126 to 150 of 151 SIEM Jobs in the UK excluding London

cyber-attacks. Configuration and maintenance of the NMC central Microsoft Azure, Lighthouse and Sentinel platform. Development, maintenance, and deployment of detection rules and other SIEM content. Creation of custom solutions using both low-code and traditional development approaches. Providing support to forces for the configuration of Sentinel and log sources. … Leveraging Microsoft support for technical assistance and information regarding roadmap features. What you need to succeed in the role Experience of supporting and developing SIEM platforms in the context of a Security Operations Centre. Experience of log source configuration and parsing, as part of a SIEM implementation, including experience ...

team, providing frontline defence and hands-on technical support across a modern IT environment. What you'll do Monitor and triage security alerts from SIEM and endpoint protection tools. Investigate potential threats and escalate complex incidents where needed. Support vulnerability management and patching processes. Apply hardening techniques to Linux systems … and/or cloud platforms (Azure or AWS). Familiarity with scripting (PowerShell, Bash, or Python) is a plus. Any experience with security tooling (SIEM, EDR, vulnerability scanners) is beneficial. Why join? Structured training plan with funded certifications (e.g., Security+, SC-900, AZ-900). Clear progression path into advanced ...

complex security incidents. Your day will include: Leading incident response activities: investigating alerts, conducting threat hunting, and managing escalations. Tuning and configuring Splunk SIEM to reduce false positives and enhance detection accuracy. Handling advanced security investigations, including malware analysis, forensic reviews and sensitive internal cases. Correlating logs across multiple systems … excellent communication and stakeholder engagement. Youll bring: Strong background in SOC operations, ideally with experience in networking or infrastructure. Hands-on experience with Splunk SIEM, including configuration, tuning and creating meaningful detection use cases. Proven experience in incident response, threat hunting and malware investigation. Exposure to digital forensics and ...

and analysis. * Incident readiness and handling as part of the Computer Security Incident Response (CSIRT) team. * Monitor and administer Security Information and Event Management (SIEM). * Malware analysis and forensics research. * Understanding/differentiation of intrusion attempts and false positives. * Investigation tracking and threat resolution. * Vulnerability identification & mitigation/remediation. ...

technical work and mentoring others. Senior SOC Analyst essential skills Proven experience working within a SOC environment, ideally 3+ years Strong knowledge of SIEM, incident management and threat intelligence Experience with cloud security, networking and information security principles Understanding of IDAM, RBAC and joiners, movers and leavers processes Ability … consent for your application to be processed and submitted to the client in conjunction with this vacancy only. Key skills: Senior SOC Analyst, SOC, SIEM, Incident Response, Cloud Security, Threat Intelligence, IDAM, ISO 27001, Team Leadership ...

looking for a Managing Security Engineer (SIEM), you will lead the design, implementation and documentation of security monitoring platforms. You will ensure the right tooling is in place to protect and monitor our clients, working closely with cross-functional teams to assess risk, design security controls and define testing requirements. … . Advanced knowledge of SPL, KQL and EQL, focused on detection quality and noise reduction. Experience with automation and Infrastructure-as-Code in SIEM environments. Deep understanding of SIEM platform operations, including clustering, high availability, disaster recovery, scaling and performance optimisation. Strong problem-solving skills with a proactive approach ...

malware, ransomware, data breaches, and APT activity Take ownership of escalations from SOC L1 and drive incidents through to resolution Perform detailed analysis using SIEM and EDR tools such as Splunk and Microsoft Defender Conduct forensic analysis to determine root cause, scope, and impact Support containment, eradication, and recovery activities … Strong experience operating as a SOC L2 or equivalent CERT role Proven incident response capability in enterprise or MSSP environments Hands-on experience with SIEM platforms, ideally Splunk Experience with EDR technologies, preferably Microsoft Defender Solid understanding of network, endpoint, and cloud security fundamentals Experience investigating complex threats including ransomware ...

keep up with demand. In this varied role, you will act as a key member of the digital estate, monitoring real-time outputs from SIEM and endpoint protection systems while playing a hands-on role in incident management. Your work will bridge the gap between daily operations and long-term … join a market-leading business at an exciting time of growth with the opportunity to further develop your career. The Role: Daily analysis of SIEM, email security, and endpoint protection outputs. Investigation and reporting of security incidents and technical issues. Regular vulnerability scans and supporting internal/external audits. Creation ...

Data & Information Security Analyst – Hybrid Our client is urgently looking for an experienced Data & Information Security Analyst to join their team on a Fixed-Term contract basis, for 18 months initially with a view to ...

Data & Information Security Analyst – Hybrid Our client is urgently looking for an experienced Data & Information Security Analyst to join their team on a Fixed-Term contract basis, for 18 months initially with a view to ...

both technical and GRC security experience. Key Responsibilities: Oversee security incident management and response Threat management Configure, implement and maintain security tools such as SIEM, XDR, EDR, vulnerability management Implement and maintain security controls Conduct vendor risk assessments, support internal and external audits Governance, risk and compliance Skills & Experience: Proven … experience in Cyber Security operations, threat management Strong knowledge of SIEM, XDR, EDR, vulnerability management, firewalls and network security Good understanding of risk management, vendor security assessments and compliance Understanding of UK regulations, including Cyber Essentials, ISO27001, NIST On Offer: Salary up to £65,000 Hybrid working - approximately 2 days ...

Security Manager to evolve SOC capability Senior SOC Analyst essential skills Proven experience in a SOC or similar security operations environment Strong knowledge of SIEM, incident management and threat intelligence Understanding of cloud technologies and modern networking Experience with IDAM, JML processes and ITSM frameworks Ability to lead, support and … develop junior analysts Strong communication and stakeholder engagement skills Key skills: Senior SOC Analyst, SOC, SIEM, Security Incident Management, Threat Intelligence, Cloud Security, IDAM, ISO 27001, Team Leadership ...

incidents, you'll guide junior analysts, ensure smooth shift transitions, and help refine the tools and processes that keep the operation resilient. Responsibilities Oversee SIEM platforms and other monitoring tools to detect suspicious activity. Review and triage alerts, analysing logs to prioritise incidents effectively. Carry out containment measures and escalate … Contribute to the ongoing improvement and optimisation of security monitoring systems. What you'll need to succeed Hands-on experience with SPLUNK or similar SIEM tools in a SOC environment. Strong analytical mindset with the ability to solve problems under pressure. Excellent communication skills-both written and verbal-and ...

technology and career development. Skills required: Microsoft Certified: Security Operations Analyst Associate Certification (SC200) is a mandatory requirement for role fulfilment Experience working with SIEM technologies and security tooling An understanding of IT Infrastructure and Networking An understanding of vulnerability and threat management An understanding of the incident response lifecycle … responsible for providing Protective Monitoring Services across a range of Secure Customers. They will be responsible for the day to day monitoring using various SIEM Tools (Qradar, Sentinel & LogRhythm). Some of the responsibilities that come along with this role include the following: Security Analytics Incident investigation, triage and escalation ...

activities, including technical scoping, bid responses, service demonstrations, and stakeholder presentations Essential Duties Security Platform Deployment & Optimisation Deploy, configure, and tune SOC technologies across SIEM, EDR, SOAR, and log pipeline tooling Develop and maintain documentation to support repeatable, high-quality delivery Customer Engagement & Delivery Lead the implementation of engineering workstreams … technical design choices and balances customer needs with service feasibility Critical Competencies – Technical Fit Security Tooling & Architecture – Deep understanding of SOC-aligned technologies across SIEM, EDR, SOAR, log pipelines, and detection tooling. Telemetry and Log Management – Ability to design and deliver scalable architectures for data ingestion, correlation, and automation Networking ...

WSUS, and associated domain services • Manage VMware virtualisation platforms including ESXi, vCenter, and VMware Cloud Foundation • Operate and support ASTERIX VoIP systems • Maintain SIEM and monitoring platforms including Splunk, SCOM/SCCM, and telemetry tools • Perform Linux system administration, patching, and security hardening • Develop and maintain automation using PowerShell, Ansible … Security systems experience including IDS/IPS administration • Strong Active Directory and Microsoft infrastructure knowledge • VMware vSphere, ESXi, and VMware Cloud Foundation experience • SIEM and monitoring tools such as Splunk and System Centre Suite • Linux administration and security patching experience • Automation skills using PowerShell, Ansible, and GitLab This vacancy ...

WSUS, and related platforms Managing VMware virtualisation environments, including ESXi, vCenter, and VMware Cloud Foundation Operating and supporting ASTERIX VoIP systems Maintaining SIEM and monitoring platforms, including Splunk and Microsoft System Centre tooling Performing Linux system administration, patching, and security hardening Creating and maintaining automation using PowerShell, Ansible, and GitLab …/IPS Active Directory, ADFS, PKI, DNS, DHCP, GPO, RDS, WSUS, WAP VMware vSphere, ESXi, and VMware Cloud Foundation administration ASTERIX VoIP systems SIEM & monitoring: Microsoft System Centre Suite, Splunk Enterprise/ES/ITSI Telemetry platforms: OpenTelemetry, Telegraf Linux administration and security patching Automation and scripting using PowerShell, Ansible ...

SIEM Application Engineer Location: Birmingham | Hours: Full-time Our client, a large global technology organisation, is seeking an experienced contract (inside IR35) SIEM Application Engineer to design, deploy, and optimize Elastic SIEM solutions built on ECK, enhancing threat detection and security monitoring. The role is based in Birmingham (3 days … week on-site) and is initially until the end of March, with likely extensions. Key Responsibilities: Develop and maintain SIEM solutions using Elasticsearch and Elastic Stack (ELK). Create and optimize detection rules aligned with MITRE ATT&CK Framework. Fine-tune Elasticsearch queries, Logstash pipelines, and Kibana dashboards for performance ...

Information Security Analyst DGH Recruitment are currently recruiting on behalf of a leading client in the professional services industry who require an Information Security Analyst to join the firm in Leeds on an 18 month ...

Information Security Analyst DGH Recruitment are currently recruiting on behalf of a leading client in the professional services industry who require an Information Security Analyst to join the firm in Birmingham on an 18 month ...

DevOps Lead - Kubernetes/Docker/SIEM Birmingham - hybrid working - 3 days in the office/2 days remote £68-72k pa + bonus and benefits We are recruiting a fantastic opportunity to join a busy Security Application Engineering team and be instrumental in the design, development, implementation and … maintenance of a SIEM platform. You will lead the SIEM automation strategy and provide advise and guidance on SIEM platform automation to the DevOps team. Taking ownership of SIEM DevOps your technical experience will need to include Kubernetes, Docker, CI/CD, SIEM and development tools such as Python, JavaScript ...

Location: Hampshire Package: Competitive rate + benefits Industry: Defence & Security Technology What You’ll Be Doing Configure, deploy and maintain advanced security tools, including SIEM and vulnerability scanners. Develop alerts, dashboards and playbooks to detect and respond to incidents quickly. Manage and mitigate technical vulnerabilities across secure environments. Implement and … operations team. Work closely with technical teams to embed security best practices throughout CI/CD pipelines. Main Skills Needed Hands-on experience with SIEM configuration and management. Solid understanding of vulnerability management and threat frameworks (e.g. MITRE ATT&CK). Familiarity with securing CI/CD pipelines and modern ...

Newport Offering £90ph Inside IR35 Do you have experience in scripting and programming? Do you have experience with SOC tooling such as IDPS, Firewalls, SIEM, Splunk, etc.? Do you want to work with an industry-leading company? If your answer to these is yes, then this could be the role … Cyber Defence Centre for company Cyber Solutions/Products Your skillset may include: Good knowledge of multiple SOC tooling including IDPS/Firewalls/SIEM/Splunk/Email & Web Protection etc. Experience implementing and fault-finding Firewall technologies including Cisco ASR/Palo Alto/Fortinet Excellent understanding ...

teams to secure the solution. Key Responsibilities and Tasks Documenting security configuration Proactive management of technical vulnerabilities Deployment of security tooling (vulnerability scanning/SIEM/etc). Development of alerts and dashboards in SIEM configuration. Deploying secure lockdowns to information systems. Assist 2nd line Security Analysts in triaging critical … incidents. Experience (Essential) Knowledge of configuring SIEM tooling. Basic understanding of threat frameworks, such as ATT&CK. Understanding of CI/CD tools required to secure a pipeline. High standards in written report and/or design documentation. Experience (Nice to have) Experience of supporting information systems in a government ...

looking for an experienced SIEM Technical Consultant to join a high-profile MOD programme, supporting a key transition as an existing on-site consultant steps up into an Architect role. This is a crucial position, ensuring continuity, capability, and momentum across the security operations environment. You'll be working hands … ensuring a smooth transition What You'll Bring Active DV Clearance (essential) Strong, demonstrable experience with the Elastic product suite Confidence in hands-on SIEM configuration, dashboarding, and optimisation Ability to work collaboratively with partner teams and MOD stakeholders A proactive, value-driven mindset - someone who can elevate capability ...