1 to 25 of 224 SIEM Jobs in the UK excluding London

depth knowledge of networking protocols, operating systems, and cloud technologies (AWS, Azure, GCP). Strong understanding of frameworks such as PCI, NIST, and ISO 27001. Hands-on experience with SIEM, IDS/IPS, endpoint protection, and penetration testing tools. Certified Security Auditor (or equivalent) and UK Security Clearance eligibility. Preferred Certifications: CISSP, CISM, CEH AWS Certified Security Specialist Azure Security More ❯

paced environment and want to be at the forefront of defending critical systems and data, we’d love to hear from you. Key Responsibilities: Proactively monitor security alerts from SIEM, EDR, and other tools Investigate incidents, analyse logs, and perform threat detection and response Conduct assessments of systems, vendors, and third parties for security risk Support incident response including forensic More ❯

timelines, affected systems, response actions, and improvement recommendations. Produce clear, detailed reports for client delivery. Technical Requirements: Hands-on experience in incident response and investigation using tools such as SIEM, SOAR, and EDR. Proficiency in analysing logs across multiple platforms (Networking, Windows, Mac, Linux, Cloud). Solid understanding of evidence collection and handling procedures. Familiarity with the NIST More ❯

Press Tab to Move to Skip to Content Link Select how often (in days) to receive an alert: SIEM Application Engineer Posting Date: 29 Jul 2025 Function: Cyber Security Unit: Networks Location: Snowhill, Birmingham, United Kingdom Salary: Competitive with Great Benefits The new Network SIEM is essential to BT's network security, meeting TSA requirements and improving our CAF level. … following offices: Birmingham, Manchester, Ipswich (Ipswich only applicable to existing BT employees) What you'll be doing SIEM Solution Development: Collaborate with security analysts and architects to design and implement SIEM solutions using Elasticsearch. Optimize SIEM rules, alerts, and dashboards for efficient threat detection. Collaborate effectively with others to drive forward key security objectives Presentation and documentation writing (to both … Experience in key cyber technologies such as SIEM technologies (Elastic preferred), vulnerability management, access management and other commonly used Enterprise security controls. Ideally from both a development and operational perspective Advantageous: SIEM implementation and usage Experience of Elastic Stack (ELK) Knowledge of Offensive testing frameworks Knowledge of Linux, Windows and Network Administration Knowledge and experience of cloud services (public or More ❯

with a strong background in cloud security (AWS, Azure, or GCP) Solid understanding of networking, identity & access management, and encryption technologies Hands-on experience with tools like Terraform, Kubernetes, SIEM platforms, and security scanners Familiarity with DevSecOps practices and modern CI/CD pipelines Strong scripting or coding skills (e.g., Python, Bash, or PowerShell) Excellent problem-solving, communication, and stakeholder More ❯

for this role: 3+ years' experience in a senior cyber security role Strong knowledge of security frameworks (NIST, NCSC, CIS, MITRE ATT&CK) Hands-on experience with security tools: SIEM, IDS/IPS, firewalls, endpoint protection Expertise in Azure security and securing cloud platforms A solid understanding of vulnerabilities, penetration testing, and compliance Experience with network security, encryption, TLS, SSL More ❯

with cloud security (AWS and/or Azure) Proven ability to perform detailed risk assessments and identify meaningful control improvements Experience using and managing firewalls, intrusion detection systems, and SIEM solutions Familiarity with secure networking protocols (VPNs, TCP/IP, etc.) and malware analysis Understanding of industry frameworks: ISO27001, Cyber Essentials, NIST800-53 Experience working on security operations, threat management More ❯

with cloud security (AWS and/or Azure) Proven ability to perform detailed risk assessments and identify meaningful control improvements Experience using and managing firewalls, intrusion detection systems, and SIEM solutions Familiarity with secure networking protocols (VPNs, TCP/IP, etc.) and malware analysis Understanding of industry frameworks: ISO27001, Cyber Essentials, NIST800-53 Experience working on security operations, threat management More ❯

with cloud security (AWS and/or Azure) Proven ability to perform detailed risk assessments and identify meaningful control improvements Experience using and managing firewalls, intrusion detection systems, and SIEM solutions Familiarity with secure networking protocols (VPNs, TCP/IP, etc.) and malware analysis Understanding of industry frameworks: ISO27001, Cyber Essentials, NIST800-53 Experience working on security operations, threat management More ❯

and Microsoft Defender. Excellent communication and stakeholder management skills. Eligible to gain and maintain HMG Security Clearance at "Security Check" (SC) level. Hands-on experience using Elasticsearch and other SIEM technologies. Exposure to security automation and threat intelligence platforms. Previous experience in delivering training and conducting cyber exercises. About the DCC: At the DCC, we believe in making Britain more More ❯

Skills & Experience: Proven experience in networking and cybersecurity consulting. Strong knowledge of Microsoft 365 security and compliance features. Hands-on experience with Azure networking and security services. Familiarity with SIEM tools, especially Microsoft Sentinel. Understanding of identity and access management (IAM), MFA, and conditional access. Experience with PowerShell, KQL, and automation tools. Excellent communication and stakeholder management skills. Preferred Certifications More ❯

the applicant to work 12-hour shifts (7am/7pm) on a 4-on-4-off pattern. What will you bring? Experience in a SOC analyst role Experience using SIEM (ideally Microsoft Sentinel) Experience using EDR (ideally Microsoft Defender) Excellent written and verbal communication skills Experience configuring and deploying Microsoft technologies such as Microsoft Defender and Azure Experience using and More ❯

GDPR, Data Protection Act 2018), industry standards, and regulatory requirements. Security monitoring operations: Support and oversee the day-to-day security monitoring operations, including log analysis, threat intelligence, and SIEM management. Leadership and mentoring: Provide strong leadership to the governance, risk and compliance team and mentor the professional growth and development of security staff. Threat intelligence: Stay up to date More ❯

or Legal. Excellent technical knowledge of: Microsoft 365 Security, Windows, and Active Directory Cloud platforms (Azure, AWS, or GCP) and associated security tooling Security testing tools (SAST, DAST, SCA, SIEM, endpoint detection, vulnerability scanners) Proven experience delivering secure project outcomes across digital transformation programmes. Ability to analyse and communicate complex security issues to both technical and non-technical stakeholders. Relevant More ❯

or Legal. Excellent technical knowledge of: Microsoft 365 Security, Windows, and Active Directory Cloud platforms (Azure, AWS, or GCP) and associated security tooling Security testing tools (SAST, DAST, SCA, SIEM, endpoint detection, vulnerability scanners) Proven experience delivering secure project outcomes across digital transformation programmes. Ability to analyse and communicate complex security issues to both technical and non-technical stakeholders. Relevant More ❯

or Legal. Excellent technical knowledge of: Microsoft 365 Security, Windows, and Active Directory Cloud platforms (Azure, AWS, or GCP) and associated security tooling Security testing tools (SAST, DAST, SCA, SIEM, endpoint detection, vulnerability scanners) Proven experience delivering secure project outcomes across digital transformation programmes. Ability to analyse and communicate complex security issues to both technical and non-technical stakeholders. Relevant More ❯

detection and DevSecOps practices, ensuring security is embedded within operational workflows and cloud-native architectures. What you will do: Operate and optimise core cyber security tools and platforms, including SIEM, XDR, EDR, DLP, IAM, PAM, ZTNA and vulnerability management solutions Lead or support the detection and response lifecycle, including triage of alerts, investigation of incidents, root cause analysis, and coordination More ❯

detection and DevSecOps practices, ensuring security is embedded within operational workflows and cloud-native architectures. What you will do: Operate and optimise core cyber security tools and platforms, including SIEM, XDR, EDR, DLP, IAM, PAM, ZTNA and vulnerability management solutions Lead or support the detection and response lifecycle, including triage of alerts, investigation of incidents, root cause analysis, and coordination More ❯

PowerShell and automation. Consulting experience across IT and digital teams. Flexibility for occasional travel and out-of-hours support. Exposure to MxDR/SOC environments and advanced security protocols (SIEM, IDS/IPS, firewalls). Knowledge of GDPR, Cyber Essentials+, PCI-DSS, and other compliance standards. Strong grasp of data protection legislation (e.g., GDPR, Data Protection Act). Global Impact More ❯

Compliance, vulnerability management and patching. Entra ID management and improvements. Understanding of a broad range of security tools using Microsoft security tooling where possible, including but not limited to SIEM, Email Security, DLP. Delivering new cybersecurity toolsets and capability as required Investigating cybersecurity incidents and undertaking reporting/remedial action as required. Maintaining risk, issue and change registers for cybersecurity More ❯

with peers and customers, even under pressure. Proven cyber security experience in protective monitoring and incident response (e.g., GIAC GMON, GCIA, GCIH, or equivalent). Hands-on experience with SIEM tools (LogRhythm, Splunk) and IDS (Snort). Solid background in network and host security. Expertise in threat intelligence and threat hunting. Experience mentoring and coaching others. Current DV clearance. Security More ❯

of network protocols (TCP/IP) and security practices (IPSec, SSL-VPN, NAT, GRE). Hands-on experience with cloud infrastructure operations and troubleshooting customer tech stacks. Familiarity with SIEM tools, vulnerability management, malware analysis, and firewall configurations. Ability to communicate complex technical solutions to a wide range of audiences, both technical and non-technical. Skilled in Python, JSON, YAML More ❯

of network protocols (TCP/IP) and security practices (IPSec, SSL-VPN, NAT, GRE). Hands-on experience with cloud infrastructure operations and troubleshooting customer tech stacks. Familiarity with SIEM tools, vulnerability management, malware analysis, and firewall configurations. Ability to communicate complex technical solutions to a wide range of audiences, both technical and non-technical. Skilled in Python, JSON, YAML More ❯

assessing, and communicating current and emerging security threats and vulnerabilities. Security Solution Design and Evaluation. Researching, evaluating, and recommending security technologies, tools (e.g., firewalls, VPNs, IDS/IPS, EDR, SIEM, SOAR), and solutions to mitigate identified threats and address security needs. Policy and Procedure Development: Defining, implementing, and maintaining corporate security policies, standards, and procedures to ensure compliance with industry More ❯

security best practices for the team ALL ABOUT YOU Technical Skills DLP Tools & Platforms: Proficiency with DLP solutions, in particular Microsoft Purview Security Monitoring & Analysis: Experience integrating DLP with SIEM, EDR, and CASB tools to monitor data flows and detect suspicious behavior. Policy Creation & Tuning: Ability to create, tune, and enforce DLP policies for endpoints, network, email, and cloud environments. More ❯