certifications such as CISSP, CISM, Microsoft Security certifications, or equivalent. Experience integrating device telemetry into SIEM and SOAR platforms. Who You'll Work With Work Environment & Additional Information: Hybrid or on-site work model. Occasional travel for global alignment or vendor engagements. Ability to operate in More ❯

and maintain positive working relationships with them Pre-requisites: Experience of more than 12 years in advanced security technologies Strong security professional skilled in Security Information and Event Management (SIEM), Vulnerability Management and Security Intelligence, IDAM, Digital Rights Management (DRM), Anti-APT, Data Leak Prevention (DLP), Phishing simulation tools etc Experience in managing P1 incidents Experience in managing shift roster More ❯

e.g. CISMP, CompTIA or equivalent level of work experience and knowledge Network 75 scheme Previous experience of working to KPI's/targets. Experience, or understanding of live monitoring, SIEM and monitoring devices. Desirable Previous experience of working in the digital field in the NHS or a healthcare setting. Knowledge of cyber security frameworks such as MITRE ATT&CK, NIST … Desirable Experience of ICT service provision in a healthcare setting. Delivery of training to technical and non-technical staff. Report writing. Development of Standard Operating Procedures. Experience working with SIEM solutions. Skills Essential Awareness and knowledge of security principles, understanding frameworks (ISO) etc, systems and lifecycles. Knowledge of digital best practice, information security and information governance. Understanding the need for More ❯

increased cyber threats and compliant to industry standards. This role covers information protection, including data loss protection and data classification, and threat protection, including security information and event management (SIEM), user and entity behaviour analytics (UEBA), point products like anti-virus (AV) and intrusion detection system/intrusion prevention system (IDS/IPS) and penetration testing. The Service Delivery team … preferred. Compliance knowledge required in ISO27001, PCI and GDPR. Possibly a certified ethical hacker Knowledge of Security technologies is essential, such as network appliances, firewall administration, AD, IAM, PAM, SIEM, UEBA, AV, IDS/IPS and MDM solutions Understanding of common frameworks, such as ITIL or LEAN is preferred Good exposure of user environment management, including desktops/laptops, profile More ❯

assisting a client who operate in a regulated industry, financial services, who are currently embarking a programme of work focused on maturity/designing and implementing security posture utilising SIEM tools such as Google Chronicle & implementing UEBA/SOAR (Security Orchestration, Automation, and Response/User and Entity Behaviour Analytics) built on GCP/Google Cloud so Google SecOps/… Security Operations experience is highly desirable. Key Responsibilities; - Enable and validate UEBA alerting within Chronicle SIEM, based on log sources - Deliver a minimum viable UEBA capability with tested detection logic - Provide engineering support to accelerate onboarding of log sources required for UEBA enrichment and detection fidelity - Demonstrate the ability to work with Google Chronicle and SecOps APIs, specifically for the … Design and implement detection use cases aligned to MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs - BindPlane - MITRE ATT&CK - Strong SOC background - SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December, possibly longer - Hybrid More ❯

assisting a client who operate in a regulated industry, financial services, who are currently embarking a programme of work focused on maturity/designing and implementing security posture utilising SIEM tools such as Google Chronicle & implementing UEBA/SOAR (Security Orchestration, Automation, and Response/User and Entity Behaviour Analytics) built on GCP/Google Cloud so Google SecOps/… Security Operations experience is highly desirable. Key Responsibilities; - Enable and validate UEBA alerting within Chronicle SIEM, based on log sources - Deliver a minimum viable UEBA capability with tested detection logic - Provide engineering support to accelerate onboarding of log sources required for UEBA enrichment and detection fidelity - Demonstrate the ability to work with Google Chronicle and SecOps APIs, specifically for the … Design and implement detection use cases aligned to MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs - BindPlane - MITRE ATT&CK - Strong SOC background - SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December, possibly longer - Hybrid More ❯

assisting a client who operate in a regulated industry, financial services, who are currently embarking a programme of work focused on maturity/designing and implementing security posture utilising SIEM tools such as Google Chronicle & implementing UEBA/SOAR (Security Orchestration, Automation, and Response/User and Entity Behaviour Analytics) built on GCP/Google Cloud so Google SecOps/… Security Operations experience is highly desirable. Key Responsibilities; - Enable and validate UEBA alerting within Chronicle SIEM, based on log sources - Deliver a minimum viable UEBA capability with tested detection logic - Provide engineering support to accelerate onboarding of log sources required for UEBA enrichment and detection fidelity - Demonstrate the ability to work with Google Chronicle and SecOps APIs, specifically for the … Design and implement detection use cases aligned to MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs - BindPlane - MITRE ATT&CK - Strong SOC background - SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December, possibly longer - Hybrid More ❯

assisting a client who operate in a regulated industry, financial services, who are currently embarking a programme of work focused on maturity/designing and implementing security posture utilising SIEM tools such as Google Chronicle & implementing UEBA/SOAR (Security Orchestration, Automation, and Response/User and Entity Behaviour Analytics) built on GCP/Google Cloud so Google SecOps/… Security Operations experience is highly desirable. Key Responsibilities; - Enable and validate UEBA alerting within Chronicle SIEM, based on log sources - Deliver a minimum viable UEBA capability with tested detection logic - Provide engineering support to accelerate onboarding of log sources required for UEBA enrichment and detection fidelity - Demonstrate the ability to work with Google Chronicle and SecOps APIs, specifically for the … Design and implement detection use cases aligned to MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs - BindPlane - MITRE ATT&CK - Strong SOC background - SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December, possibly longer - Hybrid More ❯

from the SOC. The Lead Incident Response Specialist will have the following responsibilities - Develop and refine incident response standard operating procedures and playbooks Operate and maintain controls related to SIEM, DLP, Vulnerability Management, Cyber Threat Intelligence, Endpoint Protection To ensure incident response efforts and documentation comply with industry standards and best practices like GDPR, SOC, NIST & ISO The LeadIncident Response … Specialist will need to have the following skills/experience - 5+ years experience working within Incident Response or similar Previous experience operating and maintaining IT security controls related to SIEM, DLP, Vulnerability Management and Cyber Threat Intelligence Must have practical commercial experience of IT Security analysis and engineering experience including securing systems, networks and infrastructure; operational support Previous working within More ❯

SIEM Application Engineer - Elasticsearch Birmingham - 3 days in the office/2 days from home £60-70k pa + bonus and benefits We are recruiting a fantastic opportunity to join a busy Security Engineering team and support the design, development, implementation and operation of a SIEM platform. In this role you will design and implement SIEM solutions using Elasticsearch … as well as optimising SIEM rules, alerts and dashboards. You will collaborate with cross-functional teams, contributing as part of a security engineering team. As well as Elasticsearch you should have commercial experience with Logstash and Kibana to enhance threat detection, incident response and overall security. Please send a CV detailing the above required experience for consideration. SIEM Application Engineer More ❯

resolving Zscaler-related issues Managing policies, user configurations, and integrations Work with internal teams to ensure seamless integration between Zscaler and other security/networking tools (e.g., identity providers, SIEM platforms, endpoint solutions) Assist in onboarding new applications and services into the Zscaler environment Develop and deliver training materials for internal teams Maintain up-to-date documentation and standard operating … Private Access (ZPA) Experience with SAML, SCIM, Active Directory, and identity federation tools Solid understanding of networking concepts (DNS, VPN, firewalls, etc.) Experience integrating Zscaler with security tools (e.g., SIEM, EDR, CASB) Desirable Skills: Zscaler certifications (ZCCA-IA, ZCCA-PA, or ZCCP) Familiarity with scripting or automation (PowerShell, Python) Bright Purple is proud to be an equal opportunities employer. We More ❯