376 to 400 of 668 SIEM Jobs in the UK

Cyber Security Engineer Focus: Azure/M365/Identity Management/SIEM/SOAR/Firewalls Salary: £70,000 + 20% Bonus + 20% Pension Location: Central London – Hybrid Join a prestigious financial organisation that has recently migrated to Azure Cloud and is now strengthening its security posture. With around … experience in Cyber Security, with strong technical skills in Azure and M365 security Hands-on experience with Azure security tools (Defender, Sentinel, Conditional Access) SIEM/SOAR Understanding of Identity and Access Management in cloud environments Background in IT support or infrastructure roles, with troubleshooting experience Relevant certifications Strong stakeholder ...

growth. Collaborate with customers and stakeholders. The Role As a Senior Security SME , you will take a lead role in advanced engineering work for SIEM and XDR, escalated security incident response, and advanced threat hunting. We are seeking a highly skilled and experienced L3 SME with strong engineering knowledge and … across security tooling. Advanced Threat Detection & Incident Response: Investigate and analyze complex security incidents escalated from L1/L2 SOC analysts. Leverage Microsoft Sentinel (SIEM) and Microsoft Defender XDR to conduct in-depth incident response .Correlate multi-source telemetry (network, endpoint, identity, cloud) to identify and contain threats. Threat Hunting ...

candidates from general SOC or InfoSec backgrounds, sector experience is a bonus, not a requirement. What you'll be doing: Operate, tune and configure SIEM tools Monitor and triage security alerts, applying custom queries (e.g. KQL) and correlation rules to detect suspicious activity. Investigate security incidents across endpoints, networks, and … and security posture improvements. What we're looking for: Strong working knowledge of Microsoft security stack (e.g. Sentinel, Defender) and hands-on experience with SIEM tooling, alerts triage, detection logic, and security incident workflows. Ability to write and optimise detection queries (e.g. in KQL), review firewall and security logs, manage ...

candidates from general SOC or InfoSec backgrounds, sector experience is a bonus, not a requirement. What you'll be doing: Operate, tune and configure SIEM tools Monitor and triage security alerts, applying custom queries (e.g. KQL) and correlation rules to detect suspicious activity. Investigate security incidents across endpoints, networks, and … and security posture improvements. What we're looking for: Strong working knowledge of Microsoft security stack (e.g. Sentinel, Defender) and hands-on experience with SIEM tooling, alerts triage, detection logic, and security incident workflows. Ability to write and optimise detection queries (e.g. in KQL), review firewall and security logs, manage ...

candidates from general SOC or InfoSec backgrounds, sector experience is a bonus, not a requirement. What you’ll be doing: Operate, tune and configure SIEM tools Monitor and triage security alerts, applying custom queries (e.g. KQL) and correlation rules to detect suspicious activity. Investigate security incidents across endpoints, networks, and … and security posture improvements. What we’re looking for: Strong working knowledge of Microsoft security stack (e.g. Sentinel, Defender) and hands-on experience with SIEM tooling, alerts triage, detection logic, and security incident workflows. Ability to write and optimise detection queries (e.g. in KQL), review firewall and security logs, manage ...

candidates from general SOC or InfoSec backgrounds, sector experience is a bonus, not a requirement. What you'll be doing: Operate, tune and configure SIEM tools Monitor and triage security alerts, applying custom queries (e.g. KQL) and correlation rules to detect suspicious activity. Investigate security incidents across endpoints, networks, and … and security posture improvements. What we're looking for: Strong working knowledge of Microsoft security stack (e.g. Sentinel, Defender) and hands-on experience with SIEM tooling, alerts triage, detection logic, and security incident workflows. Ability to write and optimise detection queries (e.g. in KQL), review firewall and security logs, manage ...

They're keen to move quickly for the right person. What you'll be doing As SOC Analyst, you will: Operate, tune and configure SIEM tools Monitor and triage security alerts, applying custom queries (e.g. KQL) and correlation rules to detect suspicious activity. Investigate security incidents across endpoints, networks, and … security operations/incident-response role. Strong working knowledge of Microsoft security stack (e.g. Sentinel, Defender) and hands-on experience with SIEM tooling, alerts triage, detection logic, and security incident workflows. Ability to write and optimise detection queries (e.g. in KQL), review firewall and security logs, manage email/ ...

environment, with a deep understanding of how SOC operations integrate with IR.* Expert knowledge of technologies such as Microsoft security stack, DFIR tooling, SIEM, Microsoft Defender/Sentinel, EDR platforms, timeline analysis, and cloud environments (Azure, AWS, or GCP).* Exposure to penetration testing, including red team or purple team … client's supplier list for this position. Keywords Incident Response, Cyber Incident Responder, DFIR, Digital Forensics, SOC Analyst, Lead Incident Responder, Cybersecurity Analyst, SIEM, Microsoft Sentinel, Microsoft Defender, EDR, Azure Security, AWS Security, GCP Security, Threat Hunting, Cyber Threat Intelligence, MITRE ATT&CK, Red Team, Purple Team, Malware Analysis, Cyber ...

environment, with a deep understanding of how SOC operations integrate with IR. * Expert knowledge of technologies such as Microsoft security stack, DFIR tooling, SIEM, Microsoft Defender/Sentinel, EDR platforms, timeline analysis, and cloud environments (Azure, AWS, or GCP). * Exposure to penetration testing, including red team or purple team … client's supplier list for this position. Keywords Incident Response, Cyber Incident Responder, DFIR, Digital Forensics, SOC Analyst, Lead Incident Responder, Cybersecurity Analyst, SIEM, Microsoft Sentinel, Microsoft Defender, EDR, Azure Security, AWS Security, GCP Security, Threat Hunting, Cyber Threat Intelligence, MITRE ATT&CK, Red Team, Purple Team, Malware Analysis, Cyber ...

rules, dashboards, and reports for our Security Information and Event Management (SIEM) systems. This role requires a strong understanding of security procedures and experience working with SIEM platforms and within an MSSP environments where you may be working across multiple operational customers and projects. Hybrid Variable: Working in Hemel Hempstead … Clearance. What you'll be doing: Develop, deploy, and uphold security content (including rules, dashboards, and reports) for our SIEM system. Continuously monitor and analyse SIEM data to identify and respond to potential security threats. Collaborate with SOC Analysts, Architects, Project Managers & Engineers to improve the precision and efficiency ...

audits, and ensure compliance with GDPR and ISO 27001. Oversee security operations, including monitoring, threat detection, and incident response. Manage security tools and processes: SIEM (Azure Sentinel), firewalls, endpoint protection, and identity management. Ensure secure configuration, patch management, and vulnerability remediation. Lead incident response and recovery, including investigations and post … cybersecurity, IT security, or risk management. Strong knowledge of cybersecurity frameworks (Cyber Essentials, ISO 27001). Hands-on experience with: Azure Sentinel and other SIEM tools Microsoft 365 security Azure-hosted environments Proven ability in incident response, compliance programs, and risk management. ...

Skills: Proven Presales experience working for a Solutions Provider Strong Cyber Security Technical background. Cisco/Palo/Fortinet/Crowdstrike/Tenable Siem/XDR/MDR/SSE/SASE/Zerotrust Gather requirements, RFI's, RFP's Produce exceptional High level Solution Design. ...

/AWS security configuration. Experience of security automation. Knowledge of information security concepts and technologies such as IDS, email gateways and desktop security products, SIEM and SOAR platforms, web application firewalls and vulnerability management tools. Experience of SIEM toolsets including the ELK stack essential. Software development abilities at a senior ...

understand and proactively manage risk across the technology estate at both the national and force level. Key Responsibilities Development, maintenance, and deployment of SIEM detection rules for complex technical environments. Working alongside wider NMC functions, maintain knowledge of the threat landscape and TTPs employed by threat actors. Work across wider … Optimization of log collection to align with detection requirements. Maintain documentation for detection rules to be used by analysts. Scoping, testing and implementing new SIEM data connectors. Working with wider NMC teams, contributing to Continual Service Improvement and innovations. Support with the creation of automation and analyst playbooks What ...

vulnerability management activities and ensure effective patch governance. Support cloud security programmes and the development of secure architecture patterns. Lead enhancements to threat detection, SIEM/SOC processes, and endpoint security controls. Provide clear communication to technical and non-technical stakeholders regarding risks, incidents, and mitigation strategies. Required Skills & Experience … CISSP, CCSP, GICSP, or equivalent knowledge. Ability to communicate complex cyber risks to a range of audiences, including senior leadership. Hands-on experience with: SIEM/SOC operations XDR/EDR platforms and vulnerability management tools Cloud security controls and best practices CNAPP or similar cloud-native protection solutions Working ...

likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible for UK SC Clearance. Key Responsibilities … Develop, maintain, and optimise detection content (primarily within Splunk SIEM) to identify threats across cloud, endpoint, and network environments. Collaborate across security functions to identify gaps in logging, alerting, and detection coverage aligned to business risk. Improve SecOps processes by recommending enhanced logging, identifying trends, and driving operational optimisation. Conduct ...

likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible for UK SC Clearance. Key Responsibilities … Develop, maintain, and optimise detection content (primarily within Splunk SIEM) to identify threats across cloud, endpoint, and network environments. Collaborate across security functions to identify gaps in logging, alerting, and detection coverage aligned to business risk. Improve SecOps processes by recommending enhanced logging, identifying trends, and driving operational optimisation. Conduct ...

effective cyber incident detection, response, and threat mitigation across cloud, endpoint, and network environments. Key Responsibilities: Develop, maintain, and enhance security detection content for SIEM platforms (e.g., Splunk) to detect threats across diverse environments. Collaborate with security teams to identify gaps in detection, logging, and alerting based on business risks … . Required Experience & Skills: Strong technical expertise in cybersecurity, including threat hunting, attacker tactics, monitoring, alerting, and incident response. Experience with detection engineering and SIEM alert development. Solid understanding of core cybersecurity concepts: network security, cloud security, cryptography, and forensics. Familiarity with scripting or programming (Python, Bash, C/C++ ...

logs, and alerts to identify suspicious privileged activity. Lead audits, risk assessments, and remediation activities related to privileged access. Maintain CyberArk integrations with AD, SIEM, ticketing systems, DevOps pipelines, cloud platforms, and applications. ...

logs, and alerts to identify suspicious privileged activity. Lead audits, risk assessments, and remediation activities related to privileged access. Maintain CyberArk integrations with AD, SIEM, ticketing systems, DevOps pipelines, cloud platforms, and applications. ...

Centres working within a high-threat government environment: Experience in SOC operations, incident response, and forensic analysis. Proficiency in Security Information and Event Management (SIEM), including tools such as Sentinel, Splunk, Defender, Qualys, Tenable, Huntsman & LogRhyth Ability to perform triage of security events to determine their scope, priority, and impact ...

and analysis. • Incident readiness and handling as part of the Computer Security Incident Response (CSIRT) team. • Monitor and administer Security Information and Event Management (SIEM). • Malware analysis and forensics research. • Understanding/differentiation of intrusion attempts and false positives. • Investigation tracking and threat resolution. • Vulnerability identification & mitigation/remediation. ...

senior security leaders, with the ability to diagnose challenges and deliver strategic recommendations 10+ years of hands-on experience in deploying and integrating SIEM/security analytics solutions within large enterprise environments 8+ years of experience with Security Operations Center (SOC) tooling, processes, and workflows Hands-on technical mastery across … SIEM, SOAR, EDR, cloud security, and threat intelligence Ability to conceive, architect, and develop effective correlation and detection rules Familiarity with a range of SIEM technologies, such as Splunk and IBM QRadar, is a plus. Strong expertise in Regular Expressions (Regex) Relevant bachelor's degree or industry-recognized qualifications (CISSP ...

senior security leaders, with the ability to diagnose challenges and deliver strategic recommendations 10+ years of hands-on experience in deploying and integrating SIEM/security analytics solutions within large enterprise environments 8+ years of experience with Security Operations Center (SOC) tooling, processes, and workflows Hands-on technical mastery across … SIEM, SOAR, EDR, cloud security, and threat intelligence Ability to conceive, architect, and develop effective correlation and detection rules Familiarity with a range of SIEM technologies, such as Splunk and IBM QRadar, is a plus. Strong expertise in Regular Expressions (Regex) Relevant bachelor's degree or industry-recognized qualifications (CISSP ...

senior security leaders, with the ability to diagnose challenges and deliver strategic recommendations 10+ years of hands-on experience in deploying and integrating SIEM/security analytics solutions within large enterprise environments 8+ years of experience with Security Operations Center (SOC) tooling, processes, and workflows Hands-on technical mastery across … SIEM, SOAR, EDR, cloud security, and threat intelligence Ability to conceive, architect, and develop effective correlation and detection rules Familiarity with a range of SIEM technologies, such as Splunk and IBM QRadar, is a plus. Strong expertise in Regular Expressions (Regex) Relevant bachelor's degree or industry-recognized qualifications (CISSP ...