Code practices. • Assist in securing data platforms, including Data Bricks, Azure SQL, and other in-house developed apps/plugins. • Collaborate on implementing internal SIEM using Sentinel and work towards establishing an internal SOC. • Support the Infrastructure team in configuring firewalls securely and managing Fortinet FortiAnalyzer. • Provide guidance to Infrastructure … and Product teams on securing Microsoft 365 and Azure cloud services. • Establish and manage SIEMand SOAR capabilities using Azure Logic Apps or equivalents. • Enhance the usage and support of Entra ID (previously Azure AD) for IAM, Identity Governance, and PIM. • Document security processes, tool configurations, andsecurity service delivery more »
SOC team to ensure the effective support and delivery of the following: Provide around the clock protective monitoring through the use of industry leading SIEM, IDS and threat Intelligence Technologies. Provide advice and guidance to client targets of cyber attacks and malicious activity to a high standard. Provide incident reporting … and effective manner. Provide analytical support to other SOC team members during security incidents and Threat Mining engagements. Assistance with onboarding process - deployment of SIEM, EDR and Vulnerability Management tools Direct communication with customers on threats and alerts Providing customers with reports and presenting findings Assistance with active directory administration. more »
Doncaster, England, United Kingdom Hybrid / WFH Options
Cloud Decisions
Engineer you'll work handling both reactive and proactive security engagements. Your responsibilities will include: ✨Protective Monitoring: Utilize industry-leading SecurityInformation & EventManagement (SIEM) and Intrusion Detection Systems (IDS) to monitor and detect threats. Provide advice and guidance to clients targeted by cyber attacks and malicious activity. ✨Incident Reporting … Communication: Communicate directly with customers regarding threats and alerts. Prepare and present findings to clients. ✨Technical Assistance: Assist with the onboarding process, including deploying SIEM, Endpoint Detection and Response (EDR), and Vulnerability Management tools. Provide support for active directory administration and firewall management. Key Skills and Traits Needed: Must be more »
Oxfordshire, England, United Kingdom Hybrid / WFH Options
University of Oxford
on automation in collaboration with the Head of InformationSecurity Operations and the rest of the team. OxCERT runs an on-premises Elasticsearch-based SIEM solution, an Intrusion Detection System (IDS), and a vulnerability scanning service as well as other open source and commercial tools. We are one of the … Software and Open Source technologies and actively supports several related project communities. Current projects include the enhancement of the existing Elastic based securityinformationandeventmanagement system, the deployment of a new incident response tool, and development of an IT forensics capability. The team has achieved standing and recognition more »
on AWS. Deep understanding of AWS services including EC2, S3, RDS, Lambda, VPC, IAM, and CloudTrail. Proficiency in security tools and practices such as SIEM, IDS/IPS, and vulnerability management. Experience with Infrastructure as Code (IaC) tools like Terraform, CloudFormation, or Ansible. Strong scripting skills in languages such as more »
s cyber security measures; responds to actual penetration attempts by malicious parties Key Accountabilities Perform forensic analysis and gather evidence Correlation monitoring using multiple SIEM technologies Assist in gathering forensic data and physical equipment Act as incident responder for potential incident identified Ability to work under pressure In-depth understanding more »
Sheffield, South Yorkshire, Yorkshire, United Kingdom Hybrid / WFH Options
Chroma Recruitment Ltd
e.g. Ansible/Puppet/Landscape) Essential skills/experience required for the Senior Infrastructure Engineer: Extensive experience with Windows, Microsoft365, and Linux Implementing SIEM solutions Configuring and monitoring compliance policies within M365 Setting up SSO (specifically SAML) Managing devices via Intune Desirable skills/experience required for theSenior Infrastructure more »
cyber security technologies and services in use at the company Role & Accountabilities KEY Identity access management, experience/involvement with Security services such as SIEMand Vulnerability Management. Provide expert knowledge and act as a subject matter expert on key principles of (IAM) with an in-depth knowledge in the … remediation of vulnerabilities in line with best practise and policy. Assist with the investigation vulnerability results and remediation efforts. Assist with management of the SIEM service, including the ingestion of new log sources, configuration of alerting and providing expert knowledge to aid the investigation of alerts where required. Support the more »
Glasgow, Lanarkshire, Scotland, United Kingdom Hybrid / WFH Options
Sopra Steria Limited
and communicate effectively at all levels to both technical and non-technical audiences, assess and evaluate risk and understand the implications of new technologies. SIEM experience with designing, implementing and maintaining Splunk Excellent analytical and problem-solving skills coupled with ability to assess complex situations, identify risks, and recommend effective more »
At Direct Line Group, insurance is just the start. Combining decades of industry experience with talented people in every field from data, technology, customer care and auto repair, to HR, finance and procurement , we're a customer-obsessed market powerhouse. more »
or equivalent experience. 2-4 years of experience in a SOC Analyst or similar role. Strong knowledge of security methodologies, processes, and technologies (firewalls, SIEM, IDS/IPS). Proficiency in TCP/IP protocols, network analysis, and troubleshooting. Experience with incident response and threat intelligence. Excellent written and verbal more »
Glasgow, Scotland, United Kingdom Hybrid / WFH Options
Nine Twenty Recruitment
methodologies. Proficient with Microsoft, Windows, and related technologies. Familiarity with networking and network infrastructure. Experienced in designing, implementing, and managing Security services such as SIEM, Endpoint protection, EDR, and Vulnerability management platforms. To be considered for this position, please apply today or contact Sophie on snorton@weareninetwenty.com more »
Benefits: 10% pension contributions, flexible working, in house L&D, 28 days holiday +BH Skills required for this role: - Experience working with SIEM solutions (ideally Sentinel) - Vulnerability management (Nessus) - Incident Response - Implementing appropriate mediation Desirables: - SC Clearance - Large guideline expérience (ISO27001, Cyber Essentials, etc) This role gives the right candidate more »
Greater Cheshire West and Chester Area, United Kingdom Hybrid / WFH Options
psd group
reduction across all IT Systems Essential Skills & Experience: Experience with analysing event logs and recognizing cyber intrusions or attacks. Experience using tools such as SIEM, IDS/IPS, antivirus and endpoint protection (e.g. Microsoft Sentinel and Microsoft Defender for Endpoint) Understanding of relevant Cyber Security standards, legislation and regulations including more »
Manchester, Greater Manchester, United Kingdom Hybrid / WFH Options
N Brown Group
will you have?Experience responding to incidents across corporate and customer-facing web applications, identifying potential threats and mitigating/escalating as required.Experience with SIEM Platforms (ideally Splunk), including working with logs and creating correlation searches and dashboards is a plus.Knowledge of monitoring cloud environments using cloud native tooling.An understanding more »
Glasgow, Scotland, United Kingdom Hybrid / WFH Options
Head Resourcing
to state affiliated groups. Preventing and detecting common attacker techniques and the MITRE ATT&CK framework. Tuning and configuring cyber security tools, for example SIEMand EDR tooling. How enterprise IT networks, Active Directory and Azure AD operate. Service Management of key partners This role comes with excellent benefits such more »
ll need: · Extensive experience of working within a SOC or adjacent role. · Experienced in responding to cyber incidents. · Conversant with common security tooling (E.g., SIEM, SOAR, EDR, NDR). · Understanding of threat actors, their tactics, techniques, and procedures. · Understanding of securityevent data, the value of different data sources andmore »
securityand a keen eye for identifying and mitigating digital threats. Experience in monitoring, analysing, and responding to security events and incidents. Proficiency with SIEM tools and understanding of the latest cyber security trends and threat landscapes. A collaborative mindset and the ability to communicate effectively across various teams. Certifications more »
Corsham, England, United Kingdom Hybrid / WFH Options
J&C Associates Ltd
IT Recruitment specialist that provides support to the clients across UK, Europe and Australia. We have an excellent job opportunity for you. Role Title: SIEM/Incident SME(Need Active DV Clearance) Location: Hybrid onsite in one of the following locations 2/3 days per week - Corsham, Portsmouth or … cyber defence hardware. • Support Junior Analysts to manage SOC systems. • Previous experience of Enterprise ICS/network architectures and technologies • Experience and knowledge of SIEM solutions; having the ability to identify use cases and their creation, their deployment and tuning. • Experience as a mentor/coach to junior analysts Your … C2M2) • Excellent communication skills • Experience of writing Defence/Government documentation Desirable Qualifications: • Broad Spectrum Cyber Course (SANS SEC401 or SEC501 or equivalent) • SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent) • Advanced Analyst Course (SANS SEC503 or equivalent more »
VMware, Messaging (Exchange 2016+), IIS, SQL 2012+, Linux appliances, architecture and OS, backup technologies, Citrix, and Cisco networking. understanding of security technologies such as SIEM, firewalls, intrusion detection/prevention systems, anti-virus software, authentication systems, and log management. knowledge of security approaches including ISMS, risk analysis and assessments, the more »
and risk levels Develop and maintain SecOps documentation, policies, and procedures Maintain cybersecurity solutions across systems, applications, and infrastructure Investigate security alerts from the SIEM tool and take appropriate incident response actions. Communicate with stakeholders about security incidents, detailing actions taken. Support the Cyber Incident Response Manager by triaging events more »
tiers when necessary. Vulnerability Scanning: scan systems for vulnerabilities. and manage vulnerabilities discovered during scans. Security Tool Management: Configure and manage security tools (e.g., SIEM, IDS/IPS, antivirus). Ensure proper functioning and timely updates. Reporting and Documentation: Document incidents, actions taken, and findings. Prepare incident reports for further more »