51 to 75 of 1,418 SIEM Jobs in the UK

Join to apply for the Cyber Security Analyst role at The Economist . Get AI-powered advice on this job and more exclusive features. Who We Are We are an organisation that exists to drive progress. That's the “red More ❯

and liaise with the custiomer and the Service Delivery Manager as well and ensuring the actions of the SOC Analysts follow best practice. Job Duties Security Monitoring: & Investigation: Monitoring SIEM tools to assure high a level of security operations delivery function Oversee and enhance security monitoring systems to detect and analyse potential security incidents. Conduct real-time analysis of security … vulnerabilities, integrating threat intelligence into security monitoring processes. Contribute to the development of threat intelligence feeds to enhance proactive threat detection. Proactively hunt for threats within enterprise environments using SIEM and EDR solutions. Fine-tune SIEM detection rules, correlation alerts, and log sources to reduce false positives. Analyse threat intelligence feeds, map findings to MITRE ATT&CK framework, and provide … mechanisms. Conduct adversary simulation exercises to test and improve detection capabilities. Generate detailed reports on emerging threats, attack trends, and security posture improvements. Monitored and analysed security logs from SIEM platforms to identify suspicious activity. Security Tool Management: Manage and optimise SIEM tools, ensuring they are properly configured and updated to maximize effectiveness. Own the development and implementation of SOC More ❯

cause analysis and liaise with the customer and the Service Delivery Manager as well and ensuring the actions of the SOC Analysts follow best practice. Security Monitoring: & Investigation: Monitoring SIEM tools to assure high a level of security operations delivery function Oversee and enhance security monitoring systems to detect and analyse potential security incidents. Conduct real-time analysis of security … vulnerabilities, integrating threat intelligence into security monitoring processes. Contribute to the development of threat intelligence feeds to enhance proactive threat detection. Proactively hunt for threats within enterprise environments using SIEM and EDR solutions. Fine-tune SIEM detection rules, correlation alerts, and log sources to reduce false positives. Analyse threat intelligence feeds, map findings to MITRE ATT&CK framework, and provide … mechanisms. Conduct adversary simulation exercises to test and improve detection capabilities. Generate detailed reports on emerging threats, attack trends, and security posture improvements. Monitored and analysed security logs from SIEM platforms to identify suspicious activity. Security Tool Management: Manage and optimise SIEM tools, ensuring they are properly configured and updated to maximize effectiveness. Own the development and implementation of SOC More ❯

hours. Support Major Incident Response activity, from a Protective Monitoring perspective, including supporting teams in identification, containment, and remediation of security related threat. Identify opportunities for SOC and client SIEM platform configuration improvements, use case development, monitoring rule creation, tuning & optimization. Assist in architectural design to facilitate the onboarding of new information systems, including the assessment, parsing, onboarding of log … as an MSSP, including Lighthouse, and management and multi-customer environments using DevOps. Level 3 SOC Analyst/Senior Cyber Security and/or security operations experience. Experience with SIEM platforms, including IBM QRadar, Microsoft Sentinel and LogRhythm. In-depth experience with Microsoft Sentinel, including use case and rule development, workbook/playbook creation, KQL & Logic Apps/SOAR. Experience … of onboarding, tuning, reporting, and configuring SIEM solutions. Experience of threat intelligence. Leadership and mentoring experience and skills. Understanding of low-level concepts including operating systems and networking. Commercial experience in Penetration Testing and/or Security Monitoring. Understanding of networking and infrastructure design. Knowledge/experience of one or more System administration (Linux, Windows, Mac). Cyber security degree More ❯

desirable. Minimum 5 years experience in Information Security. Proficiency in security frameworks like NIST, implementing and auditing security measures. Knowledge of Cisco networking, firewalls, VPN, DLP, IDS/IPS, SIEM, and related technologies. Experience with identity access management solutions such as SAML, OAuth. Relevant security certifications (e.g., CISSP, CISM, CEH) are highly desirable. Ability to analyze and recommend security improvements. More ❯

of applications by implementing secure coding practices, conducting code reviews, and performing vulnerability assessments. Information Security: Protect sensitive information by developing and enforcing security policies and procedures. Maintain the SIEM tools, make sure security logs generated from security systems and devices are configured and safeguarded properly. Incident Response: Investigate security breaches, conduct forensic investigations, and mount incident responses. System Audits … ICO, familiar with GDPR regulation. Strong knowledge of IT internal control and audit, information security officer is highly recommended. Network Security (Routing, Firewall, Switch, Internet Gateway) and Security Products (SIEM, EDR, etc.), familiar with SIEM tools such as Splunk, Solarwinds, ManageEngine, etc. Documentation: Document any security breaches and assess their damage. Requirements: Education: Bachelor's degree in Computer Science, Cybersecurity … Windows Server MCSE- Microsoft Certified Solution Expert; MCITP-Microsoft Certified IT Professional; VMware Certified Professional; CCNA/CCNP Experience with security tools and technologies such as intrusion detection systems, SIEM, and vulnerability management tools. Familiarity with regulatory requirements and industry standards related to IT security. If you're interested in this role, click 'apply now' to forward an up-to More ❯

Role Overview: Utilising knowledge of security operations, incident response, and detection engineering, you will be responsible for the delivery of SIEM detections and security automations. The successful candidate will be proficient in automation and orchestration tools (e.g., SOAR platforms, scripting languages like Python, PowerShell) and have experience with integrating security tools (e.g., SIEM, EDR, firewalls) APIs, and Case Management tools … for data enrichment. Responsibilities: Build security automations, logging, and SIEM detections to improve the CDO's efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline CDO operations, including incident response, threat hunting, cyber threat intelligence and vulnerability management. Collaborate with CDO analysts to identify repetitive tasks and automate them to improve operational efficiency. … Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions. Continuously evaluate automation solutions for performance, reliability, and scalability, making improvements, as necessary. Collaborate with third-party vendors and service providers to leverage automation opportunities and ensure successful integrations. Lead technical migration of log sources into More ❯

and response. · Manage security tools, including endpoint protection software, patch and update management systems, vulnerability management systems, cloud security posture management (CSPM) systems, firewalls, intrusion detection/prevention systems, SIEM platforms, and encryption technologies. · Coordinate with IT Operations, IT Development, compliance and other departments to ensure secure systems design and regulatory compliance. · Oversee third-party vendor security assessments and due … or a related field. ·3 –6 years of experience in information security. · Strong knowledge of financial industry regulations and compliance requirements. · Hands-on experience with firewalls, IDS/IPS, SIEM, EDR/XDR, and cloud security tools. · Professional certifications such as CISSP, CISM, CISA, or CEH. · Strong knowledge of security architecture, risk management, incident response, and regulatory compliance. · Experience with More ❯

3GPP mobile network CORE and RAN architectures and security requirements. Strong knowledge of network security protocols, VPN, firewall management, and intrusion detection systems. Experience with security tools such as SIEM, IDS/IPS, and vulnerability scanners. Familiarity with regulatory standards and frameworks (e.g., GDPR, HIPAA, ISO 27001). In-depth understanding of routers, switches, firewalls, and switching/routing protocols More ❯

criteria. Industry-recognized certifications such as CISSP, CISM, CompTIA Security+, CEH, or vendor-specific credentials (e.g., AWS Security, Microsoft SC-200). Experience with security tools and platforms (e.g., SIEM, DLP, vulnerability scanners). Familiarity with regulatory and compliance frameworks (e.g., ISO 27001, NIST, GDPR). Our benefits Boots Retirement Savings Plan Discretionary annual bonus Generous employee discounts Enhanced maternity More ❯

knowledge of networking protocols, operating systems, and cloud technologies. Strong understanding of security principles, practices, and frameworks (e.g., PCI, NIST, ISO 27001). Experience with security tools such as SIEM, IDS/IPS, endpoint protection, and penetration testing tools. Experience with public cloud security, specifically AWS, Azure, and Google Cloud Platform (GCP). You Will Have An Advantage If You More ❯

3GPP mobile network CORE and RAN architectures and security requirements. Strong knowledge of network security protocols, VPN, firewall management, and intrusion detection systems. Experience with security tools such as SIEM, IDS/IPS, and vulnerability scanners. Familiarity with regulatory standards and frameworks (e.g., GDPR, HIPAA, ISO 27001). In-depth understanding of routers, switches, firewalls, and switching/routing protocols More ❯

knowledge of networking protocols, operating systems, and cloud technologies. Strong understanding of security principles, practices, and frameworks (e.g., PCI, NIST, ISO 27001). Experience with security tools such as SIEM, IDS/IPS, endpoint protection, and penetration testing tools. Experience with public cloud security, specifically AWS, Azure, and Google Cloud Platform (GCP). You will have an advantage if you More ❯

systems, providing proactive threat detection and response, and supporting the implementation of security controls and policies across cloud, on-premise, and hybrid environments. This role also involves working with SIEM solutions, automating security workflows, and contributing to the company's compliance with Cyber Essentials Plus and ISO 27001 standards. Key Responsibilities: Design, implement, and manage network security architectures, including firewalls … for enterprise-wide network security and threat management. Leverage Infrastructure as Code (IaC) principles using Terraform to automate security policies and infrastructure deployment. Utilize Security Information and Event Management (SIEM) solutions (preferably Microsoft Sentinel SIEM ) to monitor, detect, and respond to security incidents. Create and maintain runbooks for security incident response, including automating workflows to improve incident response times. Lead … related use cases (e.g., securing cloud infrastructure, managing security controls). SIEM Solutions: First-hand experience working with SIEM solutions , particularly Microsoft Sentinel SIEM . Experience in designing and managing SIEM rule sets, creating dashboards, and correlating data for threat detection. Familiarity with security event log analysis, alerts management, and incident response workflows. Cybersecurity Frameworks & Compliance: Knowledge of Cyber Essentials More ❯

processes, ensure proper configurations and security controls of systems and agents, document key findings in reports and incident management systems Conduct enterprise security log collection, management, and analysis. Investigate SIEM events, alerts and tips to determine if an incident has occurred Recognize attacker and APT activity; tactics, techniques, and procedures (TTPs); and indicators of compromise (IOCs) that can be used … experience) 1-2 years of experience in incident analysis, security architecture, malware research, SOC analyst, or any other similar incident response experience Fundamental understanding of security tools such as SIEM, IDS/IPS, web proxies, DLP, SIEM, DNS security, DDoS protection, and firewalls Knowledge of MITRE ATT&CK security framework, Cyber Kill Chain analysis, and/or other useful threat More ❯

log analysis, and analytics. Practical experience with network security architecture and cloud technologies. Experience with IAM tools like AD, Azure AD, access policies, and privileged access management. Skills in SIEM content development, security monitoring, incident detection, and response. Threat hunting and IR experience in Windows/Linux and cloud/hybrid environments. Proficiency with SIEM, log management, scripting languages (Python More ❯

of existing security controls. Design and implement security solutions to mitigate identified risks. Implement, and manage security systems, including firewalls, intrusion detection/prevention systems, DLP, endpoint protection, MDM, SIEM, IAM, vulnerability management etc. Respond to security events and incidents. Perform regular security audits and risk assessments. Maintain security controls, identify risks and propose treatment plans. Conduct regular vulnerability scans … networking, infrastructure (on-prem and in the cloud), vulnerability and incident management. Familiarity with application/device security monitoring (e.g. Firewalls, IDS/IPS, XDR etc.). Experience with SIEM/CNAPP/Log collection platforms (e.g. CrowdStrike, Lacework etc.) and capability to design, implement and manage such solutions. Experience with implementation of identity and access management (IAM) solutions. Ability More ❯

training. Experience in cybersecurity within higher education or a similar sector. Familiarity with business continuity planning and disaster recovery. Proficiency in a range of security tools and technologies, including SIEM, firewalls, and VPNs. This role offers a dynamic working environment with opportunities for professional growth and the chance to shape the cybersecurity strategy of a major institution. To apply, please More ❯

the Microsoft Defender suite. The ideal candidate will take a lead role in advanced threat detection, incident response, detection engineering, and security monitoring, while also optimizing license consumption and SIEM integration efforts. 5+ years in cybersecurity with 2+ years in a Level 3 SOC role Key Responsibilities: Advanced Threat Detection & Incident Response - Investigate and analyze complex security incidents escalated from … L1/L2 SOC analysts. - Leverage Microsoft Sentinel (SIEM) and Microsoft Defender XDR to conduct in-depth incident response. - Correlate multi-source telemetry (network, endpoint, identity, cloud) to identify and contain threats. Threat Hunting & Detection Engineering - Perform proactive threat hunting using KQL within Microsoft Sentinel. - Develop and fine-tune custom analytics rules, workbooks, and hunting queries. - Apply the MITRE ATT More ❯

in security tools such as Burp Suite, Kali Linux, Metasploit, Wireshark, Nessus, or equivalent . Good knowledge of network security, firewalls, managed switches, and server configurations . Familiarity with SIEM tools, vulnerability scanning, and incident response . Strong analytical and problem-solving skills. Excellent communication and documentation abilities. Preferred Qualifications Relevant certifications such as OSCP, CEH, CISSP, CISM, or ISO27001 More ❯

in security tools such as Burp Suite, Kali Linux, Metasploit, Wireshark, Nessus, or equivalent . Good knowledge of network security, firewalls, managed switches, and server configurations . Familiarity with SIEM tools, vulnerability scanning, and incident response . Strong analytical and problem-solving skills. Excellent communication and documentation abilities. Preferred Qualifications Relevant certifications such as OSCP, CEH, CISSP, CISM, or ISO27001 More ❯

in security tools such as Burp Suite, Kali Linux, Metasploit, Wireshark, Nessus, or equivalent . Good knowledge of network security, firewalls, managed switches, and server configurations . Familiarity with SIEM tools, vulnerability scanning, and incident response . Strong analytical and problem-solving skills. Excellent communication and documentation abilities. Preferred Qualifications Relevant certifications such as OSCP, CEH, CISSP, CISM, or ISO27001 More ❯

practices (, ISO 27001, NIST, CIS). Strong understanding of network security, application security, cryptography, and cloud security. Experience with security tools and technologies such as firewalls, IDS/IPS, SIEM, and endpoint protection. Excellent analytical, problem-solving, and communication skills. Ability to work independently and manage multiple projects simultaneously. SC (Security Clearance) or DV (Developed Vetting) clearance is preferred, or More ❯

and network security. Threat Monitoring & Incident Response Monitor cloud environments for security threats, vulnerabilities, and misconfigurations . Lead incident response efforts related to cloud security breaches and misconfigurations. Implement SIEM and security monitoring tools for real-time threat detection. Cloud Security Assessments & Compliance Conduct cloud security assessments, penetration testing, and risk analysis . Ensure compliance with ISO 27001, NIST, CIS More ❯

proactive monitoring, analysis, and improvement of cybersecurity postures. Essential Skills and Experience: Proven experience in a Security Operations Centre (SOC) environment SOC Level 2 Strong hands-on expertise with SIEM tools such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ) Skilled in incident response and threat intelligence analysis Familiarity with … Analyst , you will be at the forefront of digital defence—leading incident response, improving detection mechanisms, and mentoring junior analysts. Your responsibilities will include: Analysing security incidents using advanced SIEM platforms ( Microsoft Sentinel , Splunk ) Leading incident response and driving improvements in detection and containment strategies Tuning and maintaining detection rules, using threat frameworks like Mitre Att&ck Collaborating with colleagues More ❯