101 to 125 of 146 SIEM Jobs in the UK excluding London

client leads to resolve escalated incidents. Patching and Maintenance of test and live environments to include installing Anti-Virus, WSUS, RHEL & other product updates Working with PKI Certificates and SIEM tooling Providing support to Engineering & Test teams AD Administration activities accounts, groups, memberships, permissions etc. Participating in rota for On-Call to ensure 24/7/365 support is More ❯

Knowledge of IAM concepts including MFA, RBAC and conditional access Familiarity with regulatory and compliance frameworks such as NIST, CIS Controls, ISO 27001 and Cyber Essentials Plus Experience with SIEM, logging, monitoring and threat detection platforms Understanding of data classification, encryption and secure storage Ability to collaborate with engineers to enforce secure configurations and hardening standards Experience with endpoint protection … consent for us to process and submit (subject to required skills) your application to our client in conjunction with this vacancy only. KEY SKILLS Cyber Security Engineer, Microsoft Security, SIEM, IAM, Vulnerability Management, Network Security, Security Architecture, Incident Response, Hybrid Cloud, Threat Modelling, Compliance, NSD More ❯

incident response efforts, from initial detection through containment, remediation, and post-incident analysis. A key part of the role involves managing and fine-tuning security monitoring tools such as SIEM platforms to ensure optimal visibility and threat detection. The Security Operations Manager collaborates with IT, infrastructure, and platform teams to coordinate responses to vulnerabilities and ensure swift resolution of incidents. … Own and maintain the organisation's Cyber Incident Response Plan, coordinating major incident responses and ensuring lessons learned translate into stronger defences. Manage and optimise key technical controls, including SIEM, SOAR, PKI, and email security tools, to maintain robust detection and response capabilities. Collaborate with delivery partners and internal teams to improve service quality, mitigate risks, and enhance security posture. … colleagues, internal customers and external suppliers Significant experience in Security Operations and Incident Response Broad technical competence in IT and Cyber Broad technical competence in OT Solid understanding of SIEM/SOAR especially Sentinel Why Apply? At Anglian Water, we play a vital role in safeguarding one of life's most essential resources - and protecting the systems that keep it More ❯

combines engineering depth with real client interaction ideal for someone who enjoys both hands-on work and architectural thinking. What You Will Be Doing Design, configure, and deliver Sentinel SIEM solutions for enterprise clients. Develop and optimise automation rules, playbooks, and runbooks using Logic Apps and Power Automate. Write and fine-tune Kusto Query Language (KQL) queries to analyse and … and ISO 27001 alignment. Act as an escalation point within the SOC and mentor junior engineers. What We Are Looking For 3+ years experience as a Microsoft Sentinel or SIEM Engineer. Strong technical background across Microsoft 365, Azure, networking, and cybersecurity. Hands-on experience with KQL, PowerShell, and ideally Python. Proven experience automating processes using Logic Apps, Playbooks, or Terraform. More ❯

combines engineering depth with real client interaction ideal for someone who enjoys both hands-on work and architectural thinking. What You Will Be Doing Design, configure, and deliver Sentinel SIEM solutions for enterprise clients. Develop and optimise automation rules, playbooks, and runbooks using Logic Apps and Power Automate. Write and fine-tune Kusto Query Language (KQL) queries to analyse and … and ISO 27001 alignment. Act as an escalation point within the SOC and mentor junior engineers. What We Are Looking For 3+ years’ experience as a Microsoft Sentinel or SIEM Engineer. Strong technical background across Microsoft 365, Azure, networking, and cybersecurity. Hands-on experience with KQL, PowerShell, and ideally Python. Proven experience automating processes using Logic Apps, Playbooks, or Terraform. More ❯

In 2022 we built out an exciting SIEM/SOAR and ManagedDetection and Response service called SEP2.security, built upon Google CloudSecurity's Chronicle stack. Due to customer demand, we are now looking to hire aPrincipal Cyber Security Engineer to join this every growing team. The Security Intelligence Services team, that this role issituated in, provides security monitoring and use case … quickly with colleagues and customers. Competentand confident in customer facing situations. Qualifications and Experience Experienceas a Cyber SOC Analyst/or similar role. Provenexperience in deploying SIEM (Security Information and Event Management)and SOAR (Security orchestration, automation, and response) solutions toachieve positive outcomes. Our tools include Google ChronicleSIEM/Siemplify SOAR and LogRhythm, but experience with other platformssuch as Microsoft More ❯

such as CISSP, CISM, or CompTIA Security+ are essential. What Sets You Apart: Experience with cloud security (AWS, Azure). Hands-on experience with Security Information and Event Management (SIEM) systems. Ability to guide and advise in incident response situations. Inspires and guides people with clarity and confidence, making smart decisions that bring everyone together toward shared goals. Why Breedon More ❯

include: Assisting in monitoring network traffic and security alerts to identify potential threats. Supporting investigations into security incidents, gathering evidence and documenting findings. Using Security Information and Event Management (SIEM) tools to detect and analyse suspicious activities. Collaborating with the cyber security team to respond to incidents and implement mitigation strategies. Helping maintain and update incident response documentation and procedures. More ❯

Security Engineer who enjoys building, optimising, and automating SOC infrastructure. This role sits within a growing Cyber Defence operation where you’ll help design and maintain the platforms behind SIEM, EDR, SOAR, and threat intelligence tooling, improving detection coverage and enabling analysts to respond faster. Key responsibilities: Engineer and maintain SIEM, EDR, SOAR, and logging platforms. Develop automation and integrations More ❯

Please note this role does require the postholder to be based from our office in Derbyshire circa 3 days per week. Reporting to the IT Security Manager the postholder will monitor, analyse, and respond to security threats, ensuring the integrity More ❯

per week presence. The successful candidate will play a vital role in monitoring, analysing, and responding to security threats using tools such as Splunk, Flexera, and other industry-standard SIEM platforms. You'll investigate security incidents, coordinate with other IT and security teams, and support continuous improvement of threat detection and response processes. Key Requirements: Previous experience in a SOC … Analyst or similar cybersecurity role Strong expertise in Splunk or similar SIEM tools Familiarity with Flexera for vulnerability management Understanding of firewalls, network protocols, intrusion detection/prevention systems Relevant certifications (e.g., CISSP, CEH, Splunk) advantageous Must be eligible for Developed Vetting (DV) clearance , requiring 10 years continuous UK residency Please Note: All offers will be subject to standard pre More ❯

to cyber threats across diverse client environments, mentoring junior analysts, improving detection content, and helping drive SOC maturity. What you’ll do: Lead complex investigations and incident response. Develop SIEM/EDR use cases and correlation rules. Perform proactive threat hunting and support automation initiatives. Produce incident reports and guide remediation activities. Help coach and upskill junior analysts. You should … bring: 2–4 years’ experience in a SOC, CSIRT, or cyber defence environment. Solid knowledge of SIEM and EDR platforms (Sentinel, Splunk, Defender, CrowdStrike, etc.). Understanding of MITRE ATT&CK and network/cloud security principles. Strong analytical and communication skills. Bonus points for: Scripting or automation experience (KQL, PowerShell, Python). Background in threat hunting or vulnerability management. More ❯

Job Title: SIEM Engineer (Security Cleared) Location: United Kingdom (Must hold active Security Clearance) Job Type: Contract/Permanent Overview: We are seeking an experienced Security Information & Event Monitoring (SIEM) Engineer with active Security Clearance to join our cybersecurity team. The ideal candidate will be responsible for maintaining, developing, and optimizing the SIEM platform — ensuring effective log management, threat detection … and automation across complex IT and OT environments. Key Responsibilities: Manage, maintain, and enhance the SIEM platform ensuring optimal performance and scalability. Onboard and integrate new log sources, create custom parsers, and develop analytic rules. Design and maintain detection rulesets, scope, plan, and track log integrations. Develop automation for alert triage and incident remediation through SOAR tools. Collaborate with Threat … Detection & Response teams to ensure the SIEM platform aligns with security monitoring requirements. Participate in infrastructure projects and security tool integrations. Lead and mentor junior SIEM engineers, fostering a culture of continuous improvement. Key Skills & Experience: Active UK Security Clearance – Essential . Proven hands-on experience as a SIEM Engineer . Strong understanding of security log management across multiple domains More ❯

to detail. Proven experience with OT and IT security technologies, including firewalls, intrusion detection systems (IDS), vulnerability detection, network discovery, log collection systems, and security information and event management (SIEM) solutions. UK Driving Licence. About Us Affinity Water is the UKs largest water-only supplier , providing sustainable, high-quality water to 3.85million customers across the Southeast of England. We are More ❯

Role Assisting in monitoring network traffic and security alerts to identify potential threats. Supporting investigations into security incidents, gathering evidence and documenting findings. Using Security Information and Event Management (SIEM) tools to detect and analyse suspicious activities. Collaborating with the cyber security team to respond to incidents and implement mitigation strategies. Helping maintain and update incident response documentation and procedures. More ❯

Security (SIEM) Architect Location: Warwick, Hybrid IR Status: TBC Rate: £600 - £800 Length : 6-12 months, TBC Clearance: Must have active SC clearance. An exciting opportunity has emerged with an organisaiton supplying complex architectural, technical and delivery solutions across the UK Secure Government and Public Sectors. They are looking to bring in a specialist security archietct, with demonstrable experience of … having architected a SIEM capability ustiling the Elasticsearch toolset. There has been an initial scoping, you will come in and provide a full-scale holistic solution and will have the support of the architetural team that provided the initial scope. Architecture & Design Define and implement SIEM architecture using Elastic Stack (Elasticsearch, Logstash, Kibana, Beats). Design log ingestion pipelines, data … models, and correlation rules for security monitoring. Develop observability frameworks integrating logs, metrics, and traces. Implementation & Engineering Deploy and configure ElasticSearch clusters, Kibana dashboards, and Logstash pipelines. Integrate SIEM with cloud-native observability tools (AWS CloudWatch, Azure Monitor, GCP Operations Suite). Automate log collection and enrichment using Beats, OpenTelemetry, and scripting. Security Use Cases & Threat Detection Build and maintain More ❯

our cybersecurity operations-monitoring threats, investigating incidents, and safeguarding critical systems. Key Responsibilities Operate within a Security Operations Centre (SOC) or equivalent environment Monitor and respond to incidents using SIEM platforms Conduct system log analysis and threat detection Assist in vulnerability assessments and management Support incident resolution and reporting Required Skills & Experience At least 2 years' experience in a dedicated … Security Analyst role Hands-on experience with: SOC operations SIEM tools Vulnerability management Incident response and investigation Log and event analysis Preferred Qualifications Industry certifications such as CompTIA Security+ or equivalent (desirable) Practical experience preferred over formal education Security Clearance Requirements UK Nationals only Current SC clearance required DV preferred - or must be DV-eligible (as DV clearance will be More ❯

the Cyber Security Engineering Manager, you will be responsible for designing, implementing and maintaining our next-generation detection and log management platforms. This role sits at the intersection of SIEM engineering, cloud security, and advanced log pipeline management, ensuring that our enterprise maintains world-class detection fidelity, threat visibility and compliance across diverse environments.You will help us deliver improvements across … Detection. Additionally, you will work closely with our Cyber Security Operation Centre, wider security functions, specialist 3rd party security suppliers and our global IT and business teams. Key Responsibilities: SIEM engineering & Operations: Development of advanced detection rules, correlation searches, and playbooks to improve threat detection and response Perform log source onboarding, parsing, and data normalisation on various data types Experience … with design, development, configuration and maintenance of SIEM alerts to support our SOC Operations Log Management & Data Engineering: Engineer and maintain log pipelines using Cribl to optimise ingestion, filtering, routing and replay Ability to work confidently on intelligent log transformation, data enrichment and routing strategies Architect scalable solutions for log archival, data rehydration and compliance-driven retention Cloud Security: Leverage More ❯

Role: Security Information & Event Monitoring (SIEM) Engineer – **Security Cleared** Location: Reading/Havant – UK Mode: Hybrid (2 days office) Language: English Mandatory - **Clearance: Must be Security Cleared (Active SC)** Job Summary: Looking for an experienced SIEM Engineer to maintain and enhance the Security Monitoring platform. Responsible for log onboarding, custom parsers, rule creation, automation for triage and remediation, and integration … with other security tools. Key Responsibilities: Develop and manage the SIEM platform ensuring scalability and performance. Plan and implement solutions for security monitoring. Design and maintain detection rules. Lead and mentor SIEM team. Work closely with Threat Detection & Response team to support incident handling. Required Skills: Proven hands-on experience in SIEM engineering. Strong understanding of security logs across domains More ❯

Management: Plan and execute major database upgrades and periodic patching to maintain system stability. Database Logging & Monitoring: Configure and manage database logs for integration into a SIEM (Security information and event management) solution for monitoring and security compliance. High Availability & Failover Management: Monitor, maintain and orchestrate manual failover and failback procedures to maintain uptime. Automation & Scripting: Develop scripts using SQL More ❯

is operational and hands-on, maintaining and enhancing existing tools and controls, monitoring vulnerabilities and ensuring systems are patched and secure. Responsibilities: * Managing and optimising security tools and platforms (SIEM, XDR, IDAM policies etc.) * Monitoring vulnerabilities, investigating incidents and implementing corrective actions * Supporting patching compliance and vulnerability remediation * Ensuring security best practices are applied across networks, applications and systems * Participating … network engineering * Some exposure to, or a growing focus on, cybersecurity and vulnerability management * Understanding of network devices, configurations and security principles * Familiarity with common tools and concepts (e.g. SIEM, DLP, endpoint protection, firewalls, Cisco Secure Connect, etc.) * Confidence to identify issues, suggest improvements and work collaboratively across teams * A genuine passion for cyber security * Certifications such as CISSP, SC More ❯

offers a great shift pattern, ensuring you regularly have 5 days off and at least 2 weekends off per month. Key Responsibilities: Deliver excellent and thorough security analysis, taking SIEM output and actioning it accordingly. Push for improvements across the overall monitoring capability. Engage with a wide range of stakeholders, with varying levels of technical understanding. Be flexible on location … wellbeing. Suggest ideas for improving CND’s own internal security posture. Be proactive with client requirements, offering guidance and input to highly technical challenges. Essential Skills: Experience working with SIEM tools such as ArcSight, Splunk, LogRhythm, or AlienVault. Understanding of how to get the best from available tooling. Exposure to building capability and consulting with customers to change their environment. More ❯

of greenfield Identity and Access Management and Privileged Access Management solutions. You'll provide hands-on technical leadership, ensure secure-by-design implementation, and contribute to the development of SIEM/SOC capabilities. Key Responsibilities Lead end-to-end IAM/PAM design and delivery. Integrate IAM/PAM telemetry into SIEM tooling. Provide technical oversight for MSPs and vendors. … OpenID Connect . Familiarity with ISO 27001, NIST CSF, CAF & GDPR . Experience leading or overseeing MSPs. Current SC clearance . Desirable: Knowledge of Microsoft Sentinel, Splunk, or Elastic SIEM . Experience in SOC build or cyber transformation projects. Degree/HND in a relevant STEM field. More ❯

council offers its employees development opportunities, as well as a fair and flexible workplace. The council is a Living Wage Employer. Responsibilities: Assist in monitoring network traffic and using SIEM tools (e.g. FortiSIEM, Microsoft Sentinel) to detect suspicious activity and triage security risks. Support incident reporting and response, including risk assessments and vulnerability scans. Gain hands-on experience managing firewalls … within 48 hours. Handle walk-up incidents and participate in major incident responses. Support the ICT security incident response process and maintain the ICT Risk Register. Manage security dashboards (SIEM, FortiMail, FortiConsole, SOPHOS, Windows Defender). Oversee job assignments and SLA performance across teams. Support projects aligned with the Cyber Assessment Framework (CAF). Assist in updating and maintaining IT More ❯

best practices - Engagement with the R&D Cyber Defence Centre for Cyber Solutions/Products Skill Set Essential - Good knowledge of multiple SOC tooling including IDPS/Firewalls/SIEM/Splunk/Email & Web Protection etc. - Experience of implementing and fault finding Firewall technologies including Cisco ASR/Palo Alto/Fortinet - Excellent understanding of network technologies - Experience of … management AD/LDAP (IDM and PAM) Syslog management Cisco Networking (LAN and WAN) Satellite Powershell automation and scripting VMExplorer Backup and Restores ISO 27001 and cyber essentials McAfee SIEM Disaster recovery and service continuity More ❯