126 to 150 of 191 SIEM Jobs in the UK excluding London

to the team's success. Key Requirements: - Vendor certification of the following would be beneficial: VMware, MS Windows System Support, Cisco knowledge - LAN/WAN, Juniper, IP Trade. - McAfee SIEM Security - Security Information Events Management knowledge - IT/ICT further education What we offer: A career at Telent can span many sectors, roles, technologies and clients giving you the opportunity More ❯

to the team's success. Key Requirements: - Vendor certification of the following would be beneficial: VMware, MS Windows System Support, Cisco knowledge - LAN/WAN, Juniper, IP Trade. - McAfee SIEM Security - Security Information Events Management knowledge - IT/ICT further education What we offer: A career at Telent can span many sectors, roles, technologies and clients giving you the opportunity More ❯

Conduct routine security assessments, vulnerability scans, and assurance reviews to detect and address potential security weaknesses, vulnerabilities, and threats on servers and end point devices. Configure security tools including SIEM, anti-virus and other security solutions. Monitor and analyse security alerts, reports and systems to identify any potential security issues. Work with third party suppliers to reach support resolutions. Undertake More ❯

security controls across OT environments. Contribute to the assessment of OT network architecture, protocols, and change management processes. Lead incident response and remediation for cyber events detected by OT SIEM systems. Actively support vulnerability management and ensure threat exposure is minimised. Provide hands-on leadership in data and asset management, including backup and removable media deployments. Apply and track security More ❯

security controls across OT environments. Contribute to the assessment of OT network architecture, protocols, and change management processes. Lead incident response and remediation for cyber events detected by OT SIEM systems. Actively support vulnerability management and ensure threat exposure is minimised. Provide hands-on leadership in data and asset management, including backup and removable media deployments. Apply and track security More ❯

the Microsoft Defender suite (e.g., Defender for Endpoint, Defender for Cloud, Defender for Office 365) across customer environments. Implement and manage Microsoft Sentinel for security information and event management (SIEM), including connector deployment, playbook automation, and custom rule creation. Data Governance & Compliance: Implement and configure Microsoft Purview capabilities, including Data Loss Prevention (DLP) policies, Information Protection (sensitivity labels, encryption), and More ❯

to the team's success. Key Requirements: Vendor certification of the following would be beneficial: VMware, MS Windows System Support, Cisco knowledge - LAN/WAN, Juniper, IP Trade. McAfee SIEM Security - Security Information Events Management knowledge IT/ICT further education What we offer: A career at Telent can span many sectors, roles, technologies and clients giving you the opportunity More ❯

managed services, or SaaS). Strong communication skills, with confidence in executive-level and technical conversations. Experience supporting renewals and structured success planning. Familiarity with cybersecurity concepts such as SIEM and EDR, and managed security services. If you’re ready to make a real impact and grow your career in a supportive, forward-thinking environment, apply today More ❯

background in Managing IR Cases/Projects Strong knowledge of cyber security threats, attack vectors, IOC, remediation. Hands-on experience with a range of different forensic tools, ELK, EDR, SIEM, and log analysis, Open Source Toolkits Comfortable communicating with both technical and non-technical stakeholders during high-stress situations. You must have excellent communication skills. You must be adaptable, resilient More ❯

of existing security controls. Design and implement security solutions to mitigate identified risks. Implement, and manage security systems, including firewalls, intrusion detection/prevention systems, DLP, endpoint protection, MDM, SIEM, IAM, vulnerability management etc. Respond to security events and incidents. Perform regular security audits and risk assessments. Maintain security controls, identify risks and propose treatment plans. Conduct regular vulnerability scans … networking, infrastructure (on-prem and in the cloud), vulnerability and incident management. Familiarity with application/device security monitoring (e.g. Firewalls, IDS/IPS, XDR etc.). Experience with SIEM/CNAPP/Log collection platforms (e.g. CrowdStrike, Lacework etc.) and capability to design, implement and manage such solutions. Experience with implementation of identity and access management (IAM) solutions. Ability More ❯

within the Security Operations Center (SOC), you will help manage and support customer network security environments. Youll work on firewall configurations, troubleshooting, and incident response, while gaining exposure to SIEM tools and advanced security solutions. Full training and development opportunities will be provided. Key Responsibilities Monitor and manage client firewalls, VPNs, and network devices using centralized monitoring platforms and vendor … issues, and resolutions in the ticketing system and provide status updates to clients as needed. Collaborate with internal SOC and engineering teams to resolve complex incidents. Gain exposure to SIEM alert triage and basic investigation using Microsoft Sentinel or LogPoint (training provided). Essential Skills & Experience 12+ years of experience in a networking or firewall support role (or equivalent hands … with ticketing systems and remote monitoring tools. Strong communication and documentation skills. Desirable Skills & Experience Hands-on experience with Fortinet FortiGate and/or Check Point SmartConsole. Exposure to SIEM platforms (Microsoft Sentinel, LogPoint) or SOC environments (training provided). Relevant certifications (e.g., Fortinet NSE4, Check Point CCSA, CompTIA Network+/Security+). Knowledge of ITIL processes and service management More ❯

and is comfortable working with both technical and non-technical stakeholders. Key Responsibilities Lead investigations into escalated security incidents, including detailed analysis and root cause identification. Monitor and optimise SIEM tools (Splunk, QRadar, or similar), ensuring accurate detection and effective alerting. Perform malware analysis, reverse engineering, and develop detection signatures. Provide incident response leadership, from containment and eradication to recovery. … solution scoping, and client demonstrations when required. What We're Looking For 3+ years' experience in cybersecurity, preferably in a SOC or NOC environment. Strong hands-on experience with SIEM tools, specifically QRadar Solid understanding of incident response methodologies and DFIR principles. Knowledge of network traffic analysis, vulnerability management, penetration testing, and malware reverse engineering. Familiarity with ITIL processes (Incident More ❯

# SIEM Software Engineering LeadJob Req ID: 47802Posting Date: 11 Jul 2025Function: Cyber SecurityUnit: NetworksLocation: Snowhill, Birmingham, United KingdomSalary: Competitive with Great Benefits Recruiter: Mia James Career Grade: D Internal Closing Date: 26th Sept 2025 Why this job matters The new Network SIEM is essential to BT's network security, meeting TSA requirements and improving our CAF level. Being the … SIEM DevOps with SysOps Software Engineer you will play a critical role in designing, developing, implementing, and maintaining our strategic SIEM platform as part of the Security Engineering platform team, leading the implementation of the SIEM Automation strategy and providing guidance and oversight of the SIEM Platform Automation team. This role is hybrid (3 days in the week) and can … CI/CD pipeline Technical leadership working in a high performing team of engineers delivering state of the art security tools for BT. Be an active member of the SIEM/CDP log onboarding team, delivering SIEM/CDP functionality in line with the requirements. Act as product owner, breaking down top level requirements into product backlogs as part of More ❯

to deliver security operations Lead advance thread detection and incident resp0onse Onboard new customers Manage the transition of services into BAU support Your background: Hands-on experience with customers SIEM and EDR and automation tooling Deep understanding of delivering cyber security services in an MSP setting SC100 Cyber Security Architect certification is highly desirable If you fit these key requirements More ❯

SOC Engineer to join their Public Sector & Government business unit, supporting a major Highways programme . The role will involve engineering and enhancing SOC capabilities, integrating security tools, tuning SIEM use cases, and ensuring that monitoring, detection, and response functions are optimised to meet government security standards. Key Details: £530 per day (Inside IR35). 6-month contract, ending 27th More ❯

from a variety of industry leaders Experienced at working on bids and large or complex changes Excellent understanding of a variety of networks and routing protocols Network management or SIEM designs, tooling or support This contract is based on-site in Baskingstoke, some travel may be required. This is a great opportunity for an experienced Pre-Sales Network Architect. Due More ❯

internal process improvement, customer-facing engagements, and knowledge sharing across the wider SOC team. Key Responsibilities Detection Engineering and Delivery – You will develop, test, and deploy detection rules across SIEM, XDR, and other SOC platforms, supporting comprehensive, customer-aligned threat coverage. Lifecycle Management and Optimisation – You will monitor detection performance, tune rules to reduce false positives, and remediate logic or More ❯

to lead complex projects and make a tangible impact? We're looking for a Senior Cyber Engineer, with experience in designing and deploying Rapid7 , SentinelOne, (or similar XDR, MDR, SIEM, ) in an AWS environment, for our clients growing team in Crawley click apply for full job details More ❯

have a large SOC team that can boast some very high profile clients within the Defence sector. Due to expansion, we have this new role for a Senior SOC SIEM Content Engineer with broad experience of Cyber. If you possess robust technical abilities and are eager to apply your expertise to the fullest extent, this opportunity is ideal for you. … maintaining security content such as rules, dashboards, and reports for our Security Information and Event Management (SIEM) systems. This role requires a strong understanding of security procedures and experience working with SIEM platforms and within an MSSP environments where you may be working across multiple operational customers and projects. Hybrid Variable: Working in Hemel Hempstead OR Farnborough 1 to … Cleared OR eligible for DV Clearance. What you'll be doing: Develop, deploy, and uphold security content (including rules, dashboards, and reports) for our SIEM system. Continuously monitor and analyse SIEM data to identify and respond to potential security threats. Collaborate with SOC Analysts, Architects, Project Managers & Engineers to improve the precision and efficiency of the SIEM materials. Stay up More ❯

technical delivery and ideally Cyber Transformation programmes. The role is inside IR35 and you would be paid PAYE through us here at Opus.Skills required: - Cyber security projects- PAM, IDAM, SIEM, Data protection projects- Ideally some experience of RFP/Tendering More ❯

while enabling the business to run smoothly. What you'll be doing: Implementing and maintaining security controls across network, cloud, endpoints, and core infrastructure Owning key technologies like firewalls, SIEM, EDR, VPN, NAC, and vulnerability scanners Driving vulnerability management and hardening across the estate Supporting and responding to security incidents across infrastructure services Embedding security into infrastructure changes (firewall rules … Strong background in infrastructure or network security within a complex enterprise environment Solid knowledge of: Firewalls, VPN, IDS/IPS, network security controls Endpoint security (EDR, anti-malware, DLP) SIEM tools (e.g. Splunk, Sentinel) Vulnerability management (e.g. Qualys, Tenable) Cloud (Azure and/or AWS) Hands-on experience supporting or responding to security incidents Familiarity with frameworks such as ISO More ❯

Develop SOC policies, technical standards, and procedure documentation aligned to industry best practice. Log Management: Work with MSSPs and service owners to ensure log sources are onboarded into the SIEM solution. Create use cases to correlate suspicious activities across endpoints, networks, applications, and both on-premises and cloud environments. Incident Response: Improve playbooks and processes, lead escalated security incidents, oversee … platform by producing workflows to automate responses to common attack types and enhance operational playbooks. Digital Forensics: Use forensic tools and techniques to analyse data sources such as logs, SIEM data, applications, and network traffic patterns, and recommend appropriate response actions to ensure threats are contained and eradicated. Cyber Crisis Testing: Participate in cyber-attack simulations and scenario exercises to … a degree in Computer Science, Cybersecurity, IT, or a related subject. Ideally hold recognised security qualifications such as CISSP, AZ-500, GIAC/GCIA/GCIH, CASP+, CEH, or SIEM certifications. Strong knowledge of log correlation, analysis, forensics, and chain of custody requirements. Familiarity with regulatory frameworks (NCSC CAF, ISO/IEC 27001/27002, GDPR, CIS, NIST). Practical More ❯

Develop SOC policies, technical standards, and procedure documentation aligned to industry best practice. Log Management: Work with MSSPs and service owners to ensure log sources are onboarded into the SIEM solution. Create use cases to correlate suspicious activities across endpoints, networks, applications, and both on-premises and cloud environments. Incident Response: Improve playbooks and processes, lead escalated security incidents, oversee … platform by producing workflows to automate responses to common attack types and enhance operational playbooks. Digital Forensics: Use forensic tools and techniques to analyse data sources such as logs, SIEM data, applications, and network traffic patterns, and recommend appropriate response actions to ensure threats are contained and eradicated. Cyber Crisis Testing: Participate in cyber-attack simulations and scenario exercises to … a degree in Computer Science, Cybersecurity, IT, or a related subject. Ideally hold recognised security qualifications such as CISSP, AZ-500, GIAC/GCIA/GCIH, CASP+, CEH, or SIEM certifications. Strong knowledge of log correlation, analysis, forensics, and chain of custody requirements. Familiarity with regulatory frameworks (NCSC CAF, ISO/IEC 27001/27002, GDPR, CIS, NIST). Practical More ❯

You will be involved in assisting in monitoring network traffic and using SIEM tools (e.g. FortiSIEM, Microsoft Sentinel) to detect suspicious activity and triage security risks and supporting incident reporting and response, including risk assessments and vulnerability scans. Role Assist in monitoring network traffic and using SIEM tools (e.g. FortiSIEM, Microsoft Sentinel) to detect suspicious activity and triage security risks. … within 48 hours. Handle walk-up incidents and participate in major incident responses. Support the ICT security incident response process and maintain the ICT Risk Register. Manage security dashboards (SIEM, FortiMail, FortiConsole, SOPHOS, Windows Defender). Oversee job assignments and SLA performance across teams. Support projects aligned with the Cyber Assessment Framework (CAF). Assist in updating and maintaining IT More ❯

Optimization Continuously review, update, and document SOC processes, playbooks, and standard operating procedures (SOPs) to improve operational effectiveness. Technology Oversight Ensure the reliability and performance of security tools, including SIEM and EDR platforms. Lead the evaluation, selection, and implementation of new security technologies and enhancements. Reporting & Analytics Develop and maintain KPIs and metrics to assess SOC performance. Deliver regular reports … a Security Operations Centre (SOC) or related cybersecurity environment. Industry-recognised certifications (preferred), such as a cybersecurity degree, Network+, Security+, or equivalent technical qualifications. Strong hands-on knowledge of SIEM and EDR platforms, including experience configuring and writing queries (eg, SQL, KQL). Familiarity with cloud platforms (AWS, Azure, etc.) and securing hybrid IT environments. Excellent communication skills, both verbal More ❯