301 to 325 of 364 SIEM Jobs in the UK

and responding to security incidents. Your responsibilities will include: Controlling communications at external and internal system boundaries using firewalls, Intrusion Protection Systems (IPS), and Security Information and Event Management (SIEM) tools. Updating and maintaining network access control (NAC) and antivirus solutions. Monitoring and reviewing logs to detect unauthorized access attempts and ensure compliance with security policies. Maintaining accurate records of More ❯

and responding to security incidents. Your responsibilities will include: Controlling communications at external and internal system boundaries using firewalls, Intrusion Protection Systems (IPS), and Security Information and Event Management (SIEM) tools. Updating and maintaining network access control (NAC) and antivirus solutions. Monitoring and reviewing logs to detect unauthorized access attempts and ensure compliance with security policies. Maintaining accurate records of More ❯

plans for information risk events and incidents based on incident type and severity Assists with containment of threats and remediation of environment during or after an incident Work with SIEM Engineering and other security partners developing and refining correlation rules Regularly develop new and interesting use cases for future SIEM logic Administer and configure security tools and sensors to alert More ❯

plans for information risk events and incidents based on incident type and severity Assists with containment of threats and remediation of environment during or after an incident Work with SIEM Engineering and other security partners developing and refining correlation rules Regularly develop new and interesting use cases for future SIEM logic Administer and configure security tools and sensors to alert More ❯

plans for information risk events and incidents based on incident type and severity Assists with containment of threats and remediation of environment during or after an incident Work with SIEM Engineering and other security partners developing and refining correlation rules Regularly develop new and interesting use cases for future SIEM logic Administer and configure security tools and sensors to alert More ❯

plans for information risk events and incidents based on incident type and severity Assists with containment of threats and remediation of environment during or after an incident Work with SIEM Engineering and other security partners developing and refining correlation rules Regularly develop new and interesting use cases for future SIEM logic Administer and configure security tools and sensors to alert More ❯

SOC services, including security monitoring, incident detection, analysis, and response. Establish and document processes and workflows. Oversee the development of security tools and technologies like NDR, EDR, Vulnerability Management, SIEM, and SOAR. Collaborate with business owners to identify and reduce cyber threats and vulnerabilities. We're looking for someone who is: Experienced in information security, especially security operations and incident … security operations teams. Strong understanding of cyber security concepts, technologies, and best practices. Effective in managing and communicating with diverse stakeholders, including executives. Experienced with security tools such as SIEM, IDS/IPS, EDR, and vulnerability management. Familiar with working in cloud environments. Exposure to threat modeling. (You don't need to match all the bullet points to be considered More ❯

an ad-hoc basis. What will you do as a Senior Security Engineer? Take over the full lifecycle of Splunk Enterprise Security management, followed by the ownership of the SIEM once implemented Onboard Splunk log sources, proactively support Splunk, liaise with stakeholders and improve efficiency Partner with the new MSSP as the business transitions – Covering SOC duties on an ad … the business/group from a security perspective Automate tasks and processes to make life easier What skills do you need as a Senior Security Engineer? Splunk Enterprise Security SIEM expertise (full lifecycle ideal) Microsoft Defender for EDR/XDR/MDR Nessus for vulnerability management Mimecast for email security SCCM/Intune for patch management L3/L4 Incident More ❯

a strong customer-first mindset. 4+ years of experience as a Support Engineer, demonstrating a strong customer-centric approach. Previous experience with Endpoint Security software is required. In-depth SIEM experience, including: A deep understanding of how SIEMs work Experience creating custom collections and data parsing Proficiency in creating complex correlation rules, reports, and dashboards Experience with SIEM integration and More ❯

a strong customer-first mindset. 4+ years of experience as a Support Engineer, demonstrating a strong customer-centric approach. Previous experience with Endpoint Security software is required. In-depth SIEM experience, including: A deep understanding of how SIEMs work Experience creating custom collections and data parsing Proficiency in creating complex correlation rules, reports, and dashboards Experience with SIEM integration and More ❯

a strong customer-first mindset. 4+ years of experience as a Support Engineer, demonstrating a strong customer-centric approach. Previous experience with Endpoint Security software is required. In-depth SIEM experience, including: A deep understanding of how SIEMs work Experience creating custom collections and data parsing Proficiency in creating complex correlation rules, reports, and dashboards Experience with SIEM integration and More ❯

integrity of core systems and platforms. You will work closely with the SOC Manager across daily activities of the Security Operations Center, continuously monitoring security alerts and incidents using SIEM tools (Splunk) to create detection use cases, analyse security event data for proactive threat hunting and conduct research on the latest threats and vulnerabilities to enhance incident response readiness and … About you: You are degree educated in Cyber Security or Computer Science You have strong experience in Security Operations and Incident Response You have experience of performing analysis with SIEM technologies, Splunk preferred You have experience with proactive threat hunting using MITRE ATT&CK or similar frameworks You have a deep understanding of security appliances/tools such as host More ❯

house security operations team on a permanent basis in Manchester . This is a fantastic opportunity to be at the heart of cyber defence operations, working hands-on with SIEM tools and ensuring compliance with Cyber Essentials standards. You’ll play a key role in monitoring, detecting, and responding to threats, while continuously improving our security posture and supporting the … wider IT security strategy. Key Responsibilities Monitor, triage, and investigate alerts generated by SIEM and security monitoring platforms. Conduct log analysis and threat hunting to proactively identify suspicious activity. Support incident response efforts including containment, investigation, and remediation. Ensure security processes align with Cyber Essentials and other best practice frameworks. Optimise SIEM tooling for enhanced visibility and detection capability. Produce … with IT and security colleagues to strengthen organisational defences. Skills & Experience Required Previous experience as a SOC Analyst or in a security operations role. Strong hands-on knowledge of SIEM platforms (e.g., Splunk, Sentinel, QRadar, or similar). Understanding of Cyber Essentials and broader security standards. Knowledge of incident response, intrusion detection, and threat analysis. Familiarity with endpoint security, IDS More ❯

house security operations team on a permanent basis in Manchester . This is a fantastic opportunity to be at the heart of cyber defence operations, working hands-on with SIEM tools and ensuring compliance with Cyber Essentials standards. You’ll play a key role in monitoring, detecting, and responding to threats, while continuously improving our security posture and supporting the … wider IT security strategy. Key Responsibilities Monitor, triage, and investigate alerts generated by SIEM and security monitoring platforms. Conduct log analysis and threat hunting to proactively identify suspicious activity. Support incident response efforts including containment, investigation, and remediation. Ensure security processes align with Cyber Essentials and other best practice frameworks. Optimise SIEM tooling for enhanced visibility and detection capability. Produce … with IT and security colleagues to strengthen organisational defences. Skills & Experience Required Previous experience as a SOC Analyst or in a security operations role. Strong hands-on knowledge of SIEM platforms (e.g., Splunk, Sentinel, QRadar, or similar). Understanding of Cyber Essentials and broader security standards. Knowledge of incident response, intrusion detection, and threat analysis. Familiarity with endpoint security, IDS More ❯

house security operations team on a permanent basis in Manchester . This is a fantastic opportunity to be at the heart of cyber defence operations, working hands-on with SIEM tools and ensuring compliance with Cyber Essentials standards. You’ll play a key role in monitoring, detecting, and responding to threats, while continuously improving our security posture and supporting the … wider IT security strategy. Key Responsibilities Monitor, triage, and investigate alerts generated by SIEM and security monitoring platforms. Conduct log analysis and threat hunting to proactively identify suspicious activity. Support incident response efforts including containment, investigation, and remediation. Ensure security processes align with Cyber Essentials and other best practice frameworks. Optimise SIEM tooling for enhanced visibility and detection capability. Produce … with IT and security colleagues to strengthen organisational defences. Skills & Experience Required Previous experience as a SOC Analyst or in a security operations role. Strong hands-on knowledge of SIEM platforms (e.g., Splunk, Sentinel, QRadar, or similar). Understanding of Cyber Essentials and broader security standards. Knowledge of incident response, intrusion detection, and threat analysis. Familiarity with endpoint security, IDS More ❯

clients. This Junior SOC Analyst role will be an integral member of the Security Operation Centre. They will help identify and analyse potential threats utilising a number of different SIEM & EDR tools. To be a key member of Security Operations Centre (SOC) and provide real-time threat analysis and detection. Respond to system generated alerts, analyse logs and traffic patterns. … years UK residency) 1-3 years' experience as a Security/Network Administrator orequivalent Bachelor's degree in a related field or equivalent experience and knowledge Experience working with SIEM systems Industry standard certifications such as: CompTIA Security+, CompTIA Network+, CompTIA CySa+, Cisco CCNA, EC-Council CEH, and/or relevant specialized degree in Cyber Forensics or Computer Science. Kroll More ❯

part of a small, expert team responsible for protecting enterprise systems and data. This role offers hands-on involvement with a wide range of technologies-from endpoint detection and SIEM platforms to firewalls, MFA, and vulnerability management-providing a well-rounded foundation in enterprise security operations. You'll gain exposure to advanced security practices, assist in running and responding to … threat detection systems, and contribute to projects that strengthen security across the organisation. Key Responsibilities Monitor and respond to security alerts and incidents (EDR, SIEM, Identity Protection, SOAR). Assist in vulnerability scanning and remediation activities. Help manage systems such as email and web security gateways, VPNs, MFA, SSO, and mobile device security. Support the maintenance of security certificates, PAM More ❯

nights (6pm6am), 4 days off . Essential Skills and Experience: Proven experience in a Security Operations Centre (SOC) environment Previous people management or line management experience Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk Knowledge and use of the Mitre Att&ck Framework for detection and threat analysis In-depth understanding of: Client-server applications and multi-tier … Active DV Clearance Scripting or programming with Python , Perl , Bash , PowerShell , or C++ Recognised certifications such as CREST Practitioner Intrusion Analyst or Blue Team Level 1 Familiarity with additional SIEM technologies, especially QRadar Role & Responsibilities As a SOC Shift Lead , you will ensure the smooth operation and continual enhancement of SOC processes and personnel. You will play a pivotal role More ❯

severity Advanced knowledge of the NIST Incident Response Lifecycle and experience developing effective incident response documentation and procedures Expert-level proficiency with security monitoring and forensic tools, including EDR, SIEM, and SOAR systems Experience conducting post-incident reviews and implementing security improvements based on lessons learned Strong understanding of threat actor TTPs and ability to apply threat intelligence to enhance … the NIST Incident Response Lifecycle and experience developing effective incident response documentation and procedures? Select Do you have EXPERT-level proficiency with security monitoring and forensic tools, including EDR, SIEM, and SOAR systems? Select If hired, can you provide evidence of legal eligibility to work in the U.K.? Select How did you hear about this job? Where do you live More ❯

technical leader in safeguarding sensitive data and systems. Key Responsibilities/Duties Manage WAF and DDoS systems Manage the Web Security Gateway Manage the Email Security Gateway Manage the SIEM, SOAR, Identity Protection and EDR, and respond to alerts and threats. Carry out vulnerability scans, identify risks, and remediation. Manage the perimeter and VPN firewalls. Manage MFA and SSO. Manage … in managing the majority of the following technology stack CrowdStrike EDR Mimecast Mail Security Gateway Duo Okta Rapid7 IVM, Tenable IO or Nessus Rapid7 IDR or CrowdStrike Next Gen SIEM Palo Alto Firewalls and Panorama InTune and Conditional Access Entra ID, Active Directory, DNS, GPO Experience using the following technology stack would be advantageous; understanding the principles is required. Imperva More ❯

Requirements Knowledge: A demonstrablenetworking background - experience in system administration. Knowledge of big datatechnologies and ecosystems (e.g. Apache NiFi). Knowledge of currentmarket and emerging tools in data analytical and SIEM platforms. Knowledgeof network security implementations (e.g., IDS, IPS, EDR), including theirfunction and placement in an enterprise network. Knowledgeof intrusion detection systems and signature development. Knowledge of front-endcollection systems, including … have experience withEnterprise ICS/network architectures and technologies. Must-have experience withframeworks and technologies that support data-intensive distributedapplications. Must-have experience withmaintaining and administrating data analytical and SIEM platforms such asElastic. Must-have experience with problemsolving and analytical skills and able to collect information, analyse, report,and advise on evidence-based changes. Skillto apply cybersecurityand privacy principles to More ❯

in real time. - Drive efforts to automate and accelerate the detection and response processes. - Ensure integration of input from the deployed suite of security tools to SOC systems (e.g. SIEM/SOAR), including, but not limited to, IDS/IPS, End Point Protection, MDR/XDR, PAM, MFA, DNS Security, and cloud security posture management. Required Skills/Experience: - 8+ … process, and architecture - Experience working with cloud security technologies (AWS, Azure DevOps, Kubernetes, GCP, etc) including cloud log analysis, monitoring, detection, and incident response. - Experience with SOC use of SIEM, SOAR, IDS/IPS, DLP, and Endpoint security. Lead Incident Response Engineer In accordance with the Employment Agencies and Employment Businesses Regulations 2003, this position is advertised based upon DGH More ❯

in real time. - Drive efforts to automate and accelerate the detection and response processes. - Ensure integration of input from the deployed suite of security tools to SOC systems (e.g. SIEM/SOAR), including, but not limited to, IDS/IPS, End Point Protection, MDR/XDR, PAM, MFA, DNS Security, and cloud security posture management. Required Skills/Experience: - 8+ … process, and architecture - Experience working with cloud security technologies (AWS, Azure DevOps, Kubernetes, GCP, etc) including cloud log analysis, monitoring, detection, and incident response. - Experience with SOC use of SIEM, SOAR, IDS/IPS, DLP, and Endpoint security. Lead Incident Response Engineer In accordance with the Employment Agencies and Employment Businesses Regulations 2003, this position is advertised based upon DGH More ❯

in real time. - Drive efforts to automate and accelerate the detection and response processes. - Ensure integration of input from the deployed suite of security tools to SOC systems (e.g. SIEM/SOAR), including, but not limited to, IDS/IPS, End Point Protection, MDR/XDR, PAM, MFA, DNS Security, and cloud security posture management. Required Skills/Experience: - 8+ … process, and architecture - Experience working with cloud security technologies (AWS, Azure DevOps, Kubernetes, GCP, etc) including cloud log analysis, monitoring, detection, and incident response. - Experience with SOC use of SIEM, SOAR, IDS/IPS, DLP, and Endpoint security. Lead Incident Response Engineer In accordance with the Employment Agencies and Employment Businesses Regulations 2003, this position is advertised based upon DGH More ❯

Kill Chain, Threat Modelling, Diamond Model). Conduct forensic investigations on systems, networks, and endpoints. Refine threat hunting and threat intelligence capabilities. Support and mature security monitoring use cases (SIEM, packet inspection, IOCs). Coordinate cross-functional security incident response with SOC, Threat Intelligence, and Red/Blue teams. Engage with technical and business teams on cyber risk reduction strategies. … based artifacts). Strong understanding of security monitoring frameworks (MITRE ATT&CK, NIST, etc.). Experience working in financial services or a regulated environment preferred. Hands-on experience with SIEM tools, network forensics, and endpoint detection. Knowledge of CIS benchmarks, cloud security, IAM, DLP, and vulnerability management. Familiarity with Windows, Linux/Unix, networking, and virtualisation (VMware). Certifications (preferred More ❯