401 to 425 of 513 SIEM Jobs in the UK

likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible for un-caveated UK SC Clearance. … Responsibilities Develop, maintain, and optimise detection content (primarily within Splunk SIEM) to identify threats across cloud, endpoint, and network environments. Collaborate across security functions to identify gaps in logging, alerting, and detection coverage aligned to business risk. Improve SecOps processes by recommending enhanced logging, identifying trends, and driving operational optimisation. ...

likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible for un-caveated UK SC Clearance. … Responsibilities Develop, maintain, and optimise detection content (primarily within Splunk SIEM) to identify threats across cloud, endpoint, and network environments. Collaborate across security functions to identify gaps in logging, alerting, and detection coverage aligned to business risk. Improve SecOps processes by recommending enhanced logging, identifying trends, and driving operational optimisation. ...

detect and respond to threats quickly and efficiently. Install, configure and maintain security monitoring tools Ensure SOC tooling is optimised and operating effectively Support SIEM platforms and threat intelligence tooling Work with teams to assess risk and design security controls Apply updates, patches and follow change processes Stay current with … emerging threats and recommend improvements SOC ENGINEER ESSENTIAL SKILLS Strong understanding of information security fundamentals Experience with SIEM tools such as Sentinel or Splunk Familiarity with security monitoring technologies Analytical mindset with strong problem solving skills Ability to manage multiple priorities and meet deadlines Strong communication and collaboration skills ...

and high-fidelity threat detection across enterprise environments. This role goes beyond reactive alert handling. You will actively hunt for malicious activity using telemetry, SIEM data, and threat intelligence, develop hypotheses based on MITRE ATT&CK Tactics, Techniques, and Procedures (TTPs), and support incident management and response activities when threats … hunting, cyber threat detection, SOC, blue team, or cyber defence environments, with ideally around five years hands on experience. Strong hands-on experience using SIEM platforms, including: Microsoft Sentinel (KQL) Splunk (SPL) Elastic Security/Kibana (KQL, ESQL) Practical and operational understanding of MITRE ATT&CK, attacker techniques, and adversary ...

investigate incidents and deliver containment, remediation, and root cause analysis; produce high-quality intel-informed incident reports. Create and tune detections (e.g., SIEM/SOAR, EDR) using intelligence signals (TTPs, behaviors, YARA/Sigma where applicable). Produce and present consumable intelligence outputs (e.g., flash alerts, threat overviews, executive briefs … system, application, and cloud/SaaS logs to investigate security and operational issues; comfort enriching with IOCs and behaviours. Hands-on experience with a SIEM (Splunk preferred) for investigations, alert creation, reporting, and threat hunting. Ability to produce clear, actionable intel and incident reports, including executive-ready summaries and visuals. ...

events Drive proactive threat hunting campaigns to identify emerging threats, vulnerabilities, and anomalous behaviour Develop and improve detection logic, alerting, and monitoring content within SIEM platforms including Elastic Stack Analyse threat intelligence, indicators of compromise (IOCs), and attacker TTPs to strengthen detection capability Produce detailed post-incident reports with clear … leadership, curiosity, and a proactive mindset. You should have experience in areas such as: Security Operations Centre (SOC) environments Threat hunting and incident response SIEM technologies, ideally Elastic Stack Threat intelligence and attacker methodologies Windows and Linux operating systems Networking fundamentals including protocols, IP addressing, and traffic analysis Understanding ...

Cyber Security Engineer required by an established, global asset management firm based near Bank station to join a focused, high-impact 3-person IT Security team. It is a hybrid role (3 days office, 2 ...

perks! Governance and Cyber Security Coordinator – Key Skills: 1–3 years of experience in IT governance, cybersecurity, or compliance roles Familiarity with GRC and SIEM tools Familiarity with ISO 27001 and SOX frameworks Expertise in Excel and Word Governance and Cyber Security Coordinator Due to the volume of applications received ...

subject‐matter expert and primary point of contact for all cybersecurity matters. This role also includes responsibility for operational partnerships, such as managed SOC, SIEM and threat‐management services, and ensuring we continue to mature our security posture in line with recognised frameworks like ISO 27001, NIST and CIS Controls. … CISM, CCSP, ISO 27001 Lead Implementer/Auditor, CEH or GIAC. Experience managing security certifications, third‐party risk programmes and assurance activities. Exposure to SIEM engineering, SOAR, IaC security (Terraform/Bicep), scripting for automation, and security tooling optimisation. Knowledge of the water industry or its regulatory landscape. Previous management ...

large scale Imperva Data Activity Monitoring platform within a complex enterprise environment. Responsibilities include managing the security estate, supporting integrations with Active Directory and SIEM, and driving automation for efficiency. Candidates must possess strong Linux administration skills and experience with Imperva DAM. The position offers a hybrid work model primarily ...

and Storage on Edge - Content Delivery Network and Edge Computing - Border Gateway Protocol (BGP) and ACL's - Zero Trust Architecture - Load Balancing - Threat Intelligence, SIEM Data and Traffic Reporting - Proxies and Reverse Proxies to manage Ingress/Egress - Cloud infrastructure, particularly ...

security policy deployment FortiAnalyzer Centralised logging and reporting strategy SOC integration and event correlation Incident and event handling workflows Compliance reporting and audit outputs SIEM interoperability and operational analytics Secure SD-WAN SLA rule creation and traffic steering Link health checks and performance optimisation ADVPN architecture and dynamic overlay networking ...

NIST, ISO/IEC 27001, and CIS Evaluate, select, and integrate security technologies including: Identity and Access Management (IAM) Security Information and Event Management (SIEM) Endpoint Detection and Response (EDR) Data Loss Prevention (DLP) Web Application Firewalls (WAF) Encryption and key management solutions Collaborate with engineering, DevOps, and IT teams ...

workshops, stakeholder sessions, and requirement discussions Support UAT, validation, and policy rollouts Track project progress, risks, and deliverables Assist in evaluating NAC tools & integrations (SIEM, CMDB, ITSM) Required Skills & Experience Senior Business Analyst (enterprise/financial services preferred) Strong experience with NAC tools – Forescout preferred Solid network fundamentals (VLANs, 802.1X ...

recovery governance, and secure operational restoration. IT/OT Integration Assurance: Collaborate with cross-functional architecture and engineering teams to govern system onboarding (e.g., SIEM/SOC infrastructure monitoring) across both corporate enterprise and industrial Operational Technology (OT/SCADA) environments. Requirements Governance: Create procurement-grade business analysis artifacts, including ...

while maintaining compliance with regulatory and data protection standards. As our Security Operations Engineer, you will typically: Operate and optimise core security operations tooling (SIEM, DLP, IAM, endpoint protection) to safeguard systems and data Develop, implement, and monitor KPIs and dashboards to measure detection effectiveness, incident response performance, data protection … Microsoft Sentinel, Microsoft Purview, Defender suite, and Entra ID Security Operations (SecOps) expertise covering monitoring, triage, investigation, and incident response Microsoft Sentinel for advanced SIEM, SOAR, and threat detection use cases Identity and Access Management (IAM) including privileged access management and Zero Trust principles Endpoint, email, and cloud threat protection ...

Engineer, Infrastructure Security Engineer, Network Security Engineer, Platform Security Engineer, Cyber Security Engineer or DevSecOps Engineer with strong enterprise firewalling, secure infrastructure, Elastic/SIEM, public cloud security and hands-on security engineering experience. This is a senior, hands-on role working across firewalling, on-premise and cloud security, secure … Working with VMware NSX/vDefend security controls, including distributed firewall policies and micro-segmentation Working with Elastic Stack/Elastic Security for logging, SIEM, monitoring, threat detection and dashboards Supporting AWS/public cloud security across secure and regulated environments Hardening Windows Server environments, Active Directory, Group Policy and ...

Skill‐Based Requirements) 1. Microsoft Sentinel & Advanced Analytics (You will use and lead with these skills daily) Deep expertise in Microsoft Sentinel architecture, tuning, SIEM/UEBA, KQL, custom detections and threat hunting. Strong hands‐on experience with: Agentic AI for Security Sentinel Data Lake (pipelines, analytics, cost optimisation … Strong communication, stakeholder management, and ability to influence global cyber defence functions. Qualifications The Requirements Deep hands‐on expertise in Microsoft Sentinel, including architecture, SIEM/UEBA, KQL, custom detections, automation, Sentinel Data Lake, MCP, Sentinel Graph, and Agentic AI‐driven security. Strong experience with Wiz (Wiz Defend, Runtime Sensor ...

will apply hands-on engineering expertise to design, build, and optimise automation workflows that improve the scalability and efficiency of SOC services. Working across SIEM, endpoint, and orchestration platforms (primarily Palo Alto XSOAR), you will reduce analyst workload, accelerate incident response, and enhance decision-making across customer environments. Key Responsibilities … Sales Support – Assist with demos, scoping, and proof-of-value activities where required. Core Duties Automation Design & Development Build and maintain workflows across SIEM, EDR, and SOAR platforms Develop reusable scripts, templates, and components Ensure solutions support secure, multi-tenant environments Integration & Response Automation Orchestrate containment, enrichment, and remediation actions ...

actively recruiting a Security Solution Architect in Reading, UK. The role includes understanding packet core security and managing security products like firewalls and SIEM systems. Ideal candidates will have a bachelor’s degree and significant experience in telecom security and 5G core networks. You will map customer requirements, provide security ...

enterprise Firewalls (Palo Alto, Cisco), WAF/DDoS protection (Imperva), and Microsoft Gateways. Threat Detection & Response: Oversee email/web security gateways (Mimecast, Menlo), SIEM/SOAR platforms, and EDR/XDR alert response (CrowdStrike, Rapid7 IDR). Identity & Access Management: Administer MFA/SSO protocols using Okta and Microsoft ...

and Privileged Access Management (PAM). Lead threat monitoring, detection, and response using cloud‐native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC 2, FCA). Conduct regular security risk assessments, penetration tests, and … Conditional Access, SSO, and Privileged Access Management (PAM). Threat Management & Incident Response: Ability to detect, respond to, and mitigate cyber threats using SIEM, endpoint security, and vulnerability management tools. Networking & Infrastructure Security: Understanding of firewalls, VPNs, SD‐WAN, DNS security, endpoint protection, and cloud security controls. IT Service Management ...

Cyber Security, with the following skills and experience: Experience in SOC operations, incident response, and forensic analysis. Proficiency in Security Information and Event Management (SIEM), including tools such as Splunk, Defender, and Tenable Threat Modelling System solutions, as well as with IDS/IPS and vulnerability scanners. Ability to perform ...

Security remediation & vulnerability management JIRA/Agile delivery environments Strong stakeholder management & delivery ownership Nice to have: BAM/governance programme experience Datadog/SIEM/EDR exposure Pen testing remediation OWASP/Secure SDLC knowledge Cloud/container security exposure The client is looking for someone proactive, organised, and ...

clear commercial reporting to stakeholders Main Skills Needed: Proven experience in strategic account management and Cybersecurity technologies, services and solutions (Inclusive of SOC/SIEM, EDR, MDR, Security Assessments, GRC etc.) Consultative in approach, able to identify growth opportunities within existing accounts to develop relationships and position new solutions that ...