326 to 350 of 616 SIEM Jobs in the UK

responsible for monitoring systems, identifying potential threats, and ensuring rapid incident response to safeguard critical services. Responsibilities Keep a close watch on SIEM platforms and other monitoring tools to spot unusual activity. Evaluate and triage alerts to separate genuine incidents from false positives. Take immediate containment steps and escalate confirmed ...

implementation of network security controls following approved designs Document network security configurations and change procedures Security Technology Solution Design Design security technology solutions including SIEM, endpoint protection, and monitoring platforms Create technical specifications for security tool deployments under supervision Support proof of concept activities for security technology evaluations Design integration … tree, port security Security platforms: Palo Alto, Cisco ASA/Firepower, Fortinet, Check Point Virtualization: VMware NSX, network virtualization, micro-segmentation Security Technology Knowledge SIEM platforms: Splunk, QRadar, Azure Sentinel, ELK Stack Endpoint protection: CrowdStrike, Carbon Black, Microsoft Defender Network monitoring: NetFlow, IPFIX, packet capture, network behavior analysis Identity and ...

integration of Agentic AI for Security to enable autonomous threat detection, adaptive response, and continuous security posture improvement. Architect and optimise Microsoft Sentinel for SIEM, UEBA, and threat intelligence integration, leveraging Microsoft Sentinel Model Context Protocol (MCP) for advanced context-aware analytics and automation. Develop and maintain security analytics and … Cloud (Defend, Runtime Sensor, Code), CSPM, and CWP. Automation & Integration : Using Sentinel Graph, Microsoft Graph Security API, playbooks, Logic Apps, Power Automate. Threat Management : SIEM for detection, response, hunting; SOAR workflow design; KQL queries, custom rules, UEBA. Identity & Access Security : Entra ID, Conditional Access, Identity Protection, PIM. Email Security : Microsoft ...

will help manage and support customer network security environments. You’ll work on firewall configurations, troubleshooting, and incident response, while gaining exposure to SIEM tools and advanced security solutions. Full training and development opportunities will be provided. Key Responsibilities Monitor and manage client firewalls, VPNs, and network devices using centralized … ticketing system and provide status updates to clients as needed. Collaborate with internal SOC and engineering teams to resolve complex incidents. Gain exposure to SIEM alert triage and basic investigation using Microsoft Sentinel or LogPoint (training provided). Essential Skills & Experience 1–2+ years of experience in a networking ...

security documentation, tenders, and compliance activities. Please note this role is not eligible for Skilled Worker visa sponsorship. Responsibilities: Technical Security Operations Respond to SIEM alerts, security events and write relevant queries and scripts Manage and maintain security tools (e.g. Splunk, Trend Micro, AWS tooling, CloudGuard). Lead patch management … Experience: Essential: Proven experience in cybersecurity engineering or operations. Strong knowledge of cloud security (AWS preferred), operating systems, and network security. Technical experience with SIEM, vulnerability management, and security tooling. Technically skilled with AWS CLI, Linux, Windows and other platforms. Excellent written and verbal communication skills. Ability to manage multiple ...

.It will cover analysis, monitoring, reporting, alerting and investigation activity utilising a wide variety of security platforms including AI/ML and behavioural analytics, SIEM (Security Information Event Management), Network Packet Capture platform, Anti Malicious Code, Threat Detection technologies and platforms across the UK Network Perimeter working with the best … cause analysis and leading T2 incident investigations Process/Playbook/Runbook development Working knowledge of detection engineering, false positive improvements Capability to tune SIEM rules or create custom detections Scripted automation experience e.g. Python, SOAR, PowerShell Threat modelling and Hunting methodologies ...

will cover analysis, monitoring, reporting, alerting and investigation activity utilising a wide variety of security platforms including AI/ML and behavioural analytics, SIEM (Security Information Event Management), Network Packet Capture platform, Anti Malicious Code, Threat Detection technologies and platforms across the UK Network Perimeter working with the best standard … cause analysis and leading T2 incident investigations Process/Playbook/Runbook development Working knowledge of detection engineering, false positive improvements Capability to tune SIEM rules or create custom detections Scripted automation experience e.g. Python, SOAR, PowerShell Threat modelling and Hunting methodologies ...

culture of continuous learning and technical excellence. Oversee the full lifecycle of security incidents — from detection through to resolution and review. Manage and optimise SIEM and SOAR platforms (Splunk, Sentinel, Elastic) to enhance detection and automation capabilities. Drive continuous improvement through ITIL-aligned processes and adherence to CREST standards. Oversee … leading SOC operations in a 24×7 or multi-client environment. Strong background in incident management, threat detection, and escalation processes. Technical depth across SIEM/SOAR tooling, preferably Splunk or Microsoft Sentinel. A passion for developing teams — coaching analysts and building collaborative, high-performing cultures. Strong understanding of frameworks ...

compensation provided for out-of-hours work. Key Responsibilities: Handle escalations from Level 1 analysts and validate complex alerts. Conduct in-depth analysis using SIEM, EDR, XDR and threat intelligence sources to establish root cause, scope and impact. Lead containment and remediation actions in coordination with senior engineers and incident … response leads. Develop and refine detection content, queries and automated workflows within SIEM/SOAR tooling. Provide customers with clear incident summaries, technical explanations and remediation guidance. Identify emerging threats and document relevant tactics, techniques, and procedures. Support structured threat hunting activities and contribute to improving detection coverage. Maintain accurate ...

Level 3 Analyst North West/Hybrid CrowdStrike | LogScale SIEM | Incident Response | Threat Hunting The Company A rapidly growing UK-based cyber security provider is expanding its Security Operations Centre following continued demand for advanced MDR, SOC, and Incident Response services. The organisation operates a modern 24×7 SOC delivering … intelligence-led cyber defence across SMB and enterprise customers. Their security stack includes cutting-edge EDR, identity protection, SIEM and automation tooling, with a strong focus on engineering a highly effective, cloud-native SOC environment. CrowdStrike | LogScale SIEM | Incident Response | Threat Hunting The Role This permanent position is ideal ...

team, providing frontline defence and hands-on technical support across a modern IT environment. What you'll do Monitor and triage security alerts from SIEM and endpoint protection tools click apply for full job details ...

Customer Facing role. Already owns, or has the ability to pass a high level of Security Clearance Knowledge/Experience of SNMP, Packet Inspection, SIEM, NetFlow, NCCM, SolarWinds, Event Management Full Driving License This role will require SC Security Clearance so please only apply if you are applicable to receive ...

varied audience of people who work in both IT and non-IT roles. Proficient with commonly used incident response tools, logging, and SIEM technologies. In-depth knowledge of and experience in security concepts such as cyber-attacks and techniques, risk management, incident management, threat management, etc. What We Offer ...

varied audience of people who work in both IT and non-IT roles. Proficient with commonly used incident response tools, logging, and SIEM technologies. In-depth knowledge of and experience in security concepts such as cyber-attacks and techniques, risk management, incident management, threat management, etc. What We Offer ...

/CD pipelines Driving ISO 27000 implementation and supporting ongoing compliance initiatives Introducing and managing cybersecurity tools such as vulnerability scanners, endpoint protection, SIEM, and cloud security monitoring solutions Requirements: Extensive experience in a DevOps team lead role using AWS, (IAM, S3, EKS). Experience with IaC such as Terraform.. ...

environments, confident presentation and communication abilities. Strong network security background is essential (CCNA, CCNP or CCIE level), and IOT, threat detection, XDR, SIEM, EDR, security experience is a plus. Comfortable with regular travel and adapting to customer needs. Highly motivated, customer-focused, and committed to quality. Experience in translating business ...

level of security for the customer. The Cyber Security Consultant leads detailed risk assessments, implements industry-standard frameworks (NIST, NCSC, NIS2), and actively manages SIEM/XDR tools such as IBM QRadar, Microsoft Sentinel, and Defender XDR. This role involves deeper client interaction, proactive risk management, and advanced threat detection … interactions. Lead comprehensive cybersecurity risk assessments aligned to industry standards. Conduct environment reviews, ensuring compliance with NIST frameworks and related standards. Oversee and implement SIEM/XDR deployments, custom rule development, and incident response processes. Provide guidance on best practices for SIEM/XDR and threat detection. Conduct security posture ...

level of security for the customer. The Cyber Security Consultant leads detailed risk assessments, implements industry-standard frameworks (NIST, NCSC, NIS2), and actively manages SIEM/XDR tools such as IBM QRadar, Microsoft Sentinel, and Defender XDR. This role involves deeper client interaction, proactive risk management, and advanced threat detection … interactions. Lead comprehensive cybersecurity risk assessments aligned to industry standards. Conduct environment reviews, ensuring compliance with NIST frameworks and related standards. Oversee and implement SIEM/XDR deployments, custom rule development, and incident response processes. Provide guidance on best practices for SIEM/XDR and threat detection. Conduct security posture ...

enterprise identity and access protection Secure virtualisation platforms (Hyper-V, VMware) and implement endpoint security (EDR, anti-malware, DLP) Operate and optimise SIEM tools (Splunk, Microsoft Sentinel) for threat detection and incident response Perform vulnerability assessments using Qualys and Tenable, driving remediation and continuous improvement Align security controls with … knowledge of Microsoft technologies (Windows Server/Desktop, Active Directory, Group Policy) Hands-on experience with MFA, virtualisation, and network security appliances Understanding of SIEM operations, vulnerability management, and endpoint protection Familiarity with recognised security frameworks (ISO 27001, NIST, CIS, Cyber Essentials) Excellent problem-solving and communication skills DV cleared. ...

resided continuously in the UK for the past five years, due to Security Clearance requirements. Key Responsibilities: Lead investigations of security incidents raised by SIEM and CNAPP tooling. Drive improvements in cloud security posture using Microsoft Defender for Cloud. Guide project teams on remediation steps and ensure alignment with security … best practices. Support WebOps activities including deployment and configuration of SIEM and CNAPP tools. Oversee vulnerability management processes and ensure timely remediation. Manage and maintain LogicMonitor for cloud platform monitoring: Create and update logicmodules Configure alert rules and escalation chains Manage ServiceNow integration for incident handling Build and maintain dashboards ...

understanding of Information Security solutions e.g. email/web gateways, Privileged Account Management (PAM), Identity Governance and Administration (IGA), Security Information and Event Management (SIEM), Endpoint protection etc. Knowledge/experience working with firewalls is highly advantageous Experience of Cloud security solutions and standards is highly advantageous Competence, knowledge and ...

Skills & Experience of Cyber Sales Manager will include: 3+ Years Minimum of Successful Cyber Security Sales Experience Technical grounding in SOC, MDR, IR, SIEM, or related Solutions Proven Ability to Influence Senior IT/Security Stakeholders Established Network of UK Private-Sector Contacts advantageous Entrepreneurial, Hunter Mindset; Resilient & Confident Native ...

ensure solutions are cost-efficient, scalable and compliant Working across Linux environments (primarily Ubuntu) while collaborating with Windows teams where needed Supporting vulnerability management, SIEM engineering and wider security initiatives Reading documentation, troubleshooting independently and quickly becoming productive in complex systems Working closely with a team of juniors, mid-level … Ability to troubleshoot independently, read documentation and identify efficient solutions Strong consulting skills - calm, pragmatic communication, and ability to challenge when required Exposure to SIEM (Splunk/Elastic), vulnerability tools, or cloud security platforms A problem-solving mindset and willingness to learn new tools and languages quickly Experience in fast ...

accounts and delivering value to strategic accounts in the cybersecurity industry Extensive platform selling experience in complex sales with multiple buying centers Experience selling SIEM, EDR, or CNAPP (DevSecOps, CloudOps) solutions is highly preferred Established trusted relationships with CIOs and CISOs with the ability to influence and drive strategic conversations ...

Financial services or other highly regulated industries Certificate-based authentication/PKI Integration with directory services (e.g. AD/Azure AD) Logging, alerting, and SIEM integration Previous NAC redesign or cleanup engagements Working Arrangements 3–4 days per week on-site in the City of London Initial 3-month contract ...