226 to 250 of 466 Remote SIEM Jobs

and remediate security incidents. Maintain detailed incident records and assist in post-incident reviews for continuous improvement. Essential Skills & Experience: Proven experience in cyber security with a focus on SIEM tools, particularly Microsoft Sentinel . Strong analytical skills in log management, threat detection, and incident response. Familiarity with Sentinel integrations, automation, and threat intelligence feeds. Ability to deliver clear, actionable More ❯

Engineering, Network Security, and/or working in a Security Operations Centre (SOC). Hands-on knowledge of security tools and technologies, including Web Application Firewalls, SASE, access control, SIEM, antivirus, email/web security gateways, firewalls, load balancers, ACLs, and network protocols (TCP/IP, routing, switching). Strong grasp of security infrastructure design, IT security best practices, and More ❯

cloud security roles (GCP preferred) . Track Record: Demonstrated success in building and scaling cloud security programs from scratch. Tooling: Familiarity with core cloud security components including IAM , WAFs , SIEM , CSPM , and vulnerability scanners. Technical Skills: Proficiency in at least one scripting or programming language (e.g. Python, Go, Bash). Threat Modeling: Practical knowledge of frameworks like STRIDE and PASTA. More ❯

fully Cloud based technical environment Security: Enforcing and designing Security and access management policies IAM management Azure AD, MFA, SSO, PAM etc. Threat monitoring and detection – Microsoft Defender, Sentinel, SIEM etc. Adhering to security frameworks – ISO27001, NIST, GDPR Conducting risk assessments Core skills required: Strong Azure and Microsoft 365 experience (Exhcnage, SharePoint, Teams, Azure Infrastructure, Defender, Sentinel) Strong Security experience More ❯

fully Cloud based technical environment Security: Enforcing and designing Security and access management policies IAM management Azure AD, MFA, SSO, PAM etc. Threat monitoring and detection – Microsoft Defender, Sentinel, SIEM etc. Adhering to security frameworks – ISO27001, NIST, GDPR Conducting risk assessments Core skills required: Strong Azure and Microsoft 365 experience (Exhcnage, SharePoint, Teams, Azure Infrastructure, Defender, Sentinel) Strong Security experience More ❯

fully Cloud based technical environment Security: Enforcing and designing Security and access management policies IAM management Azure AD, MFA, SSO, PAM etc. Threat monitoring and detection – Microsoft Defender, Sentinel, SIEM etc. Adhering to security frameworks – ISO27001, NIST, GDPR Conducting risk assessments Core skills required: Strong Azure and Microsoft 365 experience (Exhcnage, SharePoint, Teams, Azure Infrastructure, Defender, Sentinel) Strong Security experience More ❯

including ISO27002, CIS, NCSE CAF, NIST CSF. A strong understanding of SOC processes and procedures. Good understanding of the Microsoft stack. Advisor in advanced cybersecurity services including SSE, SASE, SIEM, MDR/EDR. Experience working with security frameworks and/or market leading solutions (preferred). Experience in recommending and designing solutions to meet compliance guidelines. Industry recognised certifications such More ❯

Press Tab to Move to Skip to Content Link Select how often (in days) to receive an alert: SIEM Software Engineering Lead Function: Cyber Security Unit: Networks Location: Snowhill, Birmingham, United Kingdom Salary: Competitive with Great Benefits The new Network SIEM is essential to BT's network security, meeting TSA requirements and improving our CAF level. Being the SIEM DevOps … with SysOps Software Engineer you will play a critical role in designing, developing, implementing, and maintaining our strategic SIEM platform as part of the Security Engineering platform team, leading the implementation of the SIEM Automation strategy and providing guidance and oversight of the SIEM Platform Automation team. This role is hybrid (3 days in the week) and can be based … CI/CD pipeline Technical leadership working in a high performing team of engineers delivering state of the art security tools for BT. Be an active member of the SIEM/CDP log onboarding team, delivering SIEM/CDP functionality in line with the requirements. Act as product owner, breaking down top level requirements into product backlogs as part of More ❯

is expensed 37.5 hour week with early finish one day a week Structured progression and internal knowledge-sharing culture Key Responsibilities Triage and investigate alerts from a range of SIEM and EDR platforms Perform initial escalation, incident classification, and severity assessment Conduct threat hunting and intel correlation using raw log sources Produce clear incident documentation and response reports Participate in More ❯

Scripting: Proficient in reading code (e.g., Python, Scala) and using Git for version control of code and configuration changes. Familiarity with iOS or Android security. Experience of industry-standard SIEM and vulnerability scanning tools. Nice to have: Relevant industry certifications (CISSP, OSCP, etc.). Experience of supporting audits such as ISO27001. Experience of working with security risk management frameworks such More ❯

will make an impact at Perenna: Proven and relevant experience working in cyber security, where you can show experience with using a range of security technologies such as firewalls, SIEM, endpoint protection, and vulnerability scanning tools. A pro-active, self-starter mentality, showing that you can take the initiative and be comfortable owning outcomes – the scope of this role will More ❯

will make an impact at Perenna: Proven and relevant experience working in cyber security, where you can show experience with using a range of security technologies such as firewalls, SIEM, endpoint protection, and vulnerability scanning tools. A pro-active, self-starter mentality, showing that you can take the initiative and be comfortable owning outcomes – the scope of this role will More ❯

logs) to identify potential threats and vulnerabilities. Perform in-depth investigations of alerts and incidents, determining their root cause, scope, and impact. Support MDR analysts in handling alerts, and SIEM administration activities such as creating custom use-cases, log-source integration, and Logs Parsing. Implement actions to contain and eliminate threats, restore systems to a secure state, and minimize damage. More ❯

technical issues. Good documentation skills and an ability to work with non-technical stakeholders to explain security concepts. Knowledge of endpoint management tools (e.g., Intune, SimpleMDM). Experience with SIEM tools and log analysis. Ability to work independently and manage multiple priorities in a dynamic environment. Standout candidates will also Have adaptability and flexibility Have a probing and analytical approach More ❯

and the gathering of data in support of them Own completion and accuracy of all SecOps-related product delivery evidence Key Skills Security products (M365 Defender stack, Sentinel/SIEM, email filtering (including authentication protocols), AV, firewalls, WAFs, Defender for Cloud) Security Testing (SAST, DAST, vulnerability scanning, configuration compliance scanning) Virtualisation platforms and operating systems, including Hyper-V and Windows More ❯

Logstash, and Elasticsearch APIs. • Create and manage Kibana dashboards to provide actionable insights to technical and non-technical stakeholders. • Tune and optimize Elasticsearch clusters for performance and availability. • Support SIEM and threat-hunting capabilities using Elastic Security features. • Work with DevOps teams to automate deployment and monitoring of Elastic solutions using tools such as Ansible, Terraform, or Kubernetes. • Ensure compliance More ❯

technologies Your experience should include: Securing systems by deploying patches and antivirus products Working with network switches, firewalls and wireless access points Working with toolsets such as vulnerability management, SIEM, PAM, IDS/IPS, EDR or DLP platforms Familiarity with IAM best practices, including Multi-Factor Authentication (MFA), Conditional Access, and Identity Governance. RBAC configurations and understanding of how RBAC … success Be self-motivated to get answers and understand root causes. Who You Are - it's desirable if you have any of the following Experience with Microsoft Defender Endpoint, SIEM (Securonix, Sentinel), Tenable or Azure Defender for Cloud AZ-900/SC-900 SC-200 SC-300 Benefits & Perks! You will have fantastic benefits at ESO including but not limited More ❯

underpinning N Brown’s cyber security services. You’ll have a good understanding of a range of security tools like web application firewalls, intrusion detection technologies, vulnerability scanners and SIEM’s; and the technical knowledge to integrate them to enhance our protection and build automated responses. You’ll need a good understanding of the tooling available in our cloud environments … to protect against them. Experience responding to incidents across corporate and customer-facing web applications, identifying potential threats and mitigating/escalating as required would be beneficial. Experience with SIEM Platforms (ideally Splunk), including working with logs and creating correlation searches and dashboards is a plus. Experience of working within PCI DSS, or other compliance frameworks. Software and Technology SIEM More ❯

to protect against them. Experience responding to incidents across corporate and customer-facing web applications, identifying potential threats and mitigating/escalating as required would be beneficial. Experience with SIEM Platforms (ideally Splunk), including working with logs and creating correlation searches and dashboards is a plus. Experience of working within PCI DSS, or other compliance frameworks. Software and Technology SIEM More ❯

As a Senior Security Engineer on the cloud security engineering team you will: Leverage cloud-native security tools (e.g., IAM, GuardDuty, AWS WAF, Security Hub) along with EDR and SIEM to enhance security posture. Develop strategies, frameworks, automations and processes to advance the Detection and Response program. Create Protective and Detective controls using open-source and closed-source intelligence sources More ❯

access control (RBAC), and identity federation. Strong understanding of network and application security principles. Familiarity with Infrastructure-as-Code (e.g., Bicep, ARM templates, Terraform). Hands-on experience with SIEM tools, ideally Azure Sentinel. Understanding of regulatory and compliance frameworks (e.g., CIS Benchmarks, HIPAA, PCI-DSS). Excellent problem-solving skills, communication, and the ability to explain technical concepts to More ❯

access control (RBAC), and identity federation. Strong understanding of network and application security principles. Familiarity with Infrastructure-as-Code (e.g., Bicep, ARM templates, Terraform). Hands-on experience with SIEM tools, ideally Azure Sentinel. Understanding of regulatory and compliance frameworks (e.g., CIS Benchmarks, HIPAA, PCI-DSS). Excellent problem-solving skills, communication, and the ability to explain technical concepts to More ❯

the technology underpinning N Brown’s cyber security services.You’ll have a good understanding of a range of tools like web application firewalls, intrusion detection technologies, vulnerability scanners and SIEM’s; and the technical knowledge to integrate them to enhance our protection. You’ll also need a good understanding of the native tooling available in our cloud environments and will … to protect against them. Experience responding to incidents across corporate and customer-facing web applications, identifying potential threats and mitigating/escalating as required would be beneficial. Experience with SIEM Platforms (ideally Splunk), including working with logs and creating correlation searches and dashboards is a plus. Experience of working within PCI DSS, or other compliance frameworks. Software and Technology Coding … languages (Python, Teraform) Build pipeline tools (Gitlab, Jenkins) IaaS (AWS, Azure, GCP) & SIEM (ideally Splunk) Endpoint Detection and Response (EDR) tools such as MS Defender APT. Network and Host Intrusion Detection/Prevention tools Web Application Firewalls (ideally Akamai) Vulnerability scanning tools (ideally Rapid7) What’s in it for you? Hybrid working (2-3 days in the office at a More ❯

Have a demonstrated knowledge of common intrusion methods and cyber-attack tactics, techniques, and procedures (TTPs). Exhibit skills using common Incident Response and Security Monitoring?applications such as SIEM (Splunk), EDR (FireEye HX, CrowdStrike Falcon, McAfee mVision EDR.), WAF, IPS Additional Information Benefits package includes: Flexible work environment, working hybrid or in the office if you prefer. Great compensation More ❯

Security Operations Centre (SOC), including threat and risk analysis. Leading technical responses to cyber incidents and collaborating across vulnerability management, threat hunting, and monitoring teams. Using platforms such as SIEM, EDR, and threat intelligence tools to support investigations and analysis. Tracking global cyber trends, adversary campaigns, and geopolitical developments to produce timely, actionable intelligence. Evaluating intelligence from OSINT, commercial feeds More ❯