26 to 50 of 534 Remote SIEM Jobs

security as a primary requirement). Drive adoption and integration of the latest security technologies. Installing, configuring, updating, and monitoring security tools and software, such as antivirus, encryption, authentication, SIEM etc. Evaluate, research and manage emerging cyber security threats. Support the incident management process, through Root Cause Analysis. Responding to and resolving security incidents and events, such as malware infections More ❯

will possess strong communication and incident management skills and will be committed to ensuring the highest level of security, compliance, and user experience. Responsibilities: Investigate security alerts from our SIEM tool and 3rd party MSSPs, and to provide appropriate incident response actions. Liaise with technology and business stakeholders in relation to cyber security issues/incidents providing clear descriptions and … teams. Supporting out-of-hours incident investigations via an On-Call rota, covering 24*7*365 alongside our 3rd party MSSP. Monitor, analyse and optimise SecOps tool performance (e.g. SIEM, PAM), identify potential issues, and recommend and implement proactive solutions. Develop and maintain SecOps documentation, policies, and procedures. Collaborate with stakeholders to understand business requirements and implementing security controls that … problems in a simple manner to non-technical audiences Strong understanding of OT infrastructure, networking, and end-user computing. Experience writing Kusto Query Language (KQL) for creating and tuning SIEM queries and alerts. Proficient in configuration and troubleshooting of multi-factor authentication (MFA), Privileged Access Management (PAM) and Security Information & Event Management (SIEM) systems, in particular Microsoft Sentinel. Desirable Experience More ❯

remediation. Knowledge of security frameworks, such as NIST, ISO 27001, or similar. Excellent communication skills, with the ability to clearly convey technical details to diverse audiences. Previous experience in SIEM/SOAR within large-scale, complex environments. Familiarity with other security tools and technologies. Desirable Skills Relevant certifications (e.g., CISSP, CEH, Microsoft Certified: Security, Compliance, and Identity Fundamentals) a plus. More ❯

Security: Implement and monitor DNS security solutions to prevent cyber threats. Incident Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. Monitor, audit, and improve infrastructure security posture using automated tooling. Policy & Procedures: Define and enforce security policies, incident response strategies, and structured … with Terraform for IaC security automation. Knowledge of DevOps pipelines (CI/CD) and security hardening. Deep understanding of PCI DSS compliance, security frameworks, and audit processes. Familiarity with SIEM solutions, security orchestration platforms, and log management. Strong experience with incident response planning, threat detection, and mitigation. Ability to define security policies, procedures, and structured action plans for compliance and More ❯

and represent the project at key meetings such as ADF and TDAs. Represent the project in all technical discussions related to Splunk, onboarding, SOAR, Attack Analyzer, etc. Essential Skills: SIEM engineering and architecture skills, specifically in Splunk SaaS. Experience with delivery lifecycle improvements for Splunk SaaS. Experience in defining SIEM improvements within Cyber Security Operations Centre (CSOC) functions. Strong communication … reporting, documentation, and presentation skills. AWS infrastructure skills, including configuration of EC2, S3, etc. Desirable Skills: Public Sector experience. Experience with other SIEM solutions. Experience with multiple cybersecurity technologies. Essential Qualifications: Cloud Security Architecture (CSA) Splunk Cloud Administrator Splunk Enterprise Security Splunk SOAR Administrator Splunk Certified Cybersecurity Defence Analyst Implementing Microsoft Azure Infrastructure Solutions Developing Windows Azure and Web Services … Security Information & Event Management (SIEM) JIRA, Confluence, Git Desirable Qualifications: CISSP Ethical Hacking and Intrusion Prevention Information Security Management Systems (ISMS) Access and Management (IDAM) Public Key Infrastructure (PKI) We support Armed Forces Covenant and guarantee interviews for veterans or military spouses/partners meeting all essential criteria. If interested, please notify us, and we will arrange a guaranteed interview. More ❯

months (192 working days) Active SC clearance required Role Overview We are seeking an experienced Splunk Engineer/Security Architect to lead strategic and tactical improvements to the SIEM and associated components across a large-scale hybrid security environment. You'll play a pivotal role in enhancing monitoring capabilities, driving SIEM convergence, and supporting the maturity of security operations. This … role is aligned to a national programme improving the government's ability to detect and respond to cyber threats across multiple portfolios. You'll work alongside the SIEM Product Owner and CSOC teams to define and deliver architectural and engineering enhancements using Splunk SaaS and related technologies. Key Responsibilities Produce and maintain architecture diagrams, high- and low-level design documentation … SQS, etc.) Drive use case development aligned with CSOC and MITRE ATT&CK framework Attend and represent the project at key technical forums (ADF, TDA, workshops) Deliver improvements to SIEM architecture, use cases, automation, and data enrichment Improve onboarding processes for directorates and manage onboarding QA Lead integration of SOAR, Attack Analyzer, and other tooling into operational use Standardise collection More ❯

managing complex IAM scenarios, such as multi-cloud environments or hybrid identities. Knowledge of hybrid cloud environments and securing multi-cloud architectures. Familiarity with Security Information and Event Management (SIEM) systems. Experience in securing serverless computing models and microservices. Benefits We think you'll enjoy working at Mozn. Here's why: We selectively choose to undertake projects with impact; our More ❯

dependent on experience) Responsibilities As a MAF Security Operations Specialist you will play a critical role in protecting our digital infrastructure. You'll lead the implementation and management of SIEM systems, Fortinet security tools, and endpoint detection & response (EDR) while conducting vulnerability assessments and penetration testing to stay ahead of cyber threats. You'll enhance identity and access management (IAM … IT security roles with focus on infrastructure security Strong experience with Fortinet security products and solutions Advanced knowledge of Microsoft Active Directory and Entra ID administration Demonstrated experience with SIEM implementation and management Strong background in network security and infrastructure protection Experience with IDS/IPS systems and security monitoring tools Proven incident response and threat hunting experience Programming/ More ❯

condition of employment. Responsibilities As a MAF Security Operations Specialist you will play a critical role in protecting our digital infrastructure. You'll lead the implementation and management of SIEM systems, Fortinet security tools, and endpoint detection & response (EDR) while conducting vulnerability assessments and penetration testing to stay ahead of cyber threats. You'll enhance identity and access management (IAM … IT security roles with focus on infrastructure security Strong experience with Fortinet security products and solutions Advanced knowledge of Microsoft Active Directory and Entra ID administration Demonstrated experience with SIEM implementation and management Strong background in network security and infrastructure protection Experience with IDS/IPS systems and security monitoring tools Proven incident response and threat hunting experience Programming/ More ❯

condition of employment. Responsibilities As a MAF Security Operations Specialist you will play a critical role in protecting our digital infrastructure. You'll lead the implementation and management of SIEM systems, Fortinet security tools, and endpoint detection & response (EDR) while conducting vulnerability assessments and penetration testing to stay ahead of cyber threats. You'll enhance identity and access management (IAM … IT security roles with focus on infrastructure security Strong experience with Fortinet security products and solutions Advanced knowledge of Microsoft Active Directory and Entra ID administration Demonstrated experience with SIEM implementation and management Strong background in network security and infrastructure protection Experience with IDS/IPS systems and security monitoring tools Proven incident response and threat hunting experience Programming/ More ❯

Staying updated on the latest cyber threats and trends to anticipate potential risks. Qualifications Technical Knowledge: Familiarity with operating systems (Windows, Mac, Linux), firewalls, VPNs, proxies, and security information and event management systems (SIEMs). Analytical Skills: Ability to analyse complex data and identify potential security threats. Problem-Solving: Strong problem-solving skills to address and mitigate security issues. Communication More ❯

automation Have a good working knowledge of threat landscapes, including common attack vectors (MITRE ATT&CK) and emerging threats Have a good understanding of EDR tools (Microsoft Defender) and SIEM Tools (Microsoft Sentinel) and the Microsoft Defender Portal Are able to identify, analyse and respond to cybersecurity threats and incidents, liaising with other teams as required Can easily explain complex More ❯

knowledge of the threat landscape relevant to SaaS products, preferably in a data-heavy environment Hands-on experience with security technologies such as firewalls, intrusion detection/prevention systems, SIEM, antivirus, encryption, and vulnerability assessment tools You own relevant certifications (Security+, IAT II/III level or similar) You excel in risk assessments, vulnerability management, and data-driven decision making More ❯

re an accomplished Security Operations Engineer with a track record of threat detection engineering within a security operations center (SOC) or similar environment. You bring hands-on experience with SIEM solutions, EDR, intrusion detection/prevention systems, and other security tools. You're proficient in scripting languages (e.g. Python) for automating security processes and customizing security tools. You have prior More ❯

to share information, coordinate responses, and improve inter-team relationships. Previous experience within a Security Operations role. Exposure to key security technologies, such as IDS, Web content filters, AV, SIEM, Vulnerability Management, Firewalls, and awareness of their purpose in a layered security approach alongside analysing their outputs for security anomaly detection. In-depth understanding of the cyber threat landscape, advanced More ❯

similar role, with deep understanding of the threat landscape, ideally in fintech environments. Hands-on expertise with security technologies, including firewalls, intrusion detection/prevention systems (IDS/IPS), SIEM, antivirus solutions, encryption mechanisms, and vulnerability assessment tools. Hands-on experience in security tools (e.g., SAST, DAST, OWASP ZAP). Relevant security certifications, such as Security+, IAT II/III More ❯

knowledge of the threat landscape relevant to SaaS products, preferably in a data-heavy environment Hands-on experience with security technologies such as firewalls, intrusion detection/prevention systems, SIEM, antivirus, encryption, and vulnerability assessment tools You own relevant certifications (Security+, IAT II/III level or similar) You excel in risk assessments, vulnerability management, and data-driven decision making More ❯

Azure and AWS. Relevant certifications (e.g., Microsoft SC-200, AWS Certified Cloud Practitioner). Proficiency in network/application protocols and operating systems. Experience with security tools (EDR, SOAR, SIEM). Preferred scripting/programming experience. Knowledge of cyber security legislation and best practices. Preferred experience dealing with incidents in a wide range of environments, including OT and ICS technologies. More ❯

techniques, tactics, and procedures (TTPs) used in detected attacks, from start to finish. Capture and feed attack chain details into detection capabilities. Ensure monitoring effectiveness by creating and updating SIEM/SOAR playbooks, adapting to evolving attacker TTPs. Use Intrusion Analysis skills to contribute to new detection techniques and research industry capabilities. Communicate with government or commercial security operations centers More ❯

national infrastructure through proactive monitoring, analysis, and improvement of cybersecurity postures. Essential Skills and Experience: Proven experience in a Security Operations Centre (SOC) environment Strong hands-on expertise with SIEM tools such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ) Skilled in incident response and threat intelligence analysis Familiarity with … SOC Analyst , you will be at the forefront of digital defenceleading incident response, improving detection mechanisms, and mentoring junior analysts. Your responsibilities will include: Analysing security incidents using advanced SIEM platforms ( Microsoft Sentinel , Splunk ) Leading incident response and driving improvements in detection and containment strategies Tuning and maintaining detection rules, using threat frameworks like Mitre Att&ck Collaborating with colleagues More ❯

closing meetings. External Audit Coordination: Collaborate with external audit teams to streamline processes and provide requested documentation and evidence. Security Monitoring: Use tools such as Rapid7 InsightIDR or other SIEM solutions to assist with security monitoring and incident detection. Incident Response Support: Participate in incident response efforts, documenting security incidents and assisting in containment and recovery actions. Threat Identification: Contribute … audit and compliance frameworks, including ISO 27001, ISO 27701, ISO 42001, GDPR, DORA, Cyber Essentials, and Cyber Essentials Plus. Familiarity with CSOC tools such as Rapid7 InsightIDR or other SIEM solutions. Hands-on experience in internal and external audits, compliance assessments, and process improvement. Basic understanding of incident response frameworks and cybersecurity best practices. Exceptional analytical, organizational, and communication skills. More ❯

knowledge of networking protocols, operating systems, and cloud technologies. Strong understanding of security principles, practices, and frameworks (e.g., PCI, NIST, ISO 27001). Experience with security tools such as SIEM, IDS/IPS, endpoint protection, and penetration testing tools. Experience with public cloud security, specifically AWS, Azure, and Google Cloud Platform (GCP). You will have an advantage if you More ❯

closing meetings. External Audit Coordination: Collaborate with external audit teams to streamline processes and provide requested documentation and evidence. Security Monitoring: Use tools such as Rapid7 InsightIDR or other SIEM solutions to assist with security monitoring and incident detection. Incident Response Support: Participate in incident response efforts, documenting security incidents and assisting in containment and recovery actions. Threat Identification: Contribute … audit and compliance frameworks, including ISO 27001, ISO 27701, ISO 42001, GDPR, DORA, Cyber Essentials, and Cyber Essentials Plus. Familiarity with CSOC tools such as Rapid7 InsightIDR or other SIEM solutions. Hands-on experience in internal and external audits, compliance assessments, and process improvement. Basic understanding of incident response frameworks and cybersecurity best practices. Exceptional analytical, organizational, and communication skills. More ❯

knowledge of networking protocols, operating systems, and cloud technologies. Strong understanding of security principles, practices, and frameworks (e.g., PCI, NIST, ISO 27001). Experience with security tools such as SIEM, IDS/IPS, endpoint protection, and penetration testing tools. Experience with public cloud security, specifically AWS, Azure, and Google Cloud Platform (GCP). You will have an advantage if you More ❯

skilled and experienced Security Analyst to join our team. The ideal candidate will have a strong background in vulnerability management and experience working with Security Information and Event Management (SIEM) tools such as Microsoft Sentinel. You will play a critical role in ensuring the security of our cloud environments, infrastructure, and business units by identifying, analyzing, and addressing vulnerabilities and … of information to identify, analyze, and report on relevant threats and vulnerabilities. Continuously monitor and assess the threat landscape to adjust security measures accordingly. SIEM and EDR: Implement and manage SIEM tools such as Microsoft Sentinel to monitor and respond to security incidents. Utilize Endpoint Detection and Response (EDR) tools like Microsoft Defender to detect, investigate, and mitigate threats. Cloud … across the entire estate, ensuring compliance with security policies and standards. Qualifications: Proven experience in vulnerability management and the use of tools like Tenable One. Hands-on experience with SIEM tools, particularly Microsoft Sentinel. Experience deploying and managing vulnerability assessment and Attack Surface Management tools. Strong knowledge of cloud security, particularly in AWS and Azure environments. Proficiency with EDR tools More ❯