26 to 50 of 381 SIEM Jobs in the UK excluding London

similar) Nice to have BGP, FlowSpec, and traffic engineering knowledge NetFlow/sFlow analysis IDS/IPS, firewalls, and packet analysis (Wireshark, tcpdump) SIEM experience (Splunk) Linux proficiency Virtualisation (KVM, ESXi) Certifications such as CCNP, JNCIS/JNCIP, CySA+, GIAC GCIA or GCIH Bright Purple is an equal opportunities employer ...

protection standards (e.g., FIPS 140-2), and separation of duties in secure environments. • Experience using Microsoft Management Console (MMC) snap-ins, event logs, and SIEM platforms to identify and resolve issues proactively. • Experience with IT asset management tools related to discovery and information collection • Understanding of backup procedures. • Ability ...

Risk in financial services. Experience with frameworks such as NIST, ISO27001, COBIT, SOX, and FFIEC. Good understanding of cloud security, GDPR, IAM/PAM, SIEM, vulnerability management, and network security. CISSP, CISM, CRISC, or similar certifications preferred. Skills & Experience: Strong strategic and analytical thinking Excellent communication and stakeholder management Strong ...

networking and other cloud infrastructure) Expertise in hybrid or cloud native environments Security tools and services covering identity & access management, endpoint and cloud protection, SIEM/XDR, vulnerability management, and email/domain security End‐user tooling, including emerging AI‐enabled productivity tools WHAT WE ARE LOOKING FOR Proven experience ...

audits, risk assessments and maturity reviews. Engineer and embed technical controls supporting NIST CSF and ISO/IEC 27001 objectives. Support security tooling integration (SIEM log sources, EDR/XDR dependencies, vulnerability tooling). Enable and validate security telemetry coverage audit policy configuration, log forwarding/collection, event quality (normalisation ...

scripting such as Python, Perl, Bash, PowerShell, C++. CREST Practitioner Intrusion Analyst/Blue Teams Level 1 or other SOC related certifications. Experience with SIEM technologies, namely Sentinel and Splunk, with some experience with QRadar. If you are interested in this role but not sure if your skills and experience ...

function with clear RACI and coherent operating model. Govern the security tooling strategy and operating model (build vs. buy vs. MSSP); maximize value from SIEM, SOAR, IAM, PAM, EDR, DLP, DSPM, and CTI platforms. Security Operations & Incident Response Accountable for SOC performance (24×7 detection, response, threat hunting), DFIR, purple ...

environments Technology Skills & Experience Principles of network and boundary protection (firewalls, mail gateways, load balancers, antivirus, IPS/IDS, Diodes) Protective Monitoring systems (SIEM/SOC) and deployment principles Authentication & authorisation technologies (SAML, LDAP, PKI, etc.) Encryption protocols and structures supporting secure deployment Communication & Soft Skills Excellent verbal and written ...

supporting the bank's wider cyber defence strategy. Key Requirements: * Strong experience within Cyber Operations, SOC or Incident Response environments * Hands-on expertise with SIEM technologies (Splunk, Sentinel, QRadar etc.) * Knowledge of threat detection, malware analysis, endpoint, network or cloud security * Scripting experience (Python, PowerShell or similar) * Strong understanding ...

InfoSec reviews and feedback from external audits. Help drive security and compliance awareness across the business. Involvement in Operational Security Services such as SOC, SIEM, Penetration Testing & Vulnerability scanning Review, interpret and act upon information provided by E365 security toolsets. Required skills: Hold valid security clearance or be eligible undergo ...

Cyber Security Manager/Lead/Security Consultant role. Strong understanding of security operations, threat detection, and incident response practices. Experience working with SIEM, EDR, and monitoring technologies in enterprise environments. Demonstrable knowledge of security frameworks, controls, and governance models. Experience managing third-party vendors or managed security services. Relevant ...

security operations as a discipline Required Experience & Skills 3+ years' experience in a SOC or closely related cyber security role Strong working knowledge of: SIEM platforms Security Incident Management Cloud environments Networking fundamentals Threat intelligence and threat hunting Information security principles Phishing, ransomware, and modern attack vectors Identity & Access Management ...

Microsoft Intune, or similar cloud technologies. PowerShell scripting experience for automation and operational tasks. Familiarity with Microsoft MMC, Event Viewer, and monitoring or SIEM tools. Understanding of backup, recovery, and disaster recovery processes. Experience working within ITIL-based service management environments. Knowledge of security frameworks and standards such as NIST ...

Microsoft Intune, or similar cloud technologies. PowerShell scripting experience for automation and operational tasks. Familiarity with Microsoft MMC, Event Viewer, and monitoring or SIEM tools. Understanding of backup, recovery, and disaster recovery processes. Experience working within ITIL-based service management environments. Knowledge of security frameworks and standards such as NIST ...

Operations Centre (SOC/CSOC) or cyber security operations function Strong background in incident response, threat detection, and cyber resilience Hands-on experience with SIEM, IDS/IPS, endpoint security, and monitoring tools Solid understanding of threat intelligence, vulnerability management, and remediation practices Knowledge of cyber frameworks and regulations including ...

this technical role is on threat prevention, detection and response for Marshall, including the configuration and monitoring of a security information and event management (SIEM) system, operating next generation antivirus, intrusion detection/prevention systems (IDS/IPS), vulnerability management tools and Firewall, DLP, Web and Email Security Gateways.This … and help coordinate, routine security event monitoring and investigations using available toolsUse, configure and develop the use of a security information and event management (SIEM) and EDR toolMonitor and configure network intrusion detection and prevention systemsAnalyse and create reports for security incidents, to determine root cause and lessons learntCreate and ...

Proven experience as a Security/Cyber Security Architect Strong cloud security knowledge (Azure, AWS, M365) Broad security control experience (IAM, PAM, DLP, SIEM, endpoint, network) Experience in regulated or critical environments desirable Certifications such as CISSP, CISM or ISO 27001 beneficial If you're looking for a role with ...

from colleagues and service delivery teams Support and coordinate patch management activities, validating effectiveness through vulnerability scanning Oversee and operate key security technologies, including SIEM, email and web gateways, and endpoint protection tools Monitor external threat intelligence sources and assess relevance to the organisation Produce and report on security metrics … operational performance Technical expertise Good understanding of information security principles, risk management and the threat landscape Experience of operating and monitoring security tooling, including SIEM, endpoint protection, and email/web security solutions Ability to proactively conduct threat hunting activities and develop or enhance detection analytics to improve identification ...

systems Experience with cloud hosting, cloud migration, application testing, and working with developers to improve security Solid knowledge of security products including WAFs, SIEM, AV, email/web gateways, firewalls, load balancers, ACLs, TCP/IP, routing, and switching Familiarity with OWASP, SASE, zero-trust, and risk-based vulnerability management ...

Istio), API Security, IaC security (e.g. Terraform, ARM templates). • Network Security: Zero Trust, firewalls, segmentation, DDoS Protection. • Security Logging and Monitoring: Security logging, SIEM integration, event correlation. Responsibilities • Develop and enforce reference architectures, patterns, and blueprints for secure cloud adoption across Azure, GCP and hybrid environments. • Conduct threat modelling ...

with Terraform and Infrastructure as Code Experience building or supporting CI/CD pipelines, ideally using GitHub Actions Knowledge of security tooling such as SIEM, EDR, DLP, IDS/IPS, or vulnerability management platforms Scripting experience using Python, Shell, or similar languages Experience with monitoring and observability tools such ...

Databricks ITSM : ServiceNow EUC : Intune, SCCM Applications : CRM, ERP, HCM, Finance Infrastructure : servers (cloud/on prem), networking, storage, backup Cloud : Azure Cyber Security : SIEM, XDR, IPS/IDS, NIST, ISO27001 ...

time effectively Excellent interpersonal skills and professional demeanour Excellent verbal and written communication skills Proficient in Microsoft Office Applications Proficient in the use of SIEM (Security Incident and Event Management) technology, in terms of handling alerts, analysis of the data within the alert and rationale on whether escalation or closure ...

tracking remediation, validating fixes, and assisting with reporting. * Develop and maintain playbooks, runbooks, and procedural documentation. Required Skills: * Microsoft Defender XDR * Microsoft Sentinel (SIEM/SOAR) * Privacy Management Solutions (e.g. Purview, OneTrust) * Understanding of key cybersecurity and privacy concepts, such as Threat detection and analysis, Incident response lifecycle, Vulnerability and ...

Demonstrable experience delivering cyber security services to external clients Strong knowledge of endpoint and network forensics tools Experience with Security Information and Event Management (SIEM) platforms Deep understanding of threat detection methodologies Familiarity with Windows, and cloud environments (e.g. MS Azure/AWS) Knowledge of malware analysis techniques and tools ...