76 to 100 of 206 SIEM Jobs in the UK excluding London

cause analysis and liaise with the customer and the Service Delivery Manager as well and ensuring the actions of the SOC Analysts follow best practice. Security Monitoring: & Investigation: Monitoring SIEM tools to assure high a level of security operations delivery function Oversee and enhance security monitoring systems to detect and analyse potential security incidents. Conduct real-time analysis of security … vulnerabilities, integrating threat intelligence into security monitoring processes. Contribute to the development of threat intelligence feeds to enhance proactive threat detection. Proactively hunt for threats within enterprise environments using SIEM and EDR solutions. Fine-tune SIEM detection rules, correlation alerts, and log sources to reduce false positives. Analyse threat intelligence feeds, map findings to MITRE ATT&CK framework, and provide … mechanisms. Conduct adversary simulation exercises to test and improve detection capabilities. Generate detailed reports on emerging threats, attack trends, and security posture improvements. Monitored and analysed security logs from SIEM platforms to identify suspicious activity. Security Tool Management: Manage and optimise SIEM tools, ensuring they are properly configured and updated to maximize effectiveness. Own the development and implementation of SOC More ❯

and liaise with the custiomer and the Service Delivery Manager as well and ensuring the actions of the SOC Analysts follow best practice. Job Duties Security Monitoring: & Investigation: Monitoring SIEM tools to assure high a level of security operations delivery function Oversee and enhance security monitoring systems to detect and analyse potential security incidents. Conduct real-time analysis of security … vulnerabilities, integrating threat intelligence into security monitoring processes. Contribute to the development of threat intelligence feeds to enhance proactive threat detection. Proactively hunt for threats within enterprise environments using SIEM and EDR solutions. Fine-tune SIEM detection rules, correlation alerts, and log sources to reduce false positives. Analyse threat intelligence feeds, map findings to MITRE ATT&CK framework, and provide … mechanisms. Conduct adversary simulation exercises to test and improve detection capabilities. Generate detailed reports on emerging threats, attack trends, and security posture improvements. Monitored and analysed security logs from SIEM platforms to identify suspicious activity. Security Tool Management: Manage and optimise SIEM tools, ensuring they are properly configured and updated to maximize effectiveness. Own the development and implementation of SOC More ❯

BA Cyber products Maintain detailed documentation of BA security policies, procedures, and incidents What you'll bring to British Airways: High proficiency in Security Tools and Technologies, such as; SIEM, Vulnerability Management, EDR and Identity Experience in leading and mentoring a team of security professionals and an ability to foster a collaborative and learning-oriented environment Proven track record of More ❯

trust by engaging across the business, evangelising Security across both tech and non-tech areas Who you are: Keen interest in security, with the want to develop. Experience in SIEM or SOAR Knowledge of the MITRE ATT&CK Framework or common attack and response methods Previous experience with incident response in a fast-paced environment Knowledge of Cloud environments AWS More ❯

automation, alert enrichment and detections Knowledge of adversary tactics, techniques, and procedures (TTPs) and MITRE ATT&CK principles Comfortable with macOS, Windows & Linux operating systems Domain experience working with SIEM and SOAR platforms Experience developing tools and automation using common DevOps toolsets and programming languages Understanding of malware functionality and persistence mechanisms Ability to analyse endpoint, network, and application logs More ❯

automation, alert enrichment and detections Knowledge of adversary tactics, techniques, and procedures (TTPs) and MITRE ATT&CK principles Comfortable with macOS, Windows & Linux operating systems Domain experience working with SIEM and SOAR platforms Experience developing tools and automation using common DevOps toolsets and programming languages Understanding of malware functionality and persistence mechanisms Ability to analyse endpoint, network, and application logs More ❯

attacker techniques and capabilities models; and the various Cyber Kill Chain frameworks. Experience in securing cloud platform. Encryption; Knowledge in threat modelling and ethical hacking. Extensive experience working with SIEM solutions. Basic experience in some scripting languages This role falls inside of IR35 and is hybrid working with the expectation to attend the Glasgow or Milton Keynes office 3 days More ❯

Azure A strong understanding of software development methodologies and practices Ability to Rapid Risk Assessment and Threat Modeling Other technical skills required: Azure Security Monitoring including Application Insights, and SIEM Excellent communication skills to guarantee stakeholder alignment and successful outcomes at all stages of Product delivery and ongoing support This is a great opportunity and salary is dependent upon experience. More ❯

Programming (we use Python, any oop is fine) Configuring & deploying software integrations High capacity to learn quickly Creative problem-solving skills Preferred Qualifications: Security tools or other VM platforms (SIEM, SOAR, IDS) Data ingest pipelines (ETL, automation) Cloud concepts (containerization, PaaS) ServiceNow (configuration, end user experience) Enterprise customer tech integration exposure Ability to work autonomously on complex tasks within a More ❯

Cloud & Modern Workplace: Microsoft 365, Azure AD, Intune, Teams, Conditional Access- On-Premise Infrastructure: Windows Server, VMware, Hyper-V, DNS, DHCP, Active Directory- Security & Compliance: Cyber Essentials+, ISO27001, Firewalls, SIEM, EDR, VPN- Remote Monitoring & Management (RMM): Patch Management, NAble, Proactive Monitoring- Licensing Models: Microsoft CSP, NCE, OV, SPLA, Volume Licensing This is a brilliant opportunity for a results-driven IT More ❯

escalated cases. • Proven leadership capability with experience line managing analysts, conducting performance reviews, and overseeing HR-related duties. • Experience providing ticket quality assurance and training delivery. • Familiarity with leading SIEM, endpoint and XDR security platforms, in multi-tenant MSSP environments. • Willingness to obtain or hold relevant security certifications, such as SBT BTL2 and CREST CRIA. More ❯

Azure A strong understanding of software development methodologies and practices Ability to Rapid Risk Assessment and Threat Modeling Other technical skills required: Azure Security Monitoring including Application Insights, and SIEM Excellent communication skills to guarantee stakeholder alignment and successful outcomes at all stages of Product delivery and ongoing support This is a great opportunity and salary is dependent upon experience. More ❯

Security: Implement and monitor DNS security solutions to prevent cyber threats. Incident Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. Monitor, audit, and improve infrastructure security posture using automated tooling. Policy & Procedures: Define and enforce security policies, incident response strategies, and structured … with Terraform for IaC security automation. Knowledge of DevOps pipelines (CI/CD) and security hardening. Deep understanding of PCI DSS compliance, security frameworks, and audit processes. Familiarity with SIEM solutions, security orchestration platforms, and log management. Strong experience with incident response planning, threat detection, and mitigation. Ability to define security policies, procedures, and structured action plans for compliance and More ❯

security assessment tools Management of security with regards to new systems acquisition. Deliver in person Cyber Security training programmes. Requirements: Networking experience Cyber Security Active Directory and Virtualisation experience. SIEM experience Email Security Vulnerability Management The Package: If successful our client is offering a salary between £40,000 - £42,000 per annum, favourable holiday allowance. How to Apply : If you More ❯

Security Services Strong background in IT network security concepts. Strong knowledge of data and information flows, information governance, network protocols. Knowledge of system hardening techniques. Knowledge and experience in SIEM technologies. Knowledge and experience in vulnerability and risk management processes. Knowledge and experience of applying cybersecurity controls within SAAS environments. Project Engagement Strong stakeholder management skills Knowledge and experience in More ❯

architecture, and drive strategy in a fast-paced, forward-thinking environment. What youll need: 3+ years in complex IT or consultancy environments Knowledge of HMG SPF, ISO27001, identity management, SIEM, PKI, cryptography, and secure frameworks Experience in public sector programmes Bonus: PCiIAA, SABSA, TOGAF, or a masters/STEM degree If youre security-cleared (or eligible), ready to lead, and More ❯

and drive strategy in a fast-paced, forward-thinking environment. What you’ll need: 3+ years in complex IT or consultancy environments Knowledge of HMG SPF, ISO27001, identity management, SIEM, PKI, cryptography, and secure frameworks Experience in public sector programmes Bonus: PCiIAA, SABSA, TOGAF, or a master’s/STEM degree If you’re security-cleared (or eligible), ready to More ❯

security reviews and risk assessments, and partner with colleagues to respond to incidents and remediate system vulnerabilities. evaluate remediation Review, analyze and correlate security logs as well as improve SIEM solution. Strong knowledge in Security Cloud support for AWS, OCI, and Azure. Develop and maintain incident response playbooks and procedures. Candidate Profile Bachelor's degree in Computer Science, Cyber Security … years Experience working in a security operations center for a global enterprise. Experience using and administering endpoint, network, and cloud security tools to identify and protect against threats. (SIEM, EDR, NDR, SSO, PAM, IPS/IDS, CASB, firewalls). In-depth knowledge of cyber security risks and threats. Experience developing and implementing security operations center procedures and playbooks. Strong analytical More ❯

skills. Familiarity with governance, compliance, and operational excellence in security functions. Knowledge of threat detection lifecycle, attacker behaviour and Tactics, Techniques and Procedures (TTPs) Understanding of detection logic (e.g. SIEM use cases) and detection-as-code (DaC) About working for us Our ambition is to be the leading UK business for diversity, equity and inclusion supporting our customers, colleagues and More ❯

Security Engineer - SIEM - sought by investment bank based in London - Contract - Hybrid *Inside IR35 - umbrella* Key Responsibilities SIEM Management & Optimization: Design, implement, and maintain Microsoft Sentinel workspaces, connectors, analytics rules, and playbooks Develop advanced KQL queries for threat hunting and reporting Optimize SIEM performance, cost, and data retention policies Troubleshoot log ingestion and parsing issues Log Source Integration: Onboard and More ❯

skills. Familiarity with governance, compliance, and operational excellence in security functions. Knowledge of threat detection lifecycle, attacker behaviour and Tactics, Techniques and Procedures (TTPs) Understanding of detection logic (e.g. SIEM use cases) and detection-as-code (DaC) About working for us Our ambition is to be the leading UK business for diversity, equity and inclusion supporting our customers, colleagues and More ❯

for a system: Microsoft OS Linux OS Virtualisation technologies Networking Endpoint Security Products Working knowledge of the accreditation process for secure systems Experience in producing design artefacts Experience implementing SIEM products Experience with network technologies (firewalls, mail gateways, load balancers, anti-virus) We're currently looking at a September/October start date (dependant on your availability/notice period More ❯

principles Hands-on experience with data analysis, modeling, and correlation at scale Operating systems internals and forensics experience for macOS, Windows & Linux Domain experience managing and working with current SIEM and SOAR platforms Experience developing tools and automation using common DevOps toolsets and programming languages Understanding of malware functionality and persistence mechanisms Ability to analyze endpoint, network, and application logs More ❯

ON THE TEAM) Lab 1: Cloud Enterprise and Computer Security Data & Analytics (KQL/SQL or BigQuery for GCP) Kubernetes (K8s) Power Platform and PowerShell Lab 2: Security Operations SIEM management Advanced logging Cyber Defence Centre tooling DLP technical policy development Ability to build and train machine learning models to address business needs Lab 3: Modern Workplace Security Power Platform More ❯

or equivalent experience. You might also have: Prior experience selling threat intelligence feeds, data APIs, or security telemetry to OEM or technology partners. Familiarity with common security solutions (e.g., SIEM, SOAR, EDR, IDS/IPS). Technical background (e.g., computer science or engineering) is a plus. OpenText's efforts to build an inclusive work environment go beyond simply complying with More ❯