376 to 400 of 1,591 SIEM Jobs in the UK

technical labs, and awareness programs. Capability building within existing teams, for example building an incident response team within the organization. Help building their internal capabilities. Managed Security Services: Microsoft SIEM and SOAR Solutions. Using Sentinel and Microsoft Defender when it comes to OPS and XDRS (Extended Detection and Response), endpoint security. Providing continuous monitoring, incident response, security operation, and proactive More ❯

do attitude. A strong believer of security as an enabler to support business growth Position requires on call and overtime if there are very serious cyber attacks Knowledge of SIEM tooling, including experience in writing and developing advanced hunting queries. Experience Needed To Fulfil The Role Comprehensive experience of managing serious Cyber Incidents, as an Digital forensic incident responder. Experience More ❯

systems, actions taken, and improvement recommendations. Prepare clear, well-structured reports for both technical and non-technical stakeholders. Technical Skills: Experience in incident response and investigation using tools like SIEM, SOAR, and EDR platforms. Proficiency in digital forensics and log analysis across Networking, Windows, Mac, Linux, or Cloud environments. Strong understanding of evidence collection and prioritisation procedures. In-depth knowledge More ❯

Collaborate with DevOps to embed security in our pipeline Raise security awareness across the company What You Bring: Experience in a security analyst or InfoSec role Hands-on with SIEM tools, cloud security (AWS/Azure), firewalls Knowledge of security frameworks and regulations (FCA, GDPR) Certs like Security+, CEH, or CISSP are a plus Perks: Hybrid work (2–3 days More ❯

Collaborate with DevOps to embed security in our pipeline Raise security awareness across the company What You Bring: Experience in a security analyst or InfoSec role Hands-on with SIEM tools, cloud security (AWS/Azure), firewalls Knowledge of security frameworks and regulations (FCA, GDPR) Certs like Security+, CEH, or CISSP are a plus Perks: Hybrid work (2–3 days More ❯

society by helping businesses stay resilient through proactive security solutions and trusted partnerships. Responsibilities: As a Security Operations & Threat Intelligence Analyst, you will monitor and investigate security alerts using SIEM tools, conduct threat hunting, and analyze suspicious activity. You ll gather and report threat intelligence, update detection rules and response playbooks, and collaborate across teams to improve security. You ll … required: • 3+ years of experience in Security Operations, Threat Intelligence, or Incident Response roles • Proficient in analyzing logs, network traffic, malware behavior, and attack vectors • Hands-on experience with SIEM tools (e.g., Splunk, QRadar, Sentinel) and EDR solutions • Familiar with threat intelligence platforms (e.g., MISP, Recorded Future, ThreatConnect) • Scripting experience in Python, Bash, or similar for automation and analysis • Must More ❯

We are seeking a highly skilled and experienced OT Senior Cyber Security Analyst to join our Security Operations team at Thames Water. As the UK's largest water company, we are committed to ensuring security and compliance, protecting critical infrastructure More ❯

keep this simple. A FTSE that doesn’t cut corners - is hiring a Cyber Security Operations Engineer . If you're the kind of person who spots anomalies before SIEM alerts even pop, talks in MITRE ATT&CK when stressed, and dreams in hex - we want to hear from you. You’ll report to the Cyber Security Operations Manager and … It's for professionals who understand that cyber threats don't respect business hours. What You'll Actually Be Doing (Because Job Titles Mean Nothing Without Context): Monitoring our SIEM platform like a hawk with insomnia Responding to EDR alerts and sifting through digital noise to find the signal Triage, incident response, risk analysis - the full SOC works Digging into More ❯

and log management. Experience analysing log data and network security events. Desirable Skills: Understanding of static malware analysis and reverse engineering. CREST Practitioner Intrusion Analyst certification. Familiarity with additional SIEM tools such as QRadar. Benefits: 25 days annual leave, with the option to purchase more Health cash plan Life assurance Pension scheme Generous flexible benefits fund More ❯

Experience communicating with senior staff and conveying technical info to non-technical audiences. Self-motivated with a positive attitude, viewing security as an enabler for business growth. Knowledge of SIEM tools and advanced hunting queries. Experience Needed: Managing serious cyber incidents as a digital forensic incident responder. Operating within large, complex enterprise environments. Understanding security monitoring, intrusion detection, firewalls, anti More ❯

across teams and disciplines such as Infrastructure and Architecture within an agile environment. This position supports the bank's Security, Digital, and Cloud strategies. Duties and responsibilities Experience with SIEM tools (MS Sentinel advantageous) Understanding of Web technologies and Web Application Firewalls (WAF) Knowledge of Windows Server infrastructure (2012, 2016, 2019), Active Directory, and Azure AD Ability to understand and More ❯

SOC Development and Continuous Improvement Assist the Head of SOC in driving the development and maturity of SOC capabilities, processes, and workflows. Configure and enhance SOC tools such as SIEM, EDR, and SOAR platforms to stay ahead of emerging threats. Develop and refine detection use cases, playbooks, and operational procedures to enhance efficiency and resilience. Detection Engineering and Threat Hunting … tactics, techniques, and procedures (TTPs). Strong knowledge of forensic investigations across Windows, Linux, and Unix environments. Deep understanding in the operation, configuration and deployment of SOC technologies, including SIEM (e.g., Sentinel, Splunk, QRadar), EDR (e.g., CrowdStrike, SentinelOne, Defender), and SOAR platforms. Strong practical knowledge of SOC Operating processes, Threat hunting and the development of response playbooks. Experience with forensic More ❯

systems, actions taken, and improvement recommendations. Prepare clear, well-structured reports for both technical and non-technical stakeholders. Technical Skills: Experience in incident response and investigation using tools like SIEM, SOAR, and EDR platforms. Proficiency in digital forensics and log analysis across Networking, Windows, Mac, Linux, or Cloud environments. Strong understanding of evidence collection and prioritisation procedures. In-depth knowledge More ❯

skills.Strong communication and interpersonal skills.Ability to work effectively under pressure in a fast-paced environment.In-depth knowledge of security principles and practices.Proficiency in common security tools and technologies (e.g., SIEM, IDS/IPS, EDR). Certifications: Industry certifications such as CISSP, CISM, or SANS GIAC are a plus. On-call: This role is part of an on-call rota What More ❯

Infrastructure/Information Systems). It will cover analysis, monitoring, reporting, alerting and investigation activity utilising a wide variety of security platforms including AI/ML and behavioural analytics, SIEM (Security Information Event Management), Network Packet Capture platform, Anti Malicious Code, Threat Detection technologies and platforms across the UK Network Perimeter working with the best standard technologies. KEY RESPONSIBILITIES: Effective More ❯

Framework, SANS Incident Handling Process). Experience with threat intelligence analysis, including the use of threat intelligence feeds and platforms. Familiarity with network security monitoring tools, SIEM (Security Information and Event Management) systems, and other security technologies. Additional Information Benefits The chance to enjoy a challenging career in an exciting, fast-moving environment in a dynamic industry, working in a More ❯

on incident resolution and containment techniques. Act as the lead coordinator to individual information security incidents. Mentor security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks (tools, techniques, procedures) in support of technologies managed by the Security Operations Centre. Document incidents from initial detection through final resolution. Ensure threat management, threat … Filtering, Database Activity Monitoring (DAM), Public Key Infrastructure (PKI), Data Loss Prevention (DLP), Identity and Access Management (IAM), and SOC advancements such as EDR and SOAR. Good knowledge of SIEM technologies, like Google Chronicle, Splunk ES, or QRadar. In-depth familiarity with security policies based on industry standards and best practices. Experienced within the information security field, with emphasis on More ❯

Have a demonstrated knowledge of common intrusion methods and cyber-attack tactics, techniques, and procedures (TTPs). Exhibit skills using common Incident Response and Security Monitoring?applications such as SIEM (Splunk), EDR (FireEye HX, CrowdStrike Falcon, McAfee mVision EDR.), WAF, IPS Additional Information Benefits Package Includes Flexible work environment, working hybrid or in the office if you prefer. Great compensation More ❯

mitigate sophisticated cyber threats, leveraging a variety of tools, techniques, and data sources Research, document, and develop Use Cases and Hypotheses for proactive hunting in cyber security tools including SIEM, EDR, and IDS/IPS (extract TTPs and behaviors from research to apply to logging and tool queries/hunts and detections) Research, document and develop threat detections based on … certification (or equivalent) Experience with threat intelligence and SOC/CIRT interaction Splunk experience is highly preferred Scripting or automation knowledge, especially Python experience is highly preferred Experience with SIEM, EDR solutions, network monitoring tools, and other cyber security tools Experience with threat intelligence vendors Ability to work on-site at least twice a week in London and/or More ❯

and innovation teams, ensuring the secure operation of their services. Key Responsibilities: Implement and manage security tools and technologies: Deploy and manage security solutions such as Microsoft Sentinel for SIEM and Tanium for Threat and Vulnerability Management (TVM). Conduct security assessments and vulnerability scans: Regularly assess the security posture of applications and infrastructure, identifying and mitigating vulnerabilities. Monitor and More ❯

to lead complex projects and make a tangible impact? We're looking for a Senior Cyber Engineer, with experience in designing and deploying Rapid7 , SentinelOne, (or similar XDR, MDR, SIEM, ) in an AWS environment, for our clients growing team in Crawley. The role will be a mixture of office and remote based work, with travel to client sites where needed. … the cyber resilience function. What You'll Bring Proven experience in threat intelligence, risk management, incident response, compliance (e.g., GDPR, ISO 27001), and security architecture. Hands-on experience with: SIEM Rapid7, InsightIDR XDR (SentinelOne preferred) Firewalls (Fortinet preferred) PAM (Delinea preferred) SSE/ZTNA (Netskope preferred) Cloud security/CNAPP SOAR Automation tools (Ansible, Terraform) A track record of leading … are interested in the above role - Click the 'Apply Now' button now for immediate review Senior Rapid7 Engineer, Rapid7 Engineer, Senior Rapid7 Engineer, Cyber Engineer, Cyber Architect, Rapid7, Delinea, SIEM, XDR, Sentinel, Fortinet Circle Recruitment is acting as an Employment Agency in relation to this vacancy. Earn yourself a referral bonus if you refer somebody else who fills the role More ❯

the cyber resilience function. What You'll Bring Proven experience in threat intelligence, risk management, incident response, compliance (e.g., GDPR, ISO 27001), and security architecture. Hands-on experience with: SIEM Rapid7, InsightIDR XDR (SentinelOne preferred) Firewalls (Fortinet preferred) PAM (Delinea preferred) SSE/ZTNA (Netskope preferred) Cloud security/CNAPP SOAR Automation tools (Ansible, Terraform) A track record of leading … you are interested in the above role - Click the 'Apply Now' button now for immediate review Principal Cyber Consultant, Cyber Consultant, Principal Cyber Consultant, Principal Cyber Consultant, Rapid7, Delinea, SIEM, XDR, Sentinel, Fortinet Circle Recruitment is acting as an Employment Agency in relation to this vacancy. Earn yourself a referral bonus if you refer somebody else who fills the role More ❯

the cyber resilience function. What You'll Bring Proven experience in threat intelligence, risk management, incident response, compliance (e.g., GDPR, ISO 27001), and security architecture. Hands-on experience with: SIEM Rapid7, InsightIDR XDR (SentinelOne preferred) Firewalls (Fortinet preferred) PAM (Delinea preferred) SSE/ZTNA (Netskope preferred) Cloud security/CNAPP SOAR Automation tools (Ansible, Terraform) A track record of leading … you are interested in the above role - Click the 'Apply Now' button now for immediate review Senior Cyber Consultant, Cyber Consultant, Senior Cyber Consultant, Senior Cyber Consultant, Rapid7, Delinea, SIEM, XDR, Sentinel, Fortinet Circle Recruitment is acting as an Employment Agency in relation to this vacancy. Earn yourself a referral bonus if you refer somebody else who fills the role More ❯

taken, and recommendations for future improvements. Prepare comprehensive reports for clients. Technical skills: Demonstrated experience in responding to and investigating incidents whilst utilizing various monitoring, detection and investigation tooling – SIEM, SOAR, EDR etc. Proficiency in log analysis of Networking, Windows, Mac and Linux and Cloud. Understanding of evidence collection process based on priority. Strong understanding of incident response following NIST More ❯

clients. This Junior SOC Analyst role will be an integral member of the Security Operation Centre. They will help identify and analyse potential threats utilising a number of different SIEM & EDR tools. To be a key member of Security Operations Centre (SOC) and provide real-time threat analysis and detection. Respond to system generated alerts, analyse logs and traffic patterns. … years UK residency) 1-3 years' experience as a Security/Network Administrator orequivalent Bachelor's degree in a related field or equivalent experience and knowledge Experience working with SIEM systems Industry standard certifications such as: CompTIA Security+, CompTIA Network+, CompTIA CySa+, Cisco CCNA, EC-Council CEH, and/or relevant specialized degree in Cyber Forensics or Computer Science. Kroll More ❯