151 to 175 of 191 SIEM Jobs in the UK excluding London

Optimization Continuously review, update, and document SOC processes, playbooks, and standard operating procedures (SOPs) to improve operational effectiveness. Technology Oversight Ensure the reliability and performance of security tools, including SIEM and EDR platforms. Lead the evaluation, selection, and implementation of new security technologies and enhancements. Reporting & Analytics Develop and maintain KPIs and metrics to assess SOC performance. Deliver regular reports … a Security Operations Centre (SOC) or related cybersecurity environment. Industry-recognised certifications (preferred), such as a cybersecurity degree, Network+, Security+, or equivalent technical qualifications. Strong hands-on knowledge of SIEM and EDR platforms, including experience configuring and writing queries (eg, SQL, KQL). Familiarity with cloud platforms (AWS, Azure, etc.) and securing hybrid IT environments. Excellent communication skills, both verbal More ❯

detailed analysis and containment strategies. Perform malware analysis, reverse engineering, and develop detection signatures. Integrate threat intelligence into SOC operations, staying ahead of emerging attack techniques. Manage and optimise SIEM tools (Splunk, QRadar, Microsoft Sentinel). Develop SOC use cases, runbooks, and playbooks to improve response capability. Collaborate with IT, legal, and management teams during incident response. Support pre-sales … scoping for new opportunities. Contribute to continual service improvement and security tool enhancements Skills & Experience Strong background in incident response, SOC operations, and security investigations. Hands-on expertise with SIEM tools (Splunk, QRadar, Microsoft Sentinel). Deep understanding of network traffic analysis, vulnerability management, and penetration testing. Knowledge of DFIR principles, malware reverse engineering, and digital forensics. Familiarity with ITIL More ❯

In 2022 we built out an exciting SIEM/SOAR and ManagedDetection and Response service called SEP2.security, built upon Google CloudSecurity's Chronicle stack. Due to customer demand, we are now looking to hire aPrincipal Cyber Security Engineer to join this every growing team. The Security Intelligence Services team, that this role issituated in, provides security monitoring and use case … quickly with colleagues and customers. Competentand confident in customer facing situations. Qualifications and Experience Experienceas a Cyber SOC Analyst/or similar role. Provenexperience in deploying SIEM (Security Information and Event Management)and SOAR (Security orchestration, automation, and response) solutions toachieve positive outcomes. Our tools include Google ChronicleSIEM/Siemplify SOAR and LogRhythm, but experience with other platformssuch as Microsoft More ❯

platforms to onboard customers in live services Lifecycle Management – You support the full lifecycle of platform engineering, including patching, maintenance activities, upgrades, and coordinated service transitions Skills and Attributes SIEM and XDR Engineering experience Telemetry and Log Management experience Infrastructure Troubleshooting experience Automation & Integration experience Desirable (but not essential) MSSP Background Benefits At Claranet, we go the extra mile with More ❯

inside IR35 - Due to the service of the role, it will now be based on an Umbrella solution. Essential skills/experience required: 2+ years in security platform management ( SIEM, SOAR ). Expertise in enterprise-level monitoring and supporting large user bases (10,000+ users). Experience in creating/managing security playbooks and knowledge of public sector standards. Experience … adjustments at any point during the recruitment process or if there is a better way for us to communicate, please do let us know. Cyber, Security, Cybersecurity, Infosecurity, InfoSec, SIEM, Security Information Event Management, SOAR, Security Orchestration Automation Response, XSIAM, Extended Security Intelligence Automation Management, Security Check, Sc Level, Sc Cleared, Sc Clearance, Security Cleared, Security Clearance, Security Vetting Clearance More ❯

with strong feedback. Your new role This is an interesting opportunity where you will work with the cyber resilience team and assist with the Security Operations function, including EDR, SIEM, gathering security control framework evidence and general day to day assistance with security tasks. You will help deliver strategy which will enhance the organisations security resilience, proactively contributing to mitigating … social engineering campaigns. Stay informed about emerging cyber threats and vulnerabilities. What you'll need to succeed Good knowledge and understanding of SOC processes and procedures. Basic experience using SIEM systems such as MS Sentinel, LogRhythm, AlienVault, Splunk Good understanding of incident response stages and handling. Basic knowledge and experience using leading endpoint detection and threat management products and managing More ❯

with strong feedback. Your new role This is an interesting opportunity where you will work with the cyber resilience team and assist with the Security Operations function, including EDR, SIEM, gathering security control framework evidence and general day to day assistance with security tasks. You will help deliver strategy which will enhance the organisations security resilience, proactively contributing to mitigating … social engineering campaigns. Stay informed about emerging cyber threats and vulnerabilities. What you'll need to succeed Good knowledge and understanding of SOC processes and procedures. Basic experience using SIEM systems such as MS Sentinel, LogRhythm, AlienVault, Splunk Good understanding of incident response stages and handling. Basic knowledge and experience using leading endpoint detection and threat management products and managing More ❯

re looking for a hands-on L3 Senior Incident Responder who can lead on complex security investigations, manage high-severity incidents, and bring real expertise in Splunk and wider SIEM technologies. This is a critical role within the SOC, where you’ll be the escalation point for L1 and L2 analysts and take ownership of incident containment, remediation, and post … incident review. What you’ll do: Act as the L3 escalation point , leading investigations into complex incidents escalated by L1/L2 analysts. Use Splunk and other SIEM tools to detect, investigate, and respond to security events. Perform detailed forensic analysis, root cause analysis, and malware investigation. Lead incident response activities end-to-end, ensuring containment, eradication, and recovery. Develop … looking for: Proven L3 SOC experience . 5+ years’ experience in IT security , ideally within a SOC/NOC environment. Strong knowledge and hands-on expertise with Splunk (other SIEM exposure beneficial). Solid understanding of DFIR principles, vulnerability management, and ethical hacking. Strong grasp of network traffic flows, malware analysis, and reverse engineering. Excellent written and verbal communication skills More ❯

re looking for a hands-on L3 Senior Incident Responder who can lead on complex security investigations, manage high-severity incidents, and bring real expertise in QRadar and wider SIEM technologies. This is a critical role within the SOC, where you’ll be the escalation point for L1 and L2 analysts and take ownership of incident containment, remediation, and post … incident review. What you’ll do: Act as the L3 escalation point , leading investigations into complex incidents escalated by L1/L2 analysts. Use QRadar and other SIEM tools (Splunk, Sentinel) to detect, investigate, and respond to security events. Perform detailed forensic analysis, root cause analysis, and malware investigation. Lead incident response activities end-to-end, ensuring containment, eradication, and … for: Proven L3 SOC experience . 3–5+ years’ experience in IT security , ideally within a SOC/NOC environment. Strong knowledge and hands-on expertise with QRadar (other SIEM exposure beneficial). Solid understanding of DFIR principles, vulnerability management, and ethical hacking. Strong grasp of network traffic flows, malware analysis, and reverse engineering. Excellent written and verbal communication skills More ❯

re looking for a hands-on L3 Senior Incident Responder who can lead on complex security investigations, manage high-severity incidents, and bring real expertise in QRadar and wider SIEM technologies. This is a critical role within the SOC, where you’ll be the escalation point for L1 and L2 analysts and take ownership of incident containment, remediation, and post … incident review. What you’ll do: Act as the L3 escalation point , leading investigations into complex incidents escalated by L1/L2 analysts. Use QRadar and other SIEM tools (Splunk, Sentinel) to detect, investigate, and respond to security events. Perform detailed forensic analysis, root cause analysis, and malware investigation. Lead incident response activities end-to-end, ensuring containment, eradication, and … for: Proven L3 SOC experience . 3–5+ years’ experience in IT security , ideally within a SOC/NOC environment. Strong knowledge and hands-on expertise with QRadar (other SIEM exposure beneficial). Solid understanding of DFIR principles, vulnerability management, and ethical hacking. Strong grasp of network traffic flows, malware analysis, and reverse engineering. Excellent written and verbal communication skills More ❯

re looking for a hands-on L3 Senior Incident Responder who can lead on complex security investigations, manage high-severity incidents, and bring real expertise in QRadar and wider SIEM technologies. This is a critical role within the SOC, where you’ll be the escalation point for L1 and L2 analysts and take ownership of incident containment, remediation, and post … incident review. What you’ll do: Act as the L3 escalation point , leading investigations into complex incidents escalated by L1/L2 analysts. Use QRadar and other SIEM tools (Splunk, Sentinel) to detect, investigate, and respond to security events. Perform detailed forensic analysis, root cause analysis, and malware investigation. Lead incident response activities end-to-end, ensuring containment, eradication, and … for: Proven L3 SOC experience . 3–5+ years’ experience in IT security , ideally within a SOC/NOC environment. Strong knowledge and hands-on expertise with QRadar (other SIEM exposure beneficial). Solid understanding of DFIR principles, vulnerability management, and ethical hacking. Strong grasp of network traffic flows, malware analysis, and reverse engineering. Excellent written and verbal communication skills More ❯

per week presence. The successful candidate will play a vital role in monitoring, analysing, and responding to security threats using tools such as Splunk, Flexera, and other industry-standard SIEM platforms. You'll investigate security incidents, coordinate with other IT and security teams, and support continuous improvement of threat detection and response processes. Key Requirements: Previous experience in a SOC … Analyst or similar cybersecurity role Strong expertise in Splunk or similar SIEM tools Familiarity with Flexera for vulnerability management Understanding of firewalls, network protocols, intrusion detection/prevention systems Relevant certifications (e.g., CISSP, CEH, Splunk) advantageous Must be eligible for Developed Vetting (DV) clearance , requiring 10 years continuous UK residency Please Note: All offers will be subject to standard pre More ❯

to lead complex projects and make a tangible impact? We're looking for a Senior Cyber Engineer, with experience in designing and deploying Rapid7 , SentinelOne, (or similar XDR, MDR, SIEM, ) in an AWS environment, for our clients growing team in Crawley. The role will be a mixture of office and remote based work, with travel to client sites where needed. … the cyber resilience function. What You'll Bring: Proven experience in threat intelligence, risk management, incident response, compliance (e.g., GDPR, ISO 27001), and security architecture. Hands-on experience with: SIEM Rapid7, InsightIDR XDR (SentinelOne preferred) Firewalls (Fortinet preferred) PAM (Delinea preferred) SSE/ZTNA (Netskope preferred) Cloud security/CNAPP SOAR Automation tools (Ansible, Terraform) A track record of leading … are interested in the above role - Click the 'Apply Now' button now for immediate review Senior Rapid7 Engineer, Rapid7 Engineer, Senior Rapid7 Engineer, Cyber Engineer, Cyber Architect, Rapid7, Delinea, SIEM, XDR, Sentinel, Fortinet Circle Recruitment is acting as an Employment Agency in relation to this vacancy. Earn yourself a referral bonus if you refer somebody else who fills the role More ❯

to lead complex projects and make a tangible impact? We're looking for a Senior Cyber Engineer, with experience in designing and deploying Rapid7 , SentinelOne, (or similar XDR, MDR, SIEM, ) in an AWS environment, for our clients growing team in Crawley. The role will be a mixture of office and remote based work, with travel to client sites where needed. … the cyber resilience function. What You'll Bring: Proven experience in threat intelligence, risk management, incident response, compliance (e.g., GDPR, ISO 27001), and security architecture. Hands-on experience with: SIEM Rapid7, InsightIDR XDR (SentinelOne preferred) Firewalls (Fortinet preferred) PAM (Delinea preferred) SSE/ZTNA (Netskope preferred) Cloud security/CNAPP SOAR Automation tools (Ansible, Terraform) A track record of leading … are interested in the above role - Click the 'Apply Now' button now for immediate review Senior Rapid7 Engineer, Rapid7 Engineer, Senior Rapid7 Engineer, Cyber Engineer, Cyber Architect, Rapid7, Delinea, SIEM, XDR, Sentinel, Fortinet Circle Recruitment is acting as an Employment Agency in relation to this vacancy. Earn yourself a referral bonus if you refer somebody else who fills the role More ❯

the cyber resilience function. What You'll Bring: Proven experience in threat intelligence, risk management, incident response, compliance (e.g., GDPR, ISO 27001), and security architecture. Hands-on experience with: SIEM Rapid7, InsightIDR XDR (SentinelOne preferred) Firewalls (Fortinet preferred) PAM (Delinea preferred) SSE/ZTNA (Netskope preferred) Cloud security/CNAPP SOAR Automation tools (Ansible, Terraform) A track record of leading … you are interested in the above role - Click the 'Apply Now' button now for immediate review Senior Cyber Consultant, Cyber Consultant, Senior Cyber Consultant, Senior Cyber Consultant, Rapid7, Delinea, SIEM, XDR, Sentinel, Fortinet Circle Recruitment is acting as an Employment Agency in relation to this vacancy. Earn yourself a referral bonus if you refer somebody else who fills the role More ❯

involve the following: * Endpoint monitoring and analysis. * Incident readiness and handling as part of the Computer Security Incident Response (CSIRT) team. * Monitor and administer Security Information and Event Management (SIEM). * Malware analysis and forensics research. * Understanding/differentiation of intrusion attempts and false positives. * Investigation tracking and threat resolution. * Vulnerability identification & mitigation/remediation. * Compose security alert notifications. * Advise More ❯

encryption technologies Adhere to enterprise governance review processes to deliver project goals deliverables Follow enterprise ITSM CMDB processes Monitor and analyze security s using Security Information and Event Management SIEM tools and respond to security incidents in a timely and effective manner Collaborate with cross functional teams to develop and enforce identity and access management IAM policies and network access … Zero Trust Network Access in ITOT environments Proficiency in configuring managing and troubleshooting firewalls Cisco Palo Alto etc Experience with intrusion detection/prevention systems as well as with SIEM tools and security incident response Excellent problem solving skills analytical thinking and the ability to communicate effectively with diverse stakeholders CERTIFICATIONS (any of below) Cisco Certified Network ProfessionalExpert in Security More ❯

protect front-line policing from cyber-attacks. Configuration and maintenance of the NMC central Microsoft Azure, Lighthouse and Sentinel platform. Development, maintenance, and deployment of detection rules and other SIEM content. Creation of custom solutions using both low-code and traditional development approaches. Providing support to forces for the configuration of Sentinel and log sources. Testing and implementing new Sentinel … implement new tools and technologies. Leveraging Microsoft support for technical assistance and information regarding roadmap features. What you need to succeed in the role Experience of supporting and developing SIEM platforms in the context of a Security Operations Centre. Experience of log source configuration and parsing, as part of a SIEM implementation, including experience of data normalisation using RegEx. Experience More ❯

other regulated industry) Are you a hands-on Security Engineer with strong Azure expertise? Were looking for an all-rounder who can bring deep knowledge of observability, IDAM, and SIEM/SOC integrations into a complex, regulated environment. This role sits at the heart of our cloud security strategy, working with modern tools and protocols to keep our platforms secure … scalable, and compliant. What youll be doing Leading security initiatives across Azure and hybrid environments Working with SIEM, SOC/NOC, and IDAM integrations Driving best practice with Microsoft Entra (Azure AD/IDAM protocols) Using and optimising tools like Sentinel, Splunk, Datadog, OpenTelemetry, and ELK Supporting observability, scanning, and incident response capabilities Tackling complex security challenges in a financial … What were looking for Proven experience as a Security Engineer , ideally in financial services or insurance Strong knowledge of Azure security and cloud-native security tools Hands-on with SIEM, SOC/NOC, IDAM, and observability frameworks Experience with Microsoft Entra, Sentinel, Splunk, Datadog, OpenTelemetry, and ELK Excellent problem-solving skills and the ability to work in a complex, regulated More ❯

Leading daily SOC operations, task prioritisation and shift management Acting as the escalation point for complex incidents and investigations Reviewing, tuning and enhancing detection rules, alerts and playbooks in SIEM/SOAR tools Providing mentorship and technical guidance to SOC analysts Driving post-incident reviews, root cause analysis and continuous improvement Conducting proactive threat hunting and supporting compliance/audit … response capability What you'll bring 3+ years' experience in a SOC or security operations role Strong knowledge of incident detection, response and threat analysis Hands-on experience with SIEM, SOAR and endpoint detection tools Excellent problem-solving, analytical and communication skills A degree in a relevant subject or equivalent experience Relevant certifications such as GCIA, GCIH, CEH or CompTIA More ❯

reverse engineering. DV Clearance. Programming and scripting such as Python, Perl, Bash, PowerShell, C++.CREST Practitioner Intrusion Analyst/Blue Teams Level 1 or other SOC related certifications. Experience with SIEM technologies, namely Sentinel and Splunk, with some experience with QRadar. Overview Position – SOC Shift Lead – Permanent Location – Hemel Hempstead Salary - From £58K to £65K dependant on experience Keywords: SOC, Security … Operations Centre, Sentinel, Splunk, Mitre Att&ck, SIEM, QRadar Only apply for this role if you currently hold the specific Government Security Clearance or are eligible for Government Security Clearance. Due to the nature of work undertaken at our client's site, incumbents of these positions are required to meet special nationality rules and therefore these vacancies are only open More ❯

reverse engineering. DV Clearance. Programming and scripting such as Python, Perl, Bash, PowerShell, C++.CREST Practitioner Intrusion Analyst/Blue Teams Level 1 or other SOC related certifications. Experience with SIEM technologies, namely Sentinel and Splunk, with some experience with QRadar. Overview Position – SOC Shift Lead – Permanent Location – Hemel Hempstead Salary - From £58K to £65K dependant on experience Keywords: SOC, Security … Operations Centre, Sentinel, Splunk, Mitre Att&ck, SIEM, QRadar Only apply for this role if you currently hold the specific Government Security Clearance or are eligible for Government Security Clearance. Due to the nature of work undertaken at our client's site, incumbents of these positions are required to meet special nationality rules and therefore these vacancies are only open More ❯

reverse engineering. DV Clearance. Programming and scripting such as Python, Perl, Bash, PowerShell, C++.CREST Practitioner Intrusion Analyst/Blue Teams Level 1 or other SOC related certifications. Experience with SIEM technologies, namely Sentinel and Splunk, with some experience with QRadar. Overview Position – SOC Shift Lead – Permanent Location – Hemel Hempstead Salary - From £58K to £65K dependant on experience Keywords: SOC, Security … Operations Centre, Sentinel, Splunk, Mitre Att&ck, SIEM, QRadar Only apply for this role if you currently hold the specific Government Security Clearance or are eligible for Government Security Clearance. Due to the nature of work undertaken at our client's site, incumbents of these positions are required to meet special nationality rules and therefore these vacancies are only open More ❯

of governance artefacts. You will also engage with engineering teams and managed service providers (MSPs) to ensure that OT security controls are effectively designed, implemented, and sustained. Experience with SIEM/SOC integration is valuable and considered desirable. Accountabilities: Lead the design and delivery of the OT Security Strategy, policies, and standards. Define governance processes for OT security, ensuring alignment … third-party security service providers. o Strong communication and documentation skills, particularly in policy/standards creation. o Eligible for SC-level national security clearance. Desirable o Familiarity with SIEM/SOC integration for OT environments. o Experience with OT asset discovery, monitoring, and security tool deployment. o Exposure to regulatory compliance in critical infrastructure (e.g., NIS Directive, UK CAF More ❯

of governance artefacts. You will also engage with engineering teams and managed service providers (MSPs) to ensure that OT security controls are effectively designed, implemented, and sustained. Experience with SIEM/SOC integration is valuable and considered desirable. Accountabilities: Lead the design and delivery of the OT Security Strategy, policies, and standards. Define governance processes for OT security, ensuring alignment … third-party security service providers. o Strong communication and documentation skills, particularly in policy/standards creation. o Eligible for SC-level national security clearance. Desirable o Familiarity with SIEM/SOC integration for OT environments. o Experience with OT asset discovery, monitoring, and security tool deployment. o Exposure to regulatory compliance in critical infrastructure (e.g., NIS Directive, UK CAF More ❯