151 to 175 of 313 SIEM Jobs in the UK excluding London

Develop, implement, and oversee enterprise-wide security operations to detect, prevent, and respond to cyber threats. Lead and enhance Security Information and Event Management (SIEM) and Threat Intelligence capabilities. Lead security incident response and forensic investigations, ensuring robust incident handling and mitigation. Report on cybersecurity KPIs and manage significant IS … cybersecurity leadership roles within enterprise-sized organisations. Proven track record in Security Operations, Risk Management, IAM, and Compliance. Hands-on experience with security tools such as SIEM, EDR/XDR, Firewalls, IDS/IPS, DLP, and IAM solutions. Working knowledge of security frameworks: ISO 27001, NIST, CIS, SOC 2, GDPR More ❯

address security flaws. Goals of the Job: Internal penetration testing Red Team Assessment Key Responsibilities: Manage Network Access Control, firewalls, IPS/IDS systems, SIEM, EDR, email filters, etc. Set up attack tools, methods, and processes against authorized OISSG client infrastructure and use them safely. Develop scripts, tools, or plans More ❯

analytics without the high costs of indexing or hot storage. We provide comprehensive monitoring of logs, metrics, traces, and security events, featuring APM, RUM, SIEM, Kubernetes monitoring, and more, enhancing operational efficiency and reducing observability expenses by up to 70%. Position Overview: As the Technical Account Manager (TAM) Team More ❯

TACACS and 802.1X. Advanced knowledge of Palo Alto Firewalls, including policy configurations, VPNs, and Global Protect. Riverbed WAN acceleration products. Solarwinds Monitoring, NetFlow, Syslog, SIEM logging. QoS. Cisco CUCM - Call Manager. CUBE routers and SIP. Teams Telephony. Exposure to Azure Networking - vNet's, Peering/Routing, NSGs, ExpressRoute, overlay networks More ❯

Automation skills with Bash, Python, Go and PowerShell Networking & Security with VPC, Nginx, HAProxy, AWS CloudFront, AWS ALB/NLB, AWS WAF & Shield and SIEM tools Excellent people, communication & inter-personal skills with the ability to work as part of a project team and on own initiative Any additional knowledge More ❯

of ThreatINSIGHT for Network Detection and Response (NDR). Design and deliver cloud visibility solutions across AWS, Azure, and GCP. Support seamless integration into SIEM and security monitoring platforms. Develop detailed installation, configuration, and operational documentation. Proactively identify service improvements and best practice enhancements. Essential Skills: Proven hands-on experience More ❯

the Cyber Security Teams at a technical level to install cyber security product technologies and systems, such as firewalls, end point protection, encryption, VPN, SIEM, PAM, VM etc. Support the Cyber Security Teams to lead root cause analysis of cyber security related incidents to ensure prompt action is taken to … them quickly. Certifications : Relevant certifications in cyber security, such as CISSP, CISM, CEH, SSCP, or CCSP. Further technical certifications in Microsoft Azure, Networking, Firewall, SIEM, PAM or VM Products are beneficial. Technical Capabilities : Technical competence in one or more of the following areas IPSec VPN's, Networking, Network Security, MFA More ❯

security solutions to prevent cyber threats. Incident Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. Monitor, audit, and improve infrastructure security posture using automated tooling. Policy & Procedures: Define and enforce security policies … automation. Knowledge of DevOps pipelines (CI/CD) and security hardening. Deep understanding of PCI DSS compliance, security frameworks, and audit processes. Familiarity with SIEM solutions, security orchestration platforms, and log management. Strong experience with incident response planning, threat detection, and mitigation. Ability to define security policies, procedures, and structured More ❯

prioritize workload, and manage competing demands. * Experience in analyzing IT logs and event sources is preferred. * Monitor and administer Security Information and Event Management (SIEM). * Malware analysis and forensics research. * Understanding/differentiation of intrusion attempts and false positives. * Investigation tracking and threat resolution. * Familiarity with data storage systems … prioritize workload, and manage competing demands. * Experience in analyzing IT logs and event sources is preferred. * Monitor and administer Security Information and Event Management (SIEM). * Malware analysis and forensics research. * Understanding/differentiation of intrusion attempts and false positives. * Investigation tracking and threat resolution. * Familiarity with data storage systems More ❯

Role Overview: Utilising knowledge of security operations, incident response, and detection engineering, you will be responsible for the delivery of SIEM detections and security automations. The successful candidate will be proficient in automation and orchestration tools (e.g., SOAR platforms, scripting languages like Python, PowerShell) and have experience with integrating security … tools (e.g., SIEM, EDR, firewalls) APIs, and Case Management tools for data enrichment. Responsibilities: Build security automations, logging, and SIEM detections to improve the CDO's efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline CDO operations, including incident response, threat hunting, cyber … repetitive tasks and automate them to improve operational efficiency. Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions. Continuously evaluate automation solutions for performance, reliability, and scalability, making improvements, as necessary. Collaborate with third-party More ❯

in the management of IDS/IPS, Firewalls, VPN, EDR/XDR, mail filtering and other security products Experience of Security Information Event Management (SIEM) tools Any experience or knowledge of ISO27001 as well as with penetration testing/vulnerability scanning would be highly advantageous The list above is important More ❯

in the management of IDS/IPS, Firewalls, VPN, EDR/XDR, mail filtering, and other security products Experience with Security Information Event Management (SIEM) tools Any experience or knowledge of ISO27001 as well as with penetration testing/vulnerability scanning would be highly advantageous The list above is important More ❯

Collaborate with external audit teams to streamline processes and provide requested documentation and evidence. Security Monitoring: Use tools such as Rapid7 InsightIDR or other SIEM solutions to assist with security monitoring and incident detection. Incident Response Support: Participate in incident response efforts, documenting security incidents and assisting in containment and … ISO 27001, ISO 27701, ISO 42001, GDPR, DORA, Cyber Essentials, and Cyber Essentials Plus. Familiarity with CSOC tools such as Rapid7 InsightIDR or other SIEM solutions. Hands-on experience in internal and external audits, compliance assessments, and process improvement. Basic understanding of incident response frameworks and cybersecurity best practices. Exceptional More ❯

TrueSight Identity protection and corporate tools including AAIP, MDI, and MCAS PUAM systems, especially CyberArk Security logging and monitoring, preferably with PRISM or similar SIEM solutions Solid understanding of security frameworks (e.g., NIST, ISO 27001) and compliance requirements. Proven experience in low-level design (LLD) documentation and system integration. Our More ❯

TrueSight Identity protection and corporate tools including AAIP, MDI, and MCAS PUAM systems, especially CyberArk Security logging and monitoring, preferably with PRISM or similar SIEM solutions Solid understanding of security frameworks (e.g., NIST, ISO 27001) and compliance requirements. Proven experience in low-level design (LLD) documentation and system integration. Our More ❯

experience leading regulatory compliance programs Excellent communication skills and a talent for building strong stakeholder relationships Experience in security assurance across services like SOC, SIEM, IAM, and more Professional certifications (CISM, CISSP, ISO27001 Audit) highly desirable You’ll be part of a dynamic, purpose-driven team in a pivotal role More ❯

and WAF. Experience working in a regulated financial environment. And if you have any of these, even better Threat hunting experience Blue Team experience SIEM detection writing experience We don't expect you to tick every box; if you meet most of the criteria, we encourage you to explore this More ❯

experience working within an MSP environment, with a strong understanding of managed security services. Technical Expertise: Hands-on experience with security technologies such as SIEM, EDR, SOAR, vulnerability and exposure management tooling, threat intelligence, and data security solutions. Pre-Sales & Consulting Experience: Proven experience in a pre-sales, solution consulting More ❯

SSO, and Privileged Access Management (PAM). • Lead threat monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. • Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). • Conduct regular security risk assessments, penetration tests, and … Single Sign-On (SSO), and Privileged Access Management (PAM). • Threat Management & Incident Response: Ability to detect, respond to, and mitigate cyber threats using SIEM, endpoint security, and vulnerability management tools. • Networking & Infrastructure Security: Understanding of firewalls, VPNs, SD-WAN, DNS security, endpoint protection, and cloud security controls. • IT Service More ❯

language skills - You have 3+ years of experience in defensive security: SOC, blue team or similar roles - You have technical hands-on experience with SIEM, IDS/IPS, EDR and cloud security tools - You have a solid understanding of cloud platforms (AWS/Azure/GCP) Desired Skills: - You have More ❯

leadership, crisis management, and decision-making skills. Excellent communication and stakeholder management abilities. Deep understanding of adversarial attack techniques and security threats. Experience with SIEM architecture, XDR, and incident response tooling. Strong knowledge of vulnerability management processes and tools. Proficiency in threat intelligence analysis and its integration into response strategies. More ❯

security controls (SGs, NACLs, routing). Experience implementing platform-level monitoring and alerting using CloudWatch Logs, Metrics, Alarms, and integration with centralised dashboards or SIEM tooling. Familiarity with tagging strategies, cost allocation, and FinOps-aware engineering to support operational governance. Excellent problem-solving skills with the ability to troubleshoot complex More ❯

and Purview Governance. Experience with Fabric Tenant Settings, Workspace Templates, and network configurations including VNET, Private Link, and Private DNS. Knowledge of logging and SIEM integrations with Microsoft Sentinel and ServiceNow. Understanding of deployment methodologies such as Waterfall, Agile, Scrum. More ❯

SIEM Content Engineer - National Security & Defence Location: Hybrid role - Hemel Hempstead (1 day/week on-site) Clearance: Must hold or be eligible for DV Overview I have a great opportunity for a skilled SIEM professional to work as a SIEM Content Engineer within a leading consultancy's Security Operations … Centre (SOC) team. The role will focus on country-critical technology in the defence and national security space. Key Responsibilities Develop and maintain SIEM content (rules, dashboards, reports) Analyze SIEM data to detect and respond to threats Collaborate with SOC Analysts, Architects, and Engineers Stay current on emerging threats and … incorporate into detection logic Support security standards and best practices Requirements 3+ years experience with SIEM tools (Splunk, Sentinel, QRadar) Strong understanding of security protocols and frameworks (NIST, ISO, PCI DSS) Scripting experience (Python, PowerShell, regex) Excellent problem-solving and communication skills Security certifications (CISSP, CISM, etc.) are a plus More ❯

Hyper-V, vSphere, and VMware. Experience with Dell SANs (including iSCSI, Raid) and Dell Servers Experience using Software such as: Nessus, Ad Audit Plus, Siem, Wireshark, SQL Server, and Jira Service Desk Management Networking: Routing Protocols (OSPF) Multicast QoS Layer 2 Protocols (RSTP, VLANs, Port Channels, Trunking, Storm Control, BPDU More ❯