51 to 75 of 296 SIEM Jobs in the UK excluding London

Europe, Asia and the U.S. This position will be based in our Frankfurt office. What you will do Be responsible for our security engineering platforms with particular focus on SIEM and EDR, Anti-Virus and Anti Malware solutions Leverage our security platform's automation capabilities to implement and optimise SOAR capabilities throughout our environment Research, design and deploy new security …/Workplace, IT Compliance, Information Security, Business Resilience, Procurement, Finance and other cross-functions What you bring Required Hands-on experience implementing, managing, and improving security platforms, such as SIEM, DLP, IPS/IDS, WAF, EDR, etc., experience with the Microsoft Security Suite is ideal Deep technical expertise and relevant experience in security operations (threat intelligence, security monitoring, incident/ More ❯

in security technologies and solutions, including firewalls, intrusion detection/prevention systems (IDS/IPS), endpoint protection, encryption, identity and access management (IAM), and security information and event management (SIEM) systems. Strong understanding of security frameworks, standards, and regulations, including ISO 27001, NIST Cybersecurity Framework, GDPR , NCSC Cyber Essentials Plus, with experience in implementing and maintaining compliance with these requirements. More ❯

IT and Security problems for non-technical audiences. • Strong understanding of OT infrastructure, networking, and end-user computing. • Proficiency in writing Kusto Query Language (KQL) for creating and tuning SIEM queries and alerts. • Experience in configuring and troubleshooting MFA, Privileged Access Management (PAM), and Security Information & Event Management (SIEM) systems, particularly Microsoft Sentinel. Desirable Experience: • Familiarity with managing network security More ❯

role: This is a dynamic and impactful role that offers technical depth, cross-functional collaboration, and the chance to shape Cadent's cyber resilience. Technical Challenge - Work with advanced SIEM, SOAR, and threat detection tools across IT and OT environments. Strategic Contribution - Influence the development of new controls and support the delivery of Cadent's cyber security strategy. Cross-Team … Cyber Security, IT, or related field, with certifications such as CEH, CompTIA Sec+, or equivalent. Experience in cyber security engineering across IT and OT environments. Technical Expertise - Proficiency with SIEM and SOAR platforms, log analysis, threat modelling, and integration of security tools. Problem-Solving Skills - Ability to engineer solutions for complex security challenges, including unpatchable vulnerabilities. Communication & Collaboration - Strong interpersonal More ❯

expertise in security and identity systems Qualifications Degree or relevant professional IT/security qualification Recognised certification from a security or identity vendor Knowledge Solid understanding of tools like SIEM, EDR, and threat detection methods Knowledge of vulnerability management and threat intelligence Familiarity with network security (firewalls, segmentation, IDS/IPS, etc.) Understanding of operating systems (Windows, Mac, Linux) and More ❯

operations, responsible for monitoring, detecting, and responding to security incidents, ensuring compliance, and maintaining the integrity of our systems and networks. Key Responsibilities: Monitor and analyse security events using SIEM tools Conduct incident response and triage activities Perform regular security assessments and compliance checks Maintain and improve logging and monitoring capabilities Collaborate with internal teams to enhance security posture Document … Demonstrate an understanding of the wider cyber security landscape and risks Essential Skills & Experience: Minimum of 2 years' experience in a SOC or cyber security role Strong understanding of SIEM technologies and incident response processes Solid knowledge of computer networks, protocols, and infrastructure Experience with security monitoring, logging, and compliance frameworks Excellent analytical skills and a keen eye for detail More ❯

years. This role is based onsite in DXC Erskine or Farnborough, covering a rotational 24x7 12-hour shift pattern MUST have at least 6 months of experience working with SIEM technologies Job Description The Tier 2 Cyber Security Analyst is a mid-tier position within the Cyber Threat Analysis Centre (CTAC), responsible for advancing initial work conducted by Tier … and response functions. Responsibilities: Conduct escalated triage and analysis on security events identified by Tier 1 Analysts, assessing threat severity and advising on initial response actions. Utilize expertise in SIEM solutions, specifically Kusto Query Language (KQL), to perform log analysis, event correlation, and thorough documentation of security incidents. Identify and escalate critical threats to Tier 3 Analysts with detailed analyses … and improve threat response times. Coordinate with Tier 3 Analysts and management to refine detection and response workflows, contributing to SOC maturity. Collaborate with Tier 3 Analysts on tuning SIEM and detection tools to reduce false positives and improve alert accuracy, submitting tuning requests and testing configurations as needed. Identify gaps in detection content and work with Senior Analysts to More ❯

with complicated security-related concepts to technical and non-technical audiences. Proficient in the use of PowerBI or a similar dashboarding application. Knowledge of security systems (including working with SIEM data). SQL or database knowledge would be desirable. Relevant certifications such as CISSP, CISM, or CRISC (or equivalent) are preferred. Proven experience in managing and delivering technical projects and More ❯

with complicated security-related concepts to technical and non-technical audiences. Proficient in the use of PowerBI or a similar dashboarding application. Knowledge of security systems (including working with SIEM data). SQL or database knowledge would be desirable. Relevant certifications such as CISSP, CISM, or CRISC (or equivalent) are preferred. Proven experience in managing and delivering technical projects and More ❯

with complicated security-related concepts to technical and non-technical audiences. Proficient in the use of PowerBI or a similar dashboarding application. Knowledge of security systems (including working with SIEM data). SQL or database knowledge would be desirable. Relevant certifications such as CISSP, CISM, or CRISC (or equivalent) are preferred. Proven experience in managing and delivering technical projects and More ❯

intelligence, log sources, and detection logic-making them reusable by SOC, IR, and detection engineering teams. Collaborate with detection engineers to convert hunt findings into long-term detections and SIEM use cases , contributing to continuous monitoring improvements. Continuously refine and document hunt processes and hypotheses for knowledge sharing across cyber defense teams. * Monitoring & Anticipation - Maintain situational awareness of the evolving … flag early indicators of potential cyber campaigns targeting aerospace or defense sectors. Assist in the development and fine-tuning of detection rules and alerts for monitoring security systems (e.g., SIEM, EDR). Contribute in the specification of telemetry log sources and data normalization for its processing in Cyber Detection. Develop tools and techniques to identify patterns and anomalies in network … of DevOps, git. * . * * Analytical Skills - Strong knowledge of threat actor tactics, techniques, and procedures (TTPs) and frameworks like MITRE ATT&CK , Kill Chain, and Diamond Model. Proficiency with SIEM tools (e.g., Splunk, ELK), threat intelligence platforms (e.g., MISP, ThreatConnect), and endpoint detection tools (e.g., EDR/XDR). Experience building code-based hunting or automation playbooks (e.g., Python, Jupyter More ❯

privacy regulations (e.g., GDPR, CCPA) and breach notification laws. Experience with sector-specific frameworks (e.g., HIPAA, PCI). Technical Skills Proficiency with security tools (SailPoint, Rapid7, Wiz.io , MS Defender, SIEM, vulnerability management, penetration testing). Knowledge of cloud technologies (AWS, Azure). Experience using generative AI (e.g., ChatGPT) for test strategies, reports, and communications. Skills in automation and analytics tools More ❯

noncompliance situations using defined escalation processes Developing and maintains documentation for security systems and procedures Responding to and, where appropriate, resolving or escalating reported security incidents Monitoring system logs, SIEM tools and network traffic for unusual or suspicious activity. Investigating and resolving security violations by providing postmortem analysis to illuminate the issues and possible solutions Monitoring internal control systems to More ❯

firewalls, IDS/IPS, authentication systems, log management, content filtering, Mobile Device Management and technologies based on IT/Cyber Security best practices; Experience in configuring, operating and maintaining SIEM solutions and log management; Experience in networking, troubleshooting, and analysis tools; Experience in vulnerability assessments, penetration testing and patch management; Identifying, assessing, reporting and mitigating technical security related risks within … or commensurate experience; Secure configuration and support of outsourced services and Cloud service provision including eg: PaaS, SaaS, IaaS; Strong experience of the systems and associated operations relating to SIEM, IDS/IPS, Vulnerability Scanning/Penetration Testing, Mobile Device Management; Working knowledge of network security, authentication mechanisms, wireless, encryption technologies, and networking protocols including HTTP(S), DNS, SMTP, TCP More ❯

impact assessment, and post-incident reviews. Threat Management: Develop and refine threat intelligence, threat hunting capabilities, and prevention/detection measures. Security Technologies: Configure, maintain, and optimise security platforms (SIEM/XDR, EDR, vulnerability management, Secure Email Gateway, Application Allowlisting etc.) Security Controls: Implement and maintain security controls, continuously improving detection, prevention, and remediation. Vendor Risk & Audit: Conduct vendor risk … including UK GDPR, Cyber Essentials, and any industry-specific security requirements. Skills and Experience: 5–7 years' experience in security operations, engineering, or cyber threat management. Strong knowledge of SIEM, XDR, EDR, vulnerability management, firewalls, and network security. Hands-on experience in security control implementation and maintenance (e.g. ISO27001, Cyber Essentials). Familiarity with MITRE ATT&CK, incident response methodologies More ❯

operating systems configuration & troubleshooting and SCCM/MECM skills would be advantageous. Knowledge of information security standards such as ISO 17799/27002/27001/PCI DSS/SIEM/FERPA/HIPAA etc. Knowledge of and experience in virtual network technologies, specifically ESXi and VMware configuration and administration is preferred. Knowledge of and experience in Veaam, CrowdStrike and More ❯

operating systems configuration & troubleshooting and SCCM/MECM skills would be advantageous. Knowledge of information security standards such as ISO 17799/27002/27001/PCI DSS/SIEM/FERPA/HIPAA etc. Knowledge of and experience in virtual network technologies, specifically ESXi and VMware configuration and administration is preferred. Knowledge of and experience in Veaam, CrowdStrike and More ❯

configurations, and recommend improvements to stay compliant Collaborate with key stakeholders including Compliance and Infrastructure teams Required Experience: Microsoft security suite experience – Microsoft certifications are highly valued Familiarity with SIEM tools – Microsoft Sentinel or similar Experience managing network security and firewalls Exposure to PenTesting methodologies or practices (desirable) Experience with NAC solutions like Cisco ISE , ForeScout , or similar Strong grasp More ❯

NIST, ISO 27001, ISA/IEC 62443, etc). An understanding of cloud-native infrastructure (e.g. microservices, containerisation, Kubernetes, serverless computing). An understanding and/or experience with SIEM, SOAR and EDR. Knowledge and/or understanding of data and analytics in terms of cybersecurity implications. Missing skills? Let us be the judge! BMT are passionate about people; we More ❯

the SOC in key meetings and internal stakeholder engagements Skills and Experience: Proven experience in a Security Operations Centre (SOC) environment Qualified at SOC Level 2 Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk Knowledge and use of the MITRE ATT&CK Framework for detection and threat analysis Experience of static malware analysis and reverse engineering (desirable) Scripting … or programming with Python, Perl, Bash, PowerShell or C++ (desirable but not essential) SIEM technologies knowledge such as QRadar (desirable but not essential) In-depth understanding of client-server applications and multi-tier web environments Knowledge of relational databases, firewalls, VPNs, enterprise AntiVirus solutions Full details of the Cyber Security SOC Lead role are available upon application. To apply, please More ❯

of networking concepts and how they intersect with modern security architectures Exposure to automation/scripting in PowerShell or Python for infrastructure or policy workflows Experience deploying or integrating SIEM and EDR tools, as well as conducting incident response (Preferred) Familiarity with security frameworks such as NIST 800-53, CIS Benchmarks, or ISO 27001 (Preferred) Industry certifications such as AZ More ❯

availability of systems and data Experience deploying security tools in local and cloud environments Respond to security requests and events Vulnerability management Utilising security tools to enhance organisational security (SIEM, EDR, Vulnerability management tools) Following agreed protocols of incident response Incident response, investigation and recovery Utilising Crowdstrike, Qualys, Zscaler, Appcheck and ActiveDirectory Leveraging support from wider tech areas such as More ❯

in security-aligned projects (e.g. PAM, MFA, vulnerability remediation Solid understanding of security operations principles, including the incident response lifecycle. Familiarity with detection and response technologies (e.g. EDR, antivirus, SIEM, vulnerability scanners). Knowledge of key cybersecurity frameworks and standards (e.g. NIST CSF, CIS Controls). Ability to analyse and interpret technical security alerts and logs. Understanding of endpoint, server More ❯

society by helping businesses stay resilient through proactive security solutions and trusted partnerships. Responsibilities: As a Security Operations & Threat Intelligence Analyst, you will monitor and investigate security alerts using SIEM tools, conduct threat hunting, and analyze suspicious activity. You ll gather and report threat intelligence, update detection rules and response playbooks, and collaborate across teams to improve security. You ll … required: • 3+ years of experience in Security Operations, Threat Intelligence, or Incident Response roles • Proficient in analyzing logs, network traffic, malware behavior, and attack vectors • Hands-on experience with SIEM tools (e.g., Splunk, QRadar, Sentinel) and EDR solutions • Familiar with threat intelligence platforms (e.g., MISP, Recorded Future, ThreatConnect) • Scripting experience in Python, Bash, or similar for automation and analysis • Must More ❯

keep this simple. A FTSE that doesn’t cut corners - is hiring a Cyber Security Operations Engineer . If you're the kind of person who spots anomalies before SIEM alerts even pop, talks in MITRE ATT&CK when stressed, and dreams in hex - we want to hear from you. You’ll report to the Cyber Security Operations Manager and … It's for professionals who understand that cyber threats don't respect business hours. What You'll Actually Be Doing (Because Job Titles Mean Nothing Without Context): Monitoring our SIEM platform like a hawk with insomnia Responding to EDR alerts and sifting through digital noise to find the signal Triage, incident response, risk analysis - the full SOC works Digging into More ❯