1 to 25 of 381 SIEM Jobs in the UK excluding London

SIEM Detection Engineer | Cyber Security Farnborough (Hybrid – 2 days onsite) Up to £65,000 + Excellent Benefits SC Clearance (or eligibility required) Ready to engineer the frontline of cyber defence? We’re working with a highly respected cyber security operation supporting critical defence environments, seeking a SIEM Detection Engineer … threat detection capability across secure enterprise environments. This is a hands-on technical role where you’ll design, build and optimise detection logic across SIEM platforms, working directly against real-world attacker techniques in a mature, high-performing SOC. You’ll have the autonomy to shape detection strategy, influence capability ...

platforms, and fixed wireless network environments Experience managing security operations, incident response, threat management and vulnerability remediation activities. Strong knowledge of security technologies including SIEM, EDR, IAM, DLP, firewalls, IDS/IPS, and vulnerability management platforms. Experience working with third-party security monitoring and managed security service providers. Strong analytical ...

Windows, Linux and Cloud environments Encryption – Familiarity with encryption protocols and technologies Penetration Testing – Ability to assess and interpret penetration test results Security Tools – SIEM, SOAR, EDR, UTM Cloud Security – Understanding of AWS, Azure, etc. Security Frameworks – Knowledge of MITRE ATT&CK, NIST, etc. Consulting Skills Risk management, strategic planning ...

Analyst Information Security Analyst Essential Skills Experience monitoring and investigating security events Understanding of cyber security threats, attack techniques and security controls Exposure to SIEM technologies Strong analytical and problem-solving skills Experience working within a security operations environment Excellent communication and documentation skills Desirable Skills Microsoft Sentinel experience ...

Analyst Information Security Analyst Essential Skills Experience monitoring and investigating security events Understanding of cyber security threats, attack techniques and security controls Exposure to SIEM technologies Strong analytical and problem-solving skills Experience working within a security operations environment Excellent communication and documentation skills Desirable Skills Microsoft Sentinel experience ...

and enhance the incident response plan and playbooks. Security Operations Center (SOC): Monitor and analyse security alerts and logs from various tools such as SIEM, IDS/IPS, and endpoint detection systems. Identify and escalate potential security threats or vulnerabilities in real-time. Continuously optimize SOC workflows, tools, and processes ...

analysis, threat detection, and handling security incidents end to end. Experience with security tooling such as Security Hub, GuardDuty, Detective, CloudTrail, CloudWatch, Inspector, SIEM (Elastic, Sentinel) and related cloud native controls. Practical experience with scripting (Python preferred) and Infrastructure as Code tooling such as Terraform. Solid understanding ...

Security Operations Center (MSSP) to ensure high‐fidelity alerting and low Mean Time to Resolve (MTTR). Tooling Optimization : Own the security stack (SIEM, EDR, XDR, SOAR). Ensure tools are integrated, automated, and providing maximum ROI rather than just generating “noise.” Automation : Drive a “Detection as Code” philosophy ...

remote access/VPN configurations where required and ensure changes follow change control. Enable and review network security logging/alerting (e.g., syslog/SIEM integrations where applicable). Monitoring, Detection & Incident Response (Sophos MDR) Act as the internal technical point of contact for Sophos MDR and ensure smooth collaboration ...

eligible for SC Clearance Proven ability to lead complex cyber investigations and incident response engagements during live events. Experience with forensic tools, SIEM platforms, and threat detection methodologies. Knowledge of Windows and cloud environments. Excellent analytical, problem-solving, and communication skills. Customer-focused with the ability to remain calm under ...

security with leadership or ownership of security functions. Strong knowledge of network, application, cloud (AWS/Azure), and endpoint security. Hands-on experience with SIEM (e.g., Arctic Wolf), Fortinet firewalls, Nessus, and vulnerability remediation. Experience working with SOC teams and supplier security assessments. Familiarity with CAF, CE+, NIST, CIS Controls ...

cyber threats and AI-enabled attack techniques.Core Skills Strong foundation in modern cyber security engineering and detection engineering principles. Experience with security monitoring platforms, SIEM systems, and alerting/detection pipelines. Strong understanding of identity and access management, endpoint security, logging, network security, and vulnerability management. Knowledge of security architecture ...

incident response. Experience monitoring and investigating security alerts and events. Understanding of network, endpoint and cloud security concepts. Familiarity with security tools such as SIEM, endpoint protection and vulnerability scanning solutions. Experience supporting security controls and maintaining secure system configurations. Knowledge of information security frameworks and standards such ...

junior analysts + share your expertise • Turn insights into real security improvements 🧠 What you’ll bring: • SOC/security environment experience • Strong knowledge of SIEM, EDR, networking & OS (Windows/Linux) • Incident response experience end-to-end • Analytical mindset + clear communication skills ✨ Bonus points for: Microsoft Security (Sentinel, Defender ...

support Basic scripting or automation skills (e.g. PowerShell or similar) Desirable experience Exposure to security tools such as Microsoft Defender or Sentinel Awareness of SIEM tools and alert monitoring Understanding of ISO 27001 or other security frameworks (e.g. Cyber Essentials, NIST) Experience supporting or working alongside a SOC team Knowledge ...

Security Operations, Cyber Security or Information Security role Strong understanding of security principles, controls and best practices Experience with security technologies such as SIEM, XDR, Endpoint Protection, Vulnerability Management, WAF or DLP Experience investigating and responding to security incidents Strong analytical and problem-solving skills Excellent communication and stakeholder engagement ...

Analyst * Detection & Response Lead * Cyber Security Team Lead You'll ideally bring experience across some of the following: * Security Operations and Incident Response * SIEM, EDR/XDR and security monitoring tools * Vulnerability Management * Threat Detection and Threat Hunting * Cloud Security (Azure, AWS or GCP) * Security Frameworks such ...

and root cause analysis. Collaborate across engineering, architecture, and compliance teams to embed security-by-design. What youll bring : Strong background in network security, SIEM, IDAM, endpoint protection, and cloud security. Knowledge of threat intelligence, IOC analysis, and detection engineering. Experience in secure SDLC, code review, and threat modelling (incl. ...

Security Monitoring & SIEM Analyst Location: Berkshire (Onsite) Salary: £45,000 - £60,000 + excellent benefits & training Security Clearance: Ideally SC Cleared or eligible for SC (UK Nationals only) ________________________________________ Company Overview An exciting opportunity to join a global technology organisation with a well-established cyber security capability supporting mission-critical environments. … mature level, combining Security Operations, threat detection, incident response, and continuous improvement practices to defend against evolving threats. ________________________________________ Role Overview As a Security Monitoring & SIEM Analyst, you will play a key role within the Security Operations function, focused on real-time detection, investigation, and response to cyber threats using SIEM ...

incidents alongside the Head of Cyber Work with the existing MSSP across incident response and proactive monitoring and detection Maintain and optimise Microsoft Sentinel SIEM, XDR/MDR/EDR solutions, and supporting tools. Track deployment and health of all security products across the business. Stay ahead of emerging threats ...

configuring and working directly with security tooling in live environments Cloud security (Microsoft 365, Azure, AWS) Strong technical exposure to security tooling, such as: SIEM/SOAR, EDR/XDR, vulnerability scanners, patch management, CASB, DLP Good firewall experience Solid understanding of networking fundamentals (TCP/IP, firewall policies, VPNs ...

architecture Experience with vulnerability management and security operations within OT environments Understanding of security technologies including: IAM, EDR, Firewalls, PKI, DLP, DAM Experience with SIEM technologies such as: Google Chronicle, Splunk ES & QRadar Experience with log source integration, correlation rules and parser development Strong stakeholder engagement and communication skills Desirable ...

identification, and continuous improvement Lead security engagement within client Design Authority and Enterprise Architecture forums Manage integration with the client SOC, including security reporting, SIEM alignment, and incident response coordination Oversee security incident management in line with the client Cyber Security Incident Response Plan Own joiner/mover/leaver ...

development and engineering process regarding product & solution security. Supporting customer service team in development and deployment of security monitoring and incident response solutions e.g. SIEM as well as security configuration of railway system solutions and implanting and deploying cyber security solutions. Supporting the network team in the configuration of network ...

systems remain at the required security posture against baseline requirements Work with the Security Monitoring engineering team to ensure logs are forward to the SIEM capability Work with the customer and appropriate agencies to develop new policies, design processes, and procedures, and develop technical designs Assess system vulnerabilities, implement risk ...