126 to 150 of 210 SIEM Jobs in the UK excluding London

remediate vulnerabilities and implement security controls Document incidents and assist with post-incident analysis reports Support the management and optimisation of security tools including SIEM, IDS/IPS, firewalls, and endpoint protection Stay up to date with emerging security threats and technologies Contribute to cyber security projects and solution implementations … cyber hygiene and data protection best practices Key Skills: Degree in Cyber Security, IT, or a related discipline Knowledge of or understanding of SIEM, IDS/IPS, firewalls, and endpoint protection tools Basic understanding of networking principles and the OSI model Familiarity with scripting tools and Linux environments Strong analytical ...

Your day-to-day will include: Monitoring and triaging security events via our ITSM platform Analysing alerts using a range of security tools including SIEM, EDR, and email security platforms Leading deep-dive investigations and working with incident responders to contain and eradicate threats Acting as the escalation point … privilege access, endpoints, email, and cloud environments Translating complex security findings into clear, actionable communication for customers Enhancing alert playbooks and helping evolve our SIEM use cases Staying ahead of the threat landscape with CTI-informed analysis and mitigation advice Who you are: Proven experience in a SOC or similar ...

nation-state activity. In this Senior SOC Analyst role, you will: Monitoring, triaging and investigating security alerts in highly secure environments Analysing threats using SIEM, endpoint telemetry, network traffic and logs Supporting live incident response, escalation and containment activities Enhancing detections, rules and playbooks aligned to MITRE ATT&CK Producing … and adversary behaviour To secure this Senior SOC analyst role, you will have: Proven experience working in a Security Operations Centre (SOC) Hands-on SIEM experience (Microsoft Sentinel, Splunk, or similar) Strong understanding of MITRE ATT&CK and modern detection techniques Confident analysis across logs, endpoints and network traffic Solid ...

functional technical teams during major incidents, drive containment and recovery, and own post-incident reviews and playbooks. The role includes mentoring CIRT analysts , enhancing SIEM/SOAR automation, and continuously improving processes using frameworks such as MITRE ATT&CK, NIST 800-61, and PCI DSS. What this job is really … Incident Response, or Threat Hunting and are comfortable leading complex investigations, not just following a runbook.? You've used InsightIDR or another MDR/SIEM platform for rule creation, tuning and dashboards, and you're not afraid of SOAR tools like InsightConnect or Cortex XSOAR.? Python or PowerShell are part ...

adoption within the security strategy. Apply foundational security principles to new technologies and unconventional scenarios while enabling organisational objectives. What We're Looking For SIEM/SOAR: Proficiency in SIEM concepts, data source integration, and creating SOAR runbooks. Security Stack : Hands-on with EDR, XDR, WAF, and email security solutions. ...

both technical and GRC security experience. Key Responsibilities: Oversee security incident management and response Threat management Configure, implement and maintain security tools such as SIEM, XDR, EDR, vulnerability management Implement and maintain security controls Conduct vendor risk assessments, support internal and external audits Governance, risk and compliance Skills & Experience: Proven … experience in Cyber Security operations, threat management Strong knowledge of SIEM, XDR, EDR, vulnerability management, firewalls and network security Good understanding of risk management, vendor security assessments and compliance Understanding of UK regulations, including Cyber Essentials, ISO27001, NIST On Offer: Salary up to £65,000 Hybrid working - approximately 2 days ...

internal or external threats Conducting privileged account reviews Performing vulnerability and risk assessments Analysing security breaches to determine root cause Contributing to enhancing the SIEM platform Supporting continuous improvement across CSOC operations What you bring: Basic understanding of security threats and compromise methods Knowledge of servers, clients, and network technologies … management, and expectation management skills Desirable SC-200, CompTIA Security+, or related certifications Previous SOC experience Hands-on cyber incident response experience Experience with SIEM platforms, vulnerability assessments or antivirus tooling What can we offer you? Through our one of a kind training programme, the Littlefish Academy, you can increase ...

response process. Key Responsibilities: Investigate and respond to security alerts and incidents Perform threat analysis and incident investigation Analyse security logs and events using SIEM platforms Support the development of detection rules and threat monitoring Work with Tier 1 analysts to investigate and escalate complex threats Contribute to continuous improvement … Required Skills: Experience working within a SOC or security operations environment Strong understanding of security threats, vulnerabilities and attack techniques Hands-on experience with SIEM platforms (Splunk, Sentinel, QRadar, Elastic) Knowledge of endpoint security tools and incident response processes Strong analytical and investigative skills Nice to Have: Experience with CrowdStrike ...

incidents, overseeing team members and ensuring technical excellence throughout delivery. Support detection engineering and SecOps enhancement initiatives, including identifying coverage gaps in EDR/SIEM tooling and contributing to orchestration and automation playbooks. Work directly with client technical teams, acting as a trusted advisor and primary point of contact during … least two of the following areas: Digital forensics and technical incident response Enterprise security operations tooling and processes Detection engineering within EDR/SIEM environments, including addressing ATT&CK TTP coverage gaps Enterprise IT networks and Active Directory Cloud platforms such as Microsoft 365, Azure, AWS or GCP You will ...

across multiple SOC platforms and customer environments Oversee the full incident lifecycle detection, response, escalation, post-incident review Ensure effective use and optimisation of SIEM and SOAR platforms (Splunk, Sentinel, QRadar) Drive operational consistency using ITIL-aligned processes and CREST-aligned best practices Act as the senior point of contact … development Experience operating SOC services across multiple customers and security environments Deep understanding of incident management, escalation, and service delivery under pressure Knowledge of SIEM/SOAR tooling, ideally Splunk and/or Microsoft Sentinel Strong working knowledge of NIST, MITRE ATT&CK, ISO 27001, CREST, and ITIL Confident communicator ...

Delivery Own end-to-end technical design for Network Security services, including: Zero Trust Network Access (ZTNA) NGFW, NAC, IDS/IPS Proxy services SIEM/SOAR integrations Define and assure non-functional requirements (availability, scalability, performance, security, operability) Maintain architecture diagrams, security workflows, threat models, and integration contracts aligned … building, and operating enterprise network security platforms Deep hands-on expertise in one or more of: ZTNA, NGFW, NAC, IDS/IPS Proxy services SIEM/SOAR integrations Strong understanding of Zero Trust Architecture and policy-based access control Proven DevSecOps, IaC, and CI/CD experience Solid grounding ...

strong understanding of their monitored environments, log sources, and detection coverage. Your responsibility is to ensure Security technologies and services, spanning SOC operations, SIEM/XDR/EDR, Vulnerability & Exposure Management, and Security Automation & Orchestration (SOAR) are aligned to the client's strategy and objectives, adopted effectively, and continuously improved … owning success plans, roadmaps, and delivery outcomes. Technical and Professional Qualifications Practical experience with SOC platforms and technologies, including Microsoft Sentinel, CrowdStrike NG SIEM/XDR, Tenable One, EDR/EPP, and related SOC tools. Strong understanding of infrastructure, operating systems (Windows/Linux), Active Directory/identity management, and ...

strong understanding of their monitored environments, log sources, and detection coverage. Your responsibility is to ensure Security technologies and services, spanning SOC operations, SIEM/XDR/EDR, Vulnerability & Exposure Management, and Security Automation & Orchestration (SOAR) are aligned to the client's strategy and objectives, adopted effectively, and continuously improved … owning success plans, roadmaps, and delivery outcomes. Technical and Professional Qualifications Practical experience with SOC platforms and technologies, including Microsoft Sentinel, CrowdStrike NG SIEM/XDR, Tenable One, EDR/EPP, and related SOC tools. Strong understanding of infrastructure, operating systems (Windows/Linux), Active Directory/identity management, and ...

strong understanding of their monitored environments, log sources, and detection coverage. Your responsibility is to ensure Security technologies and services, spanning SOC operations, SIEM/XDR/EDR, Vulnerability & Exposure Management, and Security Automation & Orchestration (SOAR) are aligned to the client's strategy and objectives, adopted effectively, and continuously improved … owning success plans, roadmaps, and delivery outcomes. Technical and Professional Qualifications Practical experience with SOC platforms and technologies, including Microsoft Sentinel, CrowdStrike NG SIEM/XDR, Tenable One, EDR/EPP, and related SOC tools. Strong understanding of infrastructure, operating systems (Windows/Linux), Active Directory/identity management, and ...

strong understanding of their monitored environments, log sources, and detection coverage. Your responsibility is to ensure Security technologies and services, spanning SOC operations, SIEM/XDR/EDR, Vulnerability & Exposure Management, and Security Automation & Orchestration (SOAR) are aligned to the client's strategy and objectives, adopted effectively, and continuously improved … owning success plans, roadmaps, and delivery outcomes. Technical and Professional Qualifications Practical experience with SOC platforms and technologies, including Microsoft Sentinel, CrowdStrike NG SIEM/XDR, Tenable One, EDR/EPP, and related SOC tools. Strong understanding of infrastructure, operating systems (Windows/Linux), Active Directory/identity management, and ...

strong understanding of their monitored environments, log sources, and detection coverage. Your responsibility is to ensure Security technologies and services, spanning SOC operations, SIEM/XDR/EDR, Vulnerability & Exposure Management, and Security Automation & Orchestration (SOAR) are aligned to the client's strategy and objectives, adopted effectively, and continuously improved … owning success plans, roadmaps, and delivery outcomes. Technical and Professional Qualifications Practical experience with SOC platforms and technologies, including Microsoft Sentinel, CrowdStrike NG SIEM/XDR, Tenable One, EDR/EPP, and related SOC tools. Strong understanding of infrastructure, operating systems (Windows/Linux), Active Directory/identity management, and ...

strong understanding of their monitored environments, log sources, and detection coverage. Your responsibility is to ensure Security technologies and services, spanning SOC operations, SIEM/XDR/EDR, Vulnerability & Exposure Management, and Security Automation & Orchestration (SOAR) are aligned to the client's strategy and objectives, adopted effectively, and continuously improved … owning success plans, roadmaps, and delivery outcomes. Technical and Professional Qualifications Practical experience with SOC platforms and technologies, including Microsoft Sentinel, CrowdStrike NG SIEM/XDR, Tenable One, EDR/EPP, and related SOC tools. Strong understanding of infrastructure, operating systems (Windows/Linux), Active Directory/identity management, and ...

strong understanding of their monitored environments, log sources, and detection coverage. Your responsibility is to ensure Security technologies and services, spanning SOC operations, SIEM/XDR/EDR, Vulnerability & Exposure Management, and Security Automation & Orchestration (SOAR) are aligned to the client's strategy and objectives, adopted effectively, and continuously improved … owning success plans, roadmaps, and delivery outcomes. Technical and Professional Qualifications Practical experience with SOC platforms and technologies, including Microsoft Sentinel, CrowdStrike NG SIEM/XDR, Tenable One, EDR/EPP, and related SOC tools. Strong understanding of infrastructure, operating systems (Windows/Linux), Active Directory/identity management, and ...

strong understanding of their monitored environments, log sources, and detection coverage. Your responsibility is to ensure Security technologies and services, spanning SOC operations, SIEM/XDR/EDR, Vulnerability & Exposure Management, and Security Automation & Orchestration (SOAR) are aligned to the client's strategy and objectives, adopted effectively, and continuously improved … owning success plans, roadmaps, and delivery outcomes. Technical and Professional Qualifications Practical experience with SOC platforms and technologies, including Microsoft Sentinel, CrowdStrike NG SIEM/XDR, Tenable One, EDR/EPP, and related SOC tools. Strong understanding of infrastructure, operating systems (Windows/Linux), Active Directory/identity management, and ...

strong understanding of their monitored environments, log sources, and detection coverage. Your responsibility is to ensure Security technologies and services, spanning SOC operations, SIEM/XDR/EDR, Vulnerability & Exposure Management, and Security Automation & Orchestration (SOAR) are aligned to the client's strategy and objectives, adopted effectively, and continuously improved … owning success plans, roadmaps, and delivery outcomes. Technical and Professional Qualifications Practical experience with SOC platforms and technologies, including Microsoft Sentinel, CrowdStrike NG SIEM/XDR, Tenable One, EDR/EPP, and related SOC tools. Strong understanding of infrastructure, operating systems (Windows/Linux), Active Directory/identity management, and ...

strong understanding of their monitored environments, log sources, and detection coverage. Your responsibility is to ensure Security technologies and services, spanning SOC operations, SIEM/XDR/EDR, Vulnerability & Exposure Management, and Security Automation & Orchestration (SOAR) are aligned to the client's strategy and objectives, adopted effectively, and continuously improved … owning success plans, roadmaps, and delivery outcomes. Technical and Professional Qualifications Practical experience with SOC platforms and technologies, including Microsoft Sentinel, CrowdStrike NG SIEM/XDR, Tenable One, EDR/EPP, and related SOC tools. Strong understanding of infrastructure, operating systems (Windows/Linux), Active Directory/identity management, and ...

strong understanding of their monitored environments, log sources, and detection coverage. Your responsibility is to ensure Security technologies and services, spanning SOC operations, SIEM/XDR/EDR, Vulnerability & Exposure Management, and Security Automation & Orchestration (SOAR) are aligned to the client's strategy and objectives, adopted effectively, and continuously improved … owning success plans, roadmaps, and delivery outcomes. Technical and Professional Qualifications Practical experience with SOC platforms and technologies, including Microsoft Sentinel, CrowdStrike NG SIEM/XDR, Tenable One, EDR/EPP, and related SOC tools. Strong understanding of infrastructure, operating systems (Windows/Linux), Active Directory/identity management, and ...

strong understanding of their monitored environments, log sources, and detection coverage. Your responsibility is to ensure Security technologies and services, spanning SOC operations, SIEM/XDR/EDR, Vulnerability & Exposure Management, and Security Automation & Orchestration (SOAR) are aligned to the client's strategy and objectives, adopted effectively, and continuously improved … owning success plans, roadmaps, and delivery outcomes. Technical and Professional Qualifications Practical experience with SOC platforms and technologies, including Microsoft Sentinel, CrowdStrike NG SIEM/XDR, Tenable One, EDR/EPP, and related SOC tools. Strong understanding of infrastructure, operating systems (Windows/Linux), Active Directory/identity management, and ...

strong understanding of their monitored environments, log sources, and detection coverage. Your responsibility is to ensure Security technologies and services, spanning SOC operations, SIEM/XDR/EDR, Vulnerability & Exposure Management, and Security Automation & Orchestration (SOAR) are aligned to the client's strategy and objectives, adopted effectively, and continuously improved … owning success plans, roadmaps, and delivery outcomes. Technical and Professional Qualifications Practical experience with SOC platforms and technologies, including Microsoft Sentinel, CrowdStrike NG SIEM/XDR, Tenable One, EDR/EPP, and related SOC tools. Strong understanding of infrastructure, operating systems (Windows/Linux), Active Directory/identity management, and ...

strong understanding of their monitored environments, log sources, and detection coverage. Your responsibility is to ensure Security technologies and services, spanning SOC operations, SIEM/XDR/EDR, Vulnerability & Exposure Management, and Security Automation & Orchestration (SOAR) are aligned to the client's strategy and objectives, adopted effectively, and continuously improved … owning success plans, roadmaps, and delivery outcomes. Technical and Professional Qualifications Practical experience with SOC platforms and technologies, including Microsoft Sentinel, CrowdStrike NG SIEM/XDR, Tenable One, EDR/EPP, and related SOC tools. Strong understanding of infrastructure, operating systems (Windows/Linux), Active Directory/identity management, and ...