76 to 100 of 510 SIEM Jobs in the UK

tracking remediation, validating fixes, and assisting with reporting. * Develop and maintain playbooks, runbooks, and procedural documentation. Required Skills: * Microsoft Defender XDR * Microsoft Sentinel (SIEM/SOAR) * Privacy Management Solutions (e.g. Purview, OneTrust) * Understanding of key cybersecurity and privacy concepts, such as Threat detection and analysis, Incident response lifecycle, Vulnerability and ...

Demonstrable experience delivering cyber security services to external clients Strong knowledge of endpoint and network forensics tools Experience with Security Information and Event Management (SIEM) platforms Deep understanding of threat detection methodologies Familiarity with Windows, and cloud environments (e.g. MS Azure/AWS) Knowledge of malware analysis techniques and tools ...

incidents Lead and support incident response activities Conduct threat hunting and threat modelling exercises Manage vulnerability remediation and penetration testing activities Support and improve SIEM, EDR/XDR and security tooling Provide security guidance across infrastructure and change projects Drive security best practice and security-by-design principles Maintain and … internal IT teams and third-party security providers Technology and experience required: 5+ years’ experience in Cyber Security or Information Security Strong experience with SIEM, EDR/XDR, IDS/IPS and firewalls Good understanding of Microsoft Azure security technologies Knowledge of NIST, ISO27001 and CIS Controls Experience in incident ...

Strong knowledge of audit & compliance frameworks (ISO 27001, Cyber Essentials, GDPR, DORA). Experience with CSOC tools such as Rapid7 InsightIDR or other SIEM solutions. Hands-on experience with internal/external audits and compliance assessments. Relevant security/audit certifications (CISA, CISM, CISSP, ISO 27001 Lead Auditor, Cyber Essentials ...

date and protected. Experience: Previous experience worked in a cyber security role . Experience with cyber incidents and monitoring tools such as SIEM are desirable. CompTIA Security+ desirable. Experience in incident triaging and response and Microsoft security stack (XDR, Defender for Cloud, Defender for Endpoint) . Technical Skills Required: Knowledge ...

Agile methods such as SCRUM; Enterprise security packages, security enforcing software and devices, such as identity management and federation, cryptography, public key infrastructure, firewalls, SIEM, vulnerability scanning, etc. Additional Requirements: Must be eligible and willing to obtain UK Government Security Clearance. Key Attributes for Success: Ability to engage effectively with ...

modern network platforms (experience with Arista would be advantageous). Practical understanding of cyber security principles, threat monitoring and operational security controls. Experience using SIEM or monitoring platforms (experience with Splunk would be highly advantageous); Knowledge of secure network segmentation, filtering and access control models. Experience investigating and responding ...

skills Experience working within public sector, regulated, or enterprise environments Solid understanding of cyber security domains, including: Identity & Access Management Vulnerability Management Incident Response SIEM/Monitoring & Logging Resilience and business continuity Supply chain security Ability to manage multiple priorities and deliver under tight deadlines Experience working in remote, blended ...

VMware vSphere Windows Server Red Hat Enterprise Linux (RHEL) Active Directory DNS Group Policy (GPO) Remote Desktop Services (RDS) Security Trellix/McAfee technologies SIEM platforms Syslog reporting and integration Antivirus technologies TLS certificates and PKI concepts Secure gateway technologies Linux & Scripting Linux administration Shell scripting Regular Expressions (Regex) Firewall ...

Service (FWaaS) Manage application segmentation, secure connector deployment, and client connector rollouts. Integrate Zero Trust platforms with identity providers, endpoint security tools, and SIEM/SOAR environments. Support the migration of legacy VPN, firewall, and proxy solutions toward cloud-native security architectures. Conduct proof-of-concept exercises, technical evaluations, and ...

security concepts into clear recommendations for senior stakeholders Skills & Experience Strong experience in enterprise security architecture within large-scale environments Expertise across: SOC/SIEM/SIAM Network Security Architecture Cloud Security (Azure, AWS, Hybrid environments) Strong understanding of modern security operations and tooling Familiarity with frameworks such as TOGAF ...

/LLD documents for security solutions. Strong understanding of Security Operations/SOCs. Hyperscaler experience (AWS, Azure, GCP); Professional Cloud Architect cert preferred. SIEM/SOAR tooling (e.g., Google SecOps/Chronicle). EDR/XDR/NDR experience (e.g., Crowdstrike, Corelight, Microsoft Defender XDR). What's on Offer ...

security concepts into clear recommendations for senior stakeholders Skills & Experience Strong experience in enterprise security architecture within large-scale environments Expertise across: SOC/SIEM/SIAM Network Security Architecture Cloud Security (Azure, AWS, Hybrid environments) Strong understanding of modern security operations and tooling Familiarity with frameworks such as TOGAF ...

infrastructure is defined and provisioned. Proficiency in deploying and administering enterprise security platforms, ideally with direct experience managing tools spanning CNAPP, EDR, SIEM, and zero‐trust networking. A heavy and active user of AI in both professional and personal contexts, including agentic AI tools and coding assistants, with a grounded ...

cycle management Experience onboarding Windows Server, Linux/Unix, and network devices to PAM platforms Understanding of Active Directory privileged account management Experience with SIEM integration for PAM event logging and alerting Working knowledge of security frameworks: ISO 27001, NIST CSF Strong troubleshooting skills for connector and session issues Good ...

process and submit (subject to required skills) your application to our client in conjunction with this vacancy only. Key skills: SOC Analyst, Cyber Security, SIEM, Incident Response, Vulnerability Management, Cloud Security, Information Security ...

Produce detailed incident reports and ensure accurate, timely communication Support threat hunting and threat mining activities Assist with onboarding new clients including deployment of SIEM, EDR, and vulnerability management tools Act as a technical escalation point and mentor junior SOC analysts Engineer and deploy security tooling and detection capabilities Investigate ...

building strong relationships based on expertise. Maintain vendor certifications and stay current with cybersecurity trends and innovations. Core Expertise: Advanced cybersecurity services: SSE, SASE, SIEM, MDR/EDR. Endpoint detection and threat management solutions. Security frameworks and compliance standards: ISO27002, CIS, NIST CSF. SOC processes and Microsoft security stack. Experience ...

environments. Preferred Skills Endpoint compliance and posture assessment within Cisco ISE. Device profiling and policy enforcement. Integration with third-party security solutions such as: SIEM platforms Mobile Device Management (MDM) solutions Other security tooling Soft Skills Strong analytical and troubleshooting capabilities. Excellent communication and stakeholder engagement skills. Strong documentation and ...

and their integration.Experience with DevOps practices, CI/CD pipelines (Jenkins, Azure DevOps) and automation tools.Deep understanding of security frameworks, firewalls, endpoint protection, and SIEM tools.Strong knowledge of data management platforms, databases, data lakes, Fabric and ETL processes.Experience with observability tools and practices, including monitoring, logging, tracing, and metrics collection ...

Excellent communication and presentation skills. Desired Skills and Qualifications Demonstrable capability and qualifications across multiple of the following technical areas is advantageous. SOC/SIEM assessments and tooling Identity and Zero trust Security design and architecture GovAssure Operational Technology (OT) ISA 62443 Artificial Intelligence SWIFT CSP Cloud related certifications across ...

Genuine First Line of Defence (FLOD) experience - this is the defining requirement Cloud security awareness (AWS and/or Azure); comfortable with firewalls, IAM, SIEM, and vulnerability scanning Familiarity with ISO 27000, COBIT, NIST 800 and relevant regulations (FCA/PRA, DORA, GDPR) Strong reporting skills you'll be presenting ...

improving, developing and maintaining IT/OT vulnerability management programs and processes. This role performs and leads important tasks specialized at threat hunting, SIEM/SOAR, Network Security and other operational security tasks such as performance and availability monitoring, log monitoring, security incident detection and response, security event reporting, and … and/or Security Operation centers required. Experience in a Data Center environment an added plus. Advanced expertise in architecting, implementing, and optimizing SIEM and security platforms across hybrid environments. Demonstrated leadership in ICS and SCADA security integration and monitoring within critical infrastructure. Deep knowledge on security architecture, with hands ...

identify and respond to threats effectively. This is not a generalist cyber security role. Key Responsibilities Administer and optimise Microsoft Sentinel (or equivalent SIEM), including log ingestion, parsing, normalisation, and retention. Develop and maintain SOAR workflows and automation using Azure Logic Apps, Python, PowerShell, Bash, and KQL. Onboard and manage … range of data sources. Design, implement, and tune detection rules to improve alert quality and reduce false positives. Conduct proactive threat hunting using SIEM, EDR, and threat intelligence sources. Support incident investigations, containment, and response activities. Monitor and maintain the health of SOC tooling, sensors, agents, and log pipelines. Produce ...

Engineer - Cyber As a Cyber SOC Engineer, you will: Act as a technical escalation point and engineering SME across SOC technologies including SIEM, MDR/XDR, EDR, vulnerability management, and cloud security tooling Support, maintain, and improve cyber security infrastructure across enterprise customer environments Work closely with internal teams and … tools such as Tenable or Qualys Azure, Microsoft 365, Intune, or AWS environments Security tooling, infrastructure, and cloud platforms Linux and Windows operating systems SIEM technologies and security monitoring Basic scripting or automation using KQL, PowerShell, Python, or Bash ITIL environments and structured change control processes Firewall, endpoint, or cloud ...