101 to 125 of 127 Remote/Hybrid SIEM Jobs

evolving cyber threats. As the SecOps Lead, you will manage security monitoring and incident response activities while providing strategic direction for security tools including SIEM and Endpoint Detection & Response (EDR) platforms. You will work closely with internal teams and external security partners to strengthen our threat detection capabilities and improve … strengthen the organisation's security posture and defensive controls. Skills & Experience Experience in Cyber Security or Security Operations leadership Proven experience working with SIEM platforms such as Google Chronicle or similar. Strong knowledge of network security, threat detection, and incident response. Experience analysing malware, security alerts, and attack patterns. Understanding ...

monitor network segmentation, including DMZ architectures and micro-segmentation strategies. Integrate network security controls with enterprise platforms such as Identity and Access Management (IAM), SIEM, SOAR, and SOC tooling. Ensure network configurations and controls align with NIST, FISMA, and FedRAMP requirements. Develop and maintain network security diagrams, standard operating procedures … firewalls, VPNs, secure gateways, and network segmentation controls. Familiarity with Zero Trust architecture principles and secure connectivity models. Experience integrating network controls with IAM, SIEM, SOAR, and SOC environments. Working knowledge of federal compliance frameworks such as NIST SP 800-53, FISMA, and FedRAMP. Experience developing technical documentation, architecture diagrams ...

ownership, and a drive to continuously improve the security posture of complex systems. Familiarity with some of the following: Cloudflare (DDoS protection, WAF), OSS SIEM tools (Splunk, Elastic, etc), Incident management platforms (e.g. Incident.io, PagerDuty) Familiarity with at least one of the following CI/CD systems (Github Actions, Concourse … governance frameworks (e.g., CIS Benchmarks, NIST, SOC2, ISO 27001, PCI DSS) and how to operationalize them. Hands-on experience with building and maintaining a SIEM comprised of open-source and hosted components Experience securing consumer-facing web and iOS/Android applications Experience designing policies and administering Vault & other Hashicorp ...

your expertise genuinely matters. In this hands-on technical role, youll own the end-to-end design, development and maturity of detection logic across SIEM platformsengineering effective responses to real-world attacker techniques. Youll operate with a high degree of autonomy, acting as a trusted SME across multiple secure environments … Farnborough office. Security: You must hold or be eligible for SC Clearance. What you'll be doing: Design, build, test and continuously refine advanced SIEM detection logic, including rules, correlations and analytics. Research emerging threats, vulnerabilities and adversary TTPs, mapping them to MITRE ATT&CK to close detection and visibility ...

expertise genuinely matters. In this hands-on technical role, you’ll own the end-to-end design, development and maturity of detection logic across SIEM platforms—engineering effective responses to real-world attacker techniques. You’ll operate with a high degree of autonomy, acting as a trusted SME across multiple … Farnborough office. Security: You must hold or be eligible for SC Clearance. What you'll be doing: Design, build, test and continuously refine advanced SIEM detection logic, including rules, correlations and analytics. Research emerging threats, vulnerabilities and adversary TTPs, mapping them to MITRE ATT&CK to close detection and visibility ...

join this growing team. As a Staff Product Manager at Huntress, you will assist the CTO in driving the success and expansion of our SIEM product launched in October 2024. We are not building yet another SIEM that intends to replicate what every other SIEM already does. We are building … SIEM that focuses on what really matters to our Small Enterprise and SMB partners. They don't need a SIEM with all the advanced features and the costs that come with that; they need a SIEM that keeps the relevant data, reduces the noise, makes it easy to find what ...

inclusive employer and a member of myGwork – the largest global platform for the LGBTQ+ business community. Please do not contact the recruiter directly. ArcSight SIEM Engineer (DV Security Clearance) Position Description At CGI, we're redefining how technology protects the nation. As an ArcSight SIEM Engineer, you'll play … collection and analysis systems are secure, efficient, and future-ready. Working within a collaborative client-site environment, you will develop, configure, and optimise ArcSight SIEM toolsets, ensuring the seamless integration of new capabilities to support national security operations. You will also automate release and deployment processes to improve quality and ...

clear and effective stakeholder communication, and mentoring other members of the SOC team. What you will do Support SOC Manager to deliver the following SIEM, IR tools platform management including all design, implementation and administration activities Use cases preparation and implementation, connector deployment, maintenance & health checks Responsible for operational activities … Unix shell) Experience working in all phases of the SDLC Deep understanding and experience using cyber security operations, security monitoring, endpoint (EDR), Network, and SIEM Tools Prior SOC experience a plus Extensive knowledge of network and server security protocols, technologies, and products Industry recognized certifications (CISSP, GCIH, GCFA, OSCP ...

shell) Demonstrated experience working in all phases of the SDLC Deep understanding and experience using cyber security operations, security monitoring, endpoint (EDR), Network, and SIEM Tools. Prior SOC experience a plus Extensive knowledge of network and server security protocols, technologies, and products. Industry recognized certifications (CISSP, GCIH, GCFA, OSCP … effectively solve current security challenges. Refusing to accept the status quo Qualifications Combination of the following: Degree in Information Technology, Engineering or similar SIEM management - Desirable to have some advanced Certification from SIEM vendor on products such as ArcSight , MS Sentinel or Logrhythem Skills Network Protocols Cyber Security Tools/ ...

principles, NIST guidelines, FISMA, CISA, and federal directives to conduct ongoing security assessments; ensure the effective configuration and daily operations of cybersecurity tools including SIEM, Syslog, NDR, EDR, firewalls, M365 Cloud security, Defender for Cloud, and CDM capabilities; develop Security Orchestration and Automation capabilities; execute Incident Response activities; perform regular … current strategies and pursuing alignment with best practices. Ensure the effective configuration and daily operations of tools that support the NIGC cybersecurity strategy, including SIEM integration, Syslog, Network Detection and Response (NDR), Endpoint Detection and Response (EDR), firewalls, M365 Cloud security, Defender for Cloud, and Continuous Diagnostics and Mitigation ...

Cyber Security Operations Analyst (Tier 2) Role: Cyber Security Operations Analyst (Tier 2) Specialism(s): Security Operations, Security Alerts, Security Incident Management, SIEM, Defender, Cofense, Azure, Email Security, Conditional Access Policies, User Authentication, EDR, Playbooks Security Assessment, Vulnerability Analysis, Risk Analysis, SOAR Type: Contract, Daily Rate Pay Rate … minimum of 5 years can be considered* Role Requirements * Play an active role in the CSOC Operations team by: o Monitor active SIEM solutions and platforms o Investigate and triage to security alerts and incidents o Be the escalation point for junior analysts, offering knowledge and mentorship where required ...

Enterprise Security Architect - Manchester (Hybrid Working) Solid experience - SOC, SIEM, Network Security, Cloud Security Salary - £85,000 - £91,000 + Benefits Our client is looking for an Enterprise Security Architect who wants to apply their skills and experience within an exciting and vibrant Managed Services organisation. You will be responsible … and target-state architecture. Key Skills Broad understanding of enterprise-scale security architecture with deep expertise in at least two areas (e.g., SOC/SIEM, IAM, network security, cloud security, data protection). Strong knowledge of cloud security architectures (Azure/AWS/hybrid), security tooling, and modern security operations. ...

provide out-of-hours escalation support when required. This is a highly technical, hands-on role where youll lead threat hunting, develop and tune SIEM detections, and help mature SOC processes and response playbooks. Youll also play a key role in mentoring analysts and raising the overall technical capability … and this role will continue to evolve as AI-driven detection, automation, and response capabilities are introduced. You will: Develop, tune, and maintain SIEM detection rules across customer environments Conduct proactive threat hunting and threat intelligence research Act as a senior escalation point for Cyber Security Analysts Coach and mentor ...

Responsibilities of the Security Operations Shift Lead Lead investigations into escalated security incidents, assessing attack vectors, scope, and business impact. Correlate telemetry across SIEM, EDR, network, and cloud data sources to form complete incident narratives. Direct containment, eradication, and recovery actions in partnership with IT/OT stakeholders. Own medium … Preferred Certifications: GCIA, GCIH, CompTIA CySA+, Microsoft SC-200, Splunk Power User (or equivalent). Technical Expertise: Strong analytical mindset with deep knowledge of SIEM/EDR tooling. Understanding of adversary behaviour, malware characteristics, and incident-handling methodologies. Shift Structure & Security Conditions of the Security Operations Shift Lead 14 shifts ...

high-tempo operational environment aligned with federal cybersecurity frameworks (NIST, FISMA, OMB). Key Responsibilities Perform initial triage of security events from SIEM, EDR, NDR, and log sources, including CrowdStrike , FireEye/Trellix , Splunk , NetWitness , and related platforms. Conduct incident investigations , including host and network forensics, log analysis, and evidence … analysis, or incident response. Direct hands-on experience with IR tools, including: CrowdStrike Falcon (EDR) FireEye/Trellix (HX, Helix, or equivalent) Splunk (SIEM, dashboards, search queries) NetWitness (network forensics, packet analysis) Magnet AXIOM (host forensics) Strong understanding of adversary techniques, malware behavior, incident timelines, and forensic artifacts. Familiarity with ...

impact ecosystem partners. You'll own the technical side of the Microsoft + Huntress story- Microsoft Security and M365 -and how Huntress EDR, ITDR, SIEM, and our SOC layer on top. You'll design and validate integration patterns, support joint customer opportunities, and scale targeted enablement so field teams … and managed service overlays. Architect and validate end to end telemetry flows (e.g., Entra sign ins, Azure Activity Logs, resource diagnostics, M365 signals) into SIEM/log platforms so Huntress SIEM and ITDR can reliably consume them. Help partners choose and implement the right patterns for cost, coverage, and investigative ...

Description Job Description Position Summary August Schell is seeking a Senior Splunk/SIEM Engineer with advanced hands-on experience in designing, deploying, and maintaining large-scale Splunk environments. This role requires strong technical capabilities in troubleshooting complex system issues, creating custom dashboards, and managing Splunk clusters aligned with best … Splunk architecture, deployment models, and indexing best practices At least ten (10) years of overall Cybersecurity experience. At least five (5) years of SIEM experience Experience with vulnerability scanning, STIGs, database tuning, and network virtualization technologies Proficiency in creating custom dashboards and advanced queries Must hold a current Splunk Administrator ...

both technical and GRC security experience. Key Responsibilities: Oversee security incident management and response Threat management Configure, implement and maintain security tools such as SIEM, XDR, EDR, vulnerability management Implement and maintain security controls Conduct vendor risk assessments, support internal and external audits Governance, risk and compliance Skills & Experience: Proven … experience in Cyber Security operations, threat management Strong knowledge of SIEM, XDR, EDR, vulnerability management, firewalls and network security Good understanding of risk management, vendor security assessments and compliance Understanding of UK regulations, including Cyber Essentials, ISO27001, NIST On Offer: Salary up to £65,000 Hybrid working - approximately 2 days ...

Memory Access (DMA), RSS queues, interrupt coalescing, and leveraging any NIC-specific acceleration features. Collaborating with security teams to integrate IDS/IPS with SIEM and other security monitoring platforms. Troubleshooting installation and operational issues specific to IDS/IPS on Red Hat Enterprise Linux, addressing compatibility, kernel module requirements … Suricata configuration and deployment tasks. Proficient understanding of network protocols, intrusion detection methodologies, and security event correlation. Experience integrating Suricata with Splunk, or other SIEM solutions. Knowledge of containerized deployments of Suricata (Docker/Kubernetes) in enterprise environments. Detection and Response (NDR) solutions, including Trellix/FireEye, Corelight, Endace, Vectra ...

that impede team progress. Collaborate closely with our Endpoint Detection and Response (EDR), Identity Threat Detection and Response (ITDR), Security Information and Event Management (SIEM), and Platform product teams to identify cross-product opportunities. What You Bring to the Team: 6+ years in product management within the cybersecurity industry 3+ ...

rollout of hardened security baselines. You'll work closely with SOC, security architecture and incident response teams to integrate solutions into a centralised SIEM/SOC capability and fine-tune detection and response.This is a highly technical, electrofocusing role offering real ownership, autonomy and impact.Key Responsibilities Lead the implementation, configuration … and optimisation of OT security technologies (EDR, ITDR, NDR, ICS monitoring) Integrate OT security tooling with a central SOC/SIEM environment (including alerting, detection and response tuning) Take a threat led approach to security configuration, aligned to MITRE ATT&CK, Cyber Kill Chain and relevant threat intelligence Roll ...

Incident Response Analyst (MDR SIEM AWS) Remote UK to £55k Are you a tech savvy Incident Response Analyst? You could be progressing your career as an Incident Response Analyst, joining a friendly and supportive international team at a growing and hugely successful European car insurance tech company as they expand … Incident Response Analyst you will be responsible for strengthening EDR/XDR and DLP configurations, defining new automatic detections of security events in the SIEM, improving automatic security alerts triage and Incident Response playbooks, defining the runbooks to be used during Incident Response and leading the execution of Table ...

Management Systems (NMS), Intrusion Detection Systems/Intrusion Prevention System (IDS/IPS), Virtual Private Networks (VPN's), and security information and event management (SIEM) system. Use diagnostic programs; and utilities to ensure 99.9% network availability. Interacts with other IT Support staff, other departments (within DHS as well as external ...

title: Senior SIEM engineer/Technical SME Will the role be 100% remote, hybrid or 100% office? Remote with rare visit to office If the role is hybrid/office based specify location: Guildford WON/SWON: New T&M position Duration of assignment: 6 months Start date ...

Security Analyst - CISSP, CISM, CEH, EDR, SIEM, SOAR, IDS/IPS, TCP/IP, Defender Our leading global law firm client are currently looking to take on a new Security Analyst (CISSP, CISM, CEH, EDR, SIEM, SOAR, IDS/IPS, TCP/IP, Defender) to join their team … days per week in London and offer a great deal of autonomy and technical exposure. This Security Analyst (CISSP, CISM, CEH, EDR, SIEM, SOAR, IDS/IPS, TCP/IP, Defender) role, will be responsible for the day to day operations of existing security solutions and uses tools to identify ...