351 to 375 of 385 SIEM Jobs in the UK excluding London

security monitoring strategy and best practice. What you will bring: Proven experience deploying and managing Splunk at enterprise scale. Strong hands-on knowledge of SIEM engineering, including indexing, parsing, onboarding and performance tuning. Experience designing and optimising detection content, including MITRE ATT&CK-aligned use cases and alert tuning … experience with KQL and EQL would be beneficial, but is not essential. Experience with automation and Infrastructure-as-Code within security monitoring or SIEM environments. Solid understanding of SIEM platform operations, including clustering, scaling, high availability, disaster recovery and performance optimisation. Strong problem-solving skills and a proactive approach ...

doing: Overseeing Security Operators during shifts, ensuring continuous security monitoring Performing initial investigations of potential threats using Security Incident and Event Management (SIEM) tools Monitoring SIEM systems for faults and anomalies Contributing to routine security incident management by identifying, prioritising, and escalating threats Supporting the confidentiality, integrity, and availability ...

join our Managed Security Service Provider (MSSP) team. You will be responsible for driving our adoption of Sentinel, client onboarding projects, managing multi-vendor SIEM proof of concepts with a specific focus on a Microsoft Sentinel, developing custom connectors to ingest log data into SIEM tooling. The ideal candidate will … Splunk deployments is beneficial. This role sits within our MSSP team, as a senior member of the security engineering team focused on growing our SIEM management capabilities and integrating those into our Managed SOC offering in a consistent and professional way. You will work on a variety of projects ...

staff mentoring. Tasks Maintain and monitor effectiveness of security measures and controls. Co‐ordinate routine security event monitoring and investigations. Use, configure and develop SIEM and EDR tools. Monitor and configure IDS/IPS. Analyse and create reports for security incidents, root cause, lessons learnt. Create and rehearse Incident Response … preferably Linux operating systems, networking and bespoke device types. Good awareness of computer networking protocols related to cyber security. Administration, configuration and use of SIEM systems, including alerts, reports, dashboards, IOCs and threat feeds. Administration of Firewalls, Web Proxies, Web Application Firewalls, Email Security and EDR software. Understanding common cyber ...

robust protection of business systems and data. Key Responsibilities Manage day-to-day cyber security operations and incident response Monitor and optimise security tools (SIEM, firewalls, endpoint security) Maintain and support network infrastructure (LAN/WAN, Wi-Fi, L2/L3) Identify threats, conduct investigations, and implement security fixes Support … cyber security projects and ongoing improvements Key Skills & Experience Proven experience in cyber security operations and network infrastructure Strong knowledge of Palo Alto firewalls, SIEM tools, and endpoint security Experience with L2/L3 networking (Nexus, LAN/WAN, Wi-Fi) Vulnerability management (e.g. Qualys) and incident response expertise Understanding ...

improvements and engineering enhancements Support detection engineering, tuning, and platform optimisation Lead automation and SOAR initiatives to improve efficiency Collaborate with SOC providers on SIEM governance and data ingestion Ensure platforms meet regulatory and compliance requirements Maintain engineering documentation, standards, and governance Represent engineering in client governance and audit activities … issues Experience & Knowledge Essential: Significant experience in security engineering and platform management Strong leadership experience managing technical teams Deep knowledge of Microsoft Defender and SIEM platforms (e.g. Sentinel) Experience in hybrid cloud and on-prem environments Strong understanding of security architecture and frameworks Experience in regulated environments (e.g. financial services ...

investigations and incident response for OT-related cyber events Analyse industrial network traffic to identify anomalies, threats and protocol misuse Integrate OT telemetry into SIEM and EDR platforms to enhance visibility and correlation Support secure by design initiatives for new OT systems, including segmentation and access control validation Assess vulnerabilities … control systems (ICS) - including SCADA, PLCs, DCS Hands-on experience with OT security tools (e.g. Claroty, Nozomi, Dragos or similar NDR platforms) Experience with SIEM, EDR and network traffic analysis Background in incident response, threat detection and security monitoring within OT or converged environments Understanding of network segmentation, secure remote ...

pipelines and shared enterprise services Detection, Automation & Response Build detection logic, automation, and response mechanisms to improve security operations Integrate cloud security tooling with SIEM and monitoring platforms Support incident response activities through improved detections and recovery mechanisms Contribute to post-incident improvements and continuous optimisation of controls Modern Engineering … supporting cloud security controls and automation Familiarity with CI/CD, Infrastructure as Code, and cloud automation tooling Desirable Experience with CSPM, DLP, SIEM, or cloud security tooling Exposure to detection engineering, incident response, or security automation Understanding of secure cloud design principles and distributed systems Experience with policy ...

with BAE Systems in Preston on helping them source a Systems Administrator that has a couple of years' experience working with Linux (RHEL) and SIEM technologies. About the Role This role focuses on the day-to-day administration, monitoring, and support of Red Hat Linux servers within an enterprise environment. … system health, troubleshooting issues, and ensuring reliable performance across both Linux and Windows platforms. Alongside core system administration duties, you'll support security tooling (SIEM and SOAR), ensuring systems are correctly configured to collect, process, and deliver accurate data. You'll also help onboard new systems and data sources, ensuring ...

rotational basis. Develop and tune detection rules to improve alert quality and reduce false positives. Write and optimise queries (e.g., KQL) across SIEM platforms. Collaboration & Support: Work closely with internal teams and third-party providers to investigate and resolve incidents. Support MSSP interactions and escalations where required. Participate in incident …/Tier 3 preferred). Strong background in incident investigation and response. Experience handling escalated alerts and security tickets. Technical Skills: Experience with SIEM platforms (e.g., Microsoft Sentinel). Experience with EDR/XDR tools (e.g., CrowdStrike). ServiceNow or similar ITSM/SecOps platforms. Ability to write and optimise ...

SIEM Engineer – Watford, UK Up to £85,000 salary depending on experience Full time onsite role in Watford DV clearance required ABOUT THE CLIENT Our client is a highly respected technology and security services provider supporting organisations operating in complex and security critical environments. Their teams design and deliver advanced … ensure the right controls, tooling and processes are in place to protect critical systems and data. You will take ownership of detection engineering, SIEM platform performance and the full lifecycle of security detection content, ensuring security monitoring remains effective, scalable and reliable. Key responsibilities include: Acting SME on Splunk Enterprise ...

across identity, access, network and XDR technologies, ensuring system health, data integrity and effective alerting. You will support multi-tenant platforms such as XDR, SIEM, monitoring analytics, queries and dashboards, and identify opportunities to improve performance. You will contribute to onboarding by supporting ingestion pipelines, enrichment processes and integrations that … incidents, supporting investigation, containment and recovery activities, and contributing to post incident remediation and service improvement. Diagnose and resolve service incidents relating to security tooling (e.g. SIEM, XDR, logging pipelines), escalating complex issues where appropriate and contributing to root cause analysis and preventative actions. Support the planning, assessment and implementation ...

solution deployment.Should have experience in configuring and managing security products such as firewalls, intrusion detection/prevention systems (IDS/IPS), SIEM (Security Information and Event Management) systems, Log Collector and Identity Management solution.Should have customer facing skills and lead security discussion with customers.You will bringA bachelor’s degree ...

and in you. We are seeking an experienced Senior Sales Engineer with deep technical expertise in Managed Detection & Response (MDR), Security Information & Event Management (SIEM), and Endpoint Detection & Response (EDR). In this customer-facing, pre-sales role, you’ll partner with account executives, channel partners, and customers to deliver … Conduct pre-sales product demonstrations: deliver engaging and technically accurate presentations that showcase the capabilities and benefits of our cybersecurity solutions, including MDR, SIEM, and EDR. Technical discovery & solution design: translate customer business drivers and security challenges into tailored solution architectures. Lead workshops and discussions that highlight both technical and ...

Discover and vault service/application/shared accounts Configure session proxies, Just-in-Time access, and break-glass procedures Integrate PAM with SIEM and Active Directory/Entra ID Manage upgrades, patches, and troubleshoot platform issues Maintain documentation, policies, and runbooks Support audit and compliance reporting Essential Requirements: Hands … Credential vaulting, password rotation, and session monitoring experience Onboarding Windows, Linux/Unix, and network devices to PAM Knowledge of AD privileged accounts and SIEM integration Understanding of ISO 27001/NIST CSF frameworks Strong troubleshooting and documentation skills Desirable: Degree in InfoSec, CS, or STEM Beyond Trust certifications Experience ...

ensuring compliance with relevant industry standards, enabling the business to operate securely and efficiently in a dynamic threat landscape. PRINCIPAL ACCOUNTABILITIES: Monitor and analyse SIEM, network, and endpoint logs to detect threats, vulnerabilities, and anomalies. Evaluate and triage security alerts, accurately distinguishing genuine threats from false positives and applying appropriate … experience in cybersecurity Strong knowledge of security protocols, cryptography, and security technologies Proven experience with security tools such as firewalls, EDR/XDR software, SIEM and intrusion detection systems. Experience within a NOC/SOC environment. Ability and enthusiastic approach to pick up new technologies and learn them Ability ...

MSPs to ensure security controls are implemented and sustained. Contribute to governance artefacts - policies, standards and documentation that underpin OT security. Support integration with SIEM/SOC functions for OT environments. What our client is looking for Strong OT security experience within ICS or critical infrastructure - ideally from … process industries. Hands-on experience implementing OT security strategies, policies and standards. Solid understanding of OT networks, segmentation and common industrial protocols. Familiarity with SIEM/SOC integration for OT environments. Experience working with operations/engineering teams and advising MSPs or third-party security providers. Excellent communication and documentation ...

rapidly expanding team investing in new capabilities and empowering analysts to develop and progress Key Responsibilities Deliver high‐quality security analysis by reviewing SIEM outputs and taking appropriate investigative and response actions Drive improvements across monitoring capability, processes, and tooling Engage confidently with a wide range of stakeholders, from technical … security challenges Act as an escalation point for junior analysts and manage incidents through investigation to response Essential Skills & Experience Strong experience working with SIEM technologies such as Splunk, ArcSight, LogRhythm, or AlienVault Solid understanding of how to maximise the value of security tooling Exposure to building SOC capability and ...

resilient, efficient, and aligned to evolving threat landscapes. A key part of the role is leading complex deployments and providing technical direction across SIEM, EDR, SOAR, and supporting technologies. You’ll oversee platform health through proactive lifecycle management, including patching, upgrades, and service transitions, while driving improvements in detection, automation … security technologies and platform engineering. Strong hands-on experience with Microsoft Sentinel, Defender XDR, and Azure security services Proven ability to design and operate SIEM, EDR, SOAR, and log management solutions at scale Expertise in KQL for detection engineering, tuning, and performance optimisation Experience building and maintaining automation using Logic ...

What You'll Be Doing Lead day-to-day cyber security operations , ensuring systems remain protected and resilient Monitor and respond to threats via SIEM tools , investigating incidents and implementing fixes Manage and optimise next-generation firewalls (Palo Alto) and endpoint security platforms Oversee vulnerability management and patching (e.g. Qualys … security + networking expertise, including: Proven experience in cyber security operations and engineering Strong hands-on experience with: Palo Alto Firewalls (essential) SIEM tools Endpoint Detection & Response (EDR) Vulnerability management tools (e.g. Qualys) Solid networking knowledge: L2/L3 switching (Cisco Nexus) LAN/WAN, Wi-Fi (Aruba), load balancing ...

looking for Strong experience with: Juniper (LAN switching, SRX) Palo Alto firewalls Enterprise networking environments Managing engineers/leading teams Working with EDR & SIEM tools Engaging technical & non-technical stakeholders Exposure to cloud networking Tech environment Cisco (current) → migrating to Juniper Meraki wireless Windows + Ubuntu (Nutanix/AHV) SIEM ...

design, implementation, and optimisation of security monitoring platforms feeding into a central SOC. This is a hands-on leadership role focused on building scalable SIEM solutions and strengthening client security posture. Key Responsibilities Lead design and deployment of security monitoring tools (Elastic & Splunk) Build and optimise large-scale log ingestion … using KQL, EQL, and SPL Drive detection engineering lifecycle aligned to MITRE ATT&CK Implement automation, CI/CD, and Infrastructure as Code for SIEM platforms Ensure platform performance, scalability, and resilience (HA/DR, clustering) Collaborate with stakeholders to assess risk and deliver security improvements Essential Skills & Experience Proven ...

Support cyber testing exercises and continuous operational improvements. Analyse network traffic, PCAP captures, endpoint activity, and attack patterns to identify malicious behaviour. Work with SIEM technologies and security tooling across large and complex enterprise environments. Produce technical reports and provide briefings to senior stakeholders and executives. Support cyber risk management … and detection technologies. Experience with scripting languages and strong proficiency in data analysis. Strong understanding of cyber risk, controls, and security governance. Proficiency with SIEM technologies within large and complex computing environments. Incident response expertise including: PCAP Capture Network Analysis Traffic Pattern Analysis Excellent interpersonal and stakeholder management skills. Experience ...

proven skills working with the following – • Monitoring security alerts and events across enterprise environments • Investigating potential cyber security incidents and responding appropriately • Working with SIEM platforms such as Splunk, Sentinel or QRadar • Conducting threat analysis and triaging security alerts • Supporting incident response and remediation activities • Working with security engineering teams … Experience within financial services, fintech or other regulated environments would be beneficial. Interested? Please apply below SOC Analyst, Security Operations Analyst, Cyber Security Analyst, SIEM Analyst, Splunk, Microsoft Sentinel, Incident Response, Outside IR35 Contract ...

Security Consultant/Engineer - Fortinet, NSE7, SIEM, SOAR, LAN - £55,000 - £75,000 - NW England Do you want to be one of the Fortinet experts within a Fortinet Expert Partner? Do you want to work on some of the most exciting SecOps projects out there? Do you want … escalation when needed Be able to undergo DBS clearance. NPPV3 - will need to be undertaken post probation. Security Consultant/Engineer - Fortinet, NSE7, SIEM, SOAR, LAN - £55,000 - £75,000 - NW England ...