351 to 375 of 616 SIEM Jobs in the UK

Financial services or other highly regulated industries Certificate-based authentication/PKI Integration with directory services (e.g. AD/Azure AD) Logging, alerting, and SIEM integration Previous NAC redesign or cleanup engagements Working Arrangements 34 days per week on-site in the City of London Initial 3-month contract with ...

Financial services or other highly regulated industries Certificate-based authentication/PKI Integration with directory services (e.g. AD/Azure AD) Logging, alerting, and SIEM integration Previous NAC redesign or cleanup engagements Working Arrangements 3–4 days per week on-site in the City of London Initial 3-month contract ...

market salaries + a great benefits package. Must have requirements: 📍5-15 years experience selling cyber threat intelligence security. 📍Experience working for SIEM, SOAR or TIPS vendors is also of interest. 📍A strong new business sales track record selling to enterprise customers. 📍Experience selling to UK government accounts is desirable. ...

Patching and Maintenance of test and live environments to include installing Anti-Virus, WSUS, RHEL & other product updates o Working with PKI Certificates and SIEM tooling o Providing support to Engineering & Test teams o AD Administration activities accounts, groups, memberships, permissions etc. o Participating in rota for On-Call ...

Cyber Security Engineer Focus: Azure/M365/Identity Management/SIEM/SOAR/Firewalls Salary: £70,000 + 20% Bonus + 20% Pension Location: Central London – Hybrid Join a prestigious financial organisation that has recently migrated to Azure Cloud and is now strengthening its security posture. With around … experience in Cyber Security, with strong technical skills in Azure and M365 security Hands-on experience with Azure security tools (Defender, Sentinel, Conditional Access) SIEM/SOAR Understanding of Identity and Access Management in cloud environments Background in IT support or infrastructure roles, with troubleshooting experience Relevant certifications Strong stakeholder ...

Cyber Security Engineer Focus: Azure/M365/Identity Management/SIEM/SOAR/Firewalls Salary: £70,000 + 20% Bonus + 20% Pension Location: Central London – Hybrid Join a prestigious financial organisation that has recently migrated to Azure Cloud and is now strengthening its security posture. With around … experience in Cyber Security, with strong technical skills in Azure and M365 security Hands-on experience with Azure security tools (Defender, Sentinel, Conditional Access) SIEM/SOAR Understanding of Identity and Access Management in cloud environments Background in IT support or infrastructure roles, with troubleshooting experience Relevant certifications Strong stakeholder ...

growth. Collaborate with customers and stakeholders. The Role As a Senior Security SME , you will take a lead role in advanced engineering work for SIEM and XDR, escalated security incident response, and advanced threat hunting. We are seeking a highly skilled and experienced L3 SME with strong engineering knowledge and … across security tooling. Advanced Threat Detection & Incident Response: Investigate and analyze complex security incidents escalated from L1/L2 SOC analysts. Leverage Microsoft Sentinel (SIEM) and Microsoft Defender XDR to conduct in-depth incident response .Correlate multi-source telemetry (network, endpoint, identity, cloud) to identify and contain threats. Threat Hunting ...

candidates from general SOC or InfoSec backgrounds, sector experience is a bonus, not a requirement. What you'll be doing: Operate, tune and configure SIEM tools Monitor and triage security alerts, applying custom queries (e.g. KQL) and correlation rules to detect suspicious activity. Investigate security incidents across endpoints, networks, and … and security posture improvements. What we're looking for: Strong working knowledge of Microsoft security stack (e.g. Sentinel, Defender) and hands-on experience with SIEM tooling, alerts triage, detection logic, and security incident workflows. Ability to write and optimise detection queries (e.g. in KQL), review firewall and security logs, manage ...

candidates from general SOC or InfoSec backgrounds, sector experience is a bonus, not a requirement. What you'll be doing: Operate, tune and configure SIEM tools Monitor and triage security alerts, applying custom queries (e.g. KQL) and correlation rules to detect suspicious activity. Investigate security incidents across endpoints, networks, and … and security posture improvements. What we're looking for: Strong working knowledge of Microsoft security stack (e.g. Sentinel, Defender) and hands-on experience with SIEM tooling, alerts triage, detection logic, and security incident workflows. Ability to write and optimise detection queries (e.g. in KQL), review firewall and security logs, manage ...

candidates from general SOC or InfoSec backgrounds, sector experience is a bonus, not a requirement. What you’ll be doing: Operate, tune and configure SIEM tools Monitor and triage security alerts, applying custom queries (e.g. KQL) and correlation rules to detect suspicious activity. Investigate security incidents across endpoints, networks, and … and security posture improvements. What we’re looking for: Strong working knowledge of Microsoft security stack (e.g. Sentinel, Defender) and hands-on experience with SIEM tooling, alerts triage, detection logic, and security incident workflows. Ability to write and optimise detection queries (e.g. in KQL), review firewall and security logs, manage ...

candidates from general SOC or InfoSec backgrounds, sector experience is a bonus, not a requirement. What you'll be doing: Operate, tune and configure SIEM tools Monitor and triage security alerts, applying custom queries (e.g. KQL) and correlation rules to detect suspicious activity. Investigate security incidents across endpoints, networks, and … and security posture improvements. What we're looking for: Strong working knowledge of Microsoft security stack (e.g. Sentinel, Defender) and hands-on experience with SIEM tooling, alerts triage, detection logic, and security incident workflows. Ability to write and optimise detection queries (e.g. in KQL), review firewall and security logs, manage ...

They're keen to move quickly for the right person. What you'll be doing As SOC Analyst, you will: Operate, tune and configure SIEM tools Monitor and triage security alerts, applying custom queries (e.g. KQL) and correlation rules to detect suspicious activity. Investigate security incidents across endpoints, networks, and … security operations/incident-response role. Strong working knowledge of Microsoft security stack (e.g. Sentinel, Defender) and hands-on experience with SIEM tooling, alerts triage, detection logic, and security incident workflows. Ability to write and optimise detection queries (e.g. in KQL), review firewall and security logs, manage email/ ...

environment, with a deep understanding of how SOC operations integrate with IR.* Expert knowledge of technologies such as Microsoft security stack, DFIR tooling, SIEM, Microsoft Defender/Sentinel, EDR platforms, timeline analysis, and cloud environments (Azure, AWS, or GCP).* Exposure to penetration testing, including red team or purple team … client's supplier list for this position. Keywords Incident Response, Cyber Incident Responder, DFIR, Digital Forensics, SOC Analyst, Lead Incident Responder, Cybersecurity Analyst, SIEM, Microsoft Sentinel, Microsoft Defender, EDR, Azure Security, AWS Security, GCP Security, Threat Hunting, Cyber Threat Intelligence, MITRE ATT&CK, Red Team, Purple Team, Malware Analysis, Cyber ...

environment, with a deep understanding of how SOC operations integrate with IR. * Expert knowledge of technologies such as Microsoft security stack, DFIR tooling, SIEM, Microsoft Defender/Sentinel, EDR platforms, timeline analysis, and cloud environments (Azure, AWS, or GCP). * Exposure to penetration testing, including red team or purple team … client's supplier list for this position. Keywords Incident Response, Cyber Incident Responder, DFIR, Digital Forensics, SOC Analyst, Lead Incident Responder, Cybersecurity Analyst, SIEM, Microsoft Sentinel, Microsoft Defender, EDR, Azure Security, AWS Security, GCP Security, Threat Hunting, Cyber Threat Intelligence, MITRE ATT&CK, Red Team, Purple Team, Malware Analysis, Cyber ...

rules, dashboards, and reports for our Security Information and Event Management (SIEM) systems. This role requires a strong understanding of security procedures and experience working with SIEM platforms and within an MSSP environments where you may be working across multiple operational customers and projects. Hybrid Variable: Working in Hemel Hempstead … Clearance. What you'll be doing: Develop, deploy, and uphold security content (including rules, dashboards, and reports) for our SIEM system. Continuously monitor and analyse SIEM data to identify and respond to potential security threats. Collaborate with SOC Analysts, Architects, Project Managers & Engineers to improve the precision and efficiency ...

audits, and ensure compliance with GDPR and ISO 27001. Oversee security operations, including monitoring, threat detection, and incident response. Manage security tools and processes: SIEM (Azure Sentinel), firewalls, endpoint protection, and identity management. Ensure secure configuration, patch management, and vulnerability remediation. Lead incident response and recovery, including investigations and post … cybersecurity, IT security, or risk management. Strong knowledge of cybersecurity frameworks (Cyber Essentials, ISO 27001). Hands-on experience with: Azure Sentinel and other SIEM tools Microsoft 365 security Azure-hosted environments Proven ability in incident response, compliance programs, and risk management. ...

including Copilot, Azure OpenAI, and agentic systems—ensuring proper guardrails, risk assessments, and data protection. Participate in cloud monitoring, detection & incident response, working with SIEM/XDR tooling and platform/application teams. Collaborate closely with data governance to ensure appropriate classification, labelling, access control, and lifecycle management of sensitive … using Microsoft Purview. Practically skilled in AI security, including risk identification, secure integration patterns, and AI governance models. Experience with cloud monitoring, incident response, SIEM/XDR operations. Ability to translate complex security risks into clear business language and actionable recommendations. DESIRABLE SKILLS Experience with secure data platforms (Azure Data ...

Skills: Proven Presales experience working for a Solutions Provider Strong Cyber Security Technical background. Cisco/Palo/Fortinet/Crowdstrike/Tenable Siem/XDR/MDR/SSE/SASE/Zerotrust Gather requirements, RFI's, RFP's Produce exceptional High level Solution Design. ...

services Design and implement enterprise grade logging and monitoring solutions using OCI Logging, OCI Monitoring, Events and Alarms. Integrate OCI monitoring with third party SIEM, ITSM and APM tools (e.g. Splunk, BMC etc.) Demonstrable experience with Oracle Cloud Infrastructure (OCI), including proficiency in the design and build of services such ...

/AWS security configuration. Experience of security automation. Knowledge of information security concepts and technologies such as IDS, email gateways and desktop security products, SIEM and SOAR platforms, web application firewalls and vulnerability management tools. Experience of SIEM toolsets including the ELK stack essential. Software development abilities at a senior ...

understand and proactively manage risk across the technology estate at both the national and force level. Key Responsibilities Development, maintenance, and deployment of SIEM detection rules for complex technical environments. Working alongside wider NMC functions, maintain knowledge of the threat landscape and TTPs employed by threat actors. Work across wider … Optimization of log collection to align with detection requirements. Maintain documentation for detection rules to be used by analysts. Scoping, testing and implementing new SIEM data connectors. Working with wider NMC teams, contributing to Continual Service Improvement and innovations. Support with the creation of automation and analyst playbooks What ...

vulnerability management activities and ensure effective patch governance. Support cloud security programmes and the development of secure architecture patterns. Lead enhancements to threat detection, SIEM/SOC processes, and endpoint security controls. Provide clear communication to technical and non-technical stakeholders regarding risks, incidents, and mitigation strategies. Required Skills & Experience … CISSP, CCSP, GICSP, or equivalent knowledge. Ability to communicate complex cyber risks to a range of audiences, including senior leadership. Hands-on experience with: SIEM/SOC operations XDR/EDR platforms and vulnerability management tools Cloud security controls and best practices CNAPP or similar cloud-native protection solutions Working ...

likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible for UK SC Clearance. Key Responsibilities … Develop, maintain, and optimise detection content (primarily within Splunk SIEM) to identify threats across cloud, endpoint, and network environments. Collaborate across security functions to identify gaps in logging, alerting, and detection coverage aligned to business risk. Improve SecOps processes by recommending enhanced logging, identifying trends, and driving operational optimisation. Conduct ...

likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible for UK SC Clearance. Key Responsibilities … Develop, maintain, and optimise detection content (primarily within Splunk SIEM) to identify threats across cloud, endpoint, and network environments. Collaborate across security functions to identify gaps in logging, alerting, and detection coverage aligned to business risk. Improve SecOps processes by recommending enhanced logging, identifying trends, and driving operational optimisation. Conduct ...

effective cyber incident detection, response, and threat mitigation across cloud, endpoint, and network environments. Key Responsibilities: Develop, maintain, and enhance security detection content for SIEM platforms (e.g., Splunk) to detect threats across diverse environments. Collaborate with security teams to identify gaps in detection, logging, and alerting based on business risks … . Required Experience & Skills: Strong technical expertise in cybersecurity, including threat hunting, attacker tactics, monitoring, alerting, and incident response. Experience with detection engineering and SIEM alert development. Solid understanding of core cybersecurity concepts: network security, cloud security, cryptography, and forensics. Familiarity with scripting or programming (Python, Bash, C/C++ ...