51 to 75 of 89 Remote/Hybrid SIEM Jobs

resilience. You will sit at the heart of our cyber defence operations, working daily with technologies including Microsoft O365 Defender, Entra ID, Intune, Rapid7 SIEM, and Sophos Antivirus. Youll be responsible for monitoring security events, investigating suspicious activity, responding to incidents, and continuously improving our security posture. This … cyber security What you will do: Security Monitoring & Incident Response Actively monitor alerts and telemetry across endpoints, identities, email, and cloud services using Rapid7 SIEM, Microsoft Defender, and Sophos AV. Investigate suspected cyber attacks including malware infections, phishing campaigns, identity compromise, and unauthorised access attempts. Perform triage, root cause analysis ...

across enterprise environments. This role will work closely with Cyber Security, SOC, Infrastructure, Cloud, Data Engineering, and Application teams to improve data visibility, reduce SIEM costs, and enhance security monitoring capabilities. Key Responsibilities Design, deploy, and manage Cribl data pipelines across enterprise environments. Configure and support Cribl Stream , including data … collection, transformation, filtering, enrichment, masking, and routing. Optimise telemetry ingestion into SIEM and observability platforms. Implement data reduction strategies to improve platform efficiency and reduce licensing costs. Develop and maintain data parsing, normalisation, and enrichment processes. Support integration with security and monitoring platforms such as Splunk, Microsoft Sentinel, Elastic, and ...

partysupplierstoprogressinvestigationandremediation. Participateinout-of-hoursresponseasrequired. Knowledge,Skills&ExperienceEssential ProvenexperienceinaLevel3orSeniorSecurityAnalystorIncidentResponserole. Hands-onexperienceinvestigatingandresolvingincidentsacrossendpoints,identityplatforms,networks,andcloudservices. Strongunderstandingofmalwareandransomwareresponse,identitycompromise,andvulnerabilityremediation. ExperienceworkingwithinformalSecurityIncidentandMajorIncidentprocesses. Strongwrittendocumentationandstakeholdercommunicationskills. Knowledge,Skills&ExperienceDesirable Experiencesupportingmulti-siteoroperationallysensitiveenvironments. FamiliaritywithDefender,SIEM,EDR,andvulnerabilitymanagementtools. UnderstandingofregulatedorPCI-adjacentenvironments. Relevantsecuritycertificationsorequivalentexperience. BehaviouralCompetencies Takesownershipfromdetectionthroughtoresolution. Investigatesthoroughlyandchallengesincompletefixes. Calm,methodical,anddecisiveduringliveincidents. Understandsoperationalandbusinessimpact. Professionalandconfidentwhenengagingcustomersandsuppliers. DecisionMaking&Authority Makestechnicaldecisionsrelatingtoinvestigation,containment,andremediationofsecurityincidents. EscalatesriskanddecisionpointsappropriatelytoIncidentManagementandServiceDeliveryleadership. KeyInterfaces IncidentManagement SecurityOperations InfrastructureandNetworkServices Third-partysuppliers ...

likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible for un-caveated UK SC Clearance. … Responsibilities Develop, maintain, and optimise detection content (primarily within Splunk SIEM) to identify threats across cloud, endpoint, and network environments. Collaborate across security functions to identify gaps in logging, alerting, and detection coverage aligned to business risk. Improve SecOps processes by recommending enhanced logging, identifying trends, and driving operational optimisation. ...

likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible for un-caveated UK SC Clearance. … Responsibilities Develop, maintain, and optimise detection content (primarily within Splunk SIEM) to identify threats across cloud, endpoint, and network environments. Collaborate across security functions to identify gaps in logging, alerting, and detection coverage aligned to business risk. Improve SecOps processes by recommending enhanced logging, identifying trends, and driving operational optimisation. ...

likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible for un-caveated UK SC Clearance. … Responsibilities Develop, maintain, and optimise detection content (primarily within Splunk SIEM) to identify threats across cloud, endpoint, and network environments. Collaborate across security functions to identify gaps in logging, alerting, and detection coverage aligned to business risk. Improve SecOps processes by recommending enhanced logging, identifying trends, and driving operational optimisation. ...

likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible for un-caveated UK SC Clearance. … Responsibilities Develop, maintain, and optimise detection content (primarily within Splunk SIEM) to identify threats across cloud, endpoint, and network environments. Collaborate across security functions to identify gaps in logging, alerting, and detection coverage aligned to business risk. Improve SecOps processes by recommending enhanced logging, identifying trends, and driving operational optimisation. ...

likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible for un-caveated UK SC Clearance. … Responsibilities Develop, maintain, and optimise detection content (primarily within Splunk SIEM) to identify threats across cloud, endpoint, and network environments. Collaborate across security functions to identify gaps in logging, alerting, and detection coverage aligned to business risk. Improve SecOps processes by recommending enhanced logging, identifying trends, and driving operational optimisation. ...

understanding of Information Security solutions e.g. email/web gateways, Privileged Account Management (PAM), Identity Governance and Administration (IGA), Security Information and Event Management (SIEM), Endpoint protection etc. Knowledge/experience working with firewalls is highly advantageous Experience of Cloud security solutions and standards is highly advantageous Competence, knowledge and ...

Senior Cyber Security Analyst, Professional Services, CompTIA, SIEM, ISO27001, Part Remote Senior Cyber Security Analyst required to work for a Law Firm based in the City of London. It will be 3 days a week in the office and 2 from home. We need an experienced Senior Cyber Security Analyst … relevant certification preferred Strong understanding of network and end point security, incident response, threat intelligence, and vulnerability management Experienced with security tools such as SIEM platforms, EDR/XDR solutions, firewalls, IDS/IPS Strong knowledge of Microsoft Azure cloud security technologies and concepts Familiar with cybersecurity frameworks such ...

demonstrate you are well versed in dealing with Cyber Security incident management/responses and mitigating the risks. You will have proven experience in SIEM, Anti-Virus, Vulnerability management, Data Loss Prevention and security tools as well as a good understanding of compliance around ISO 27001 and PCI-DSS This ...

demonstrate you are well versed in dealing with Cyber Security incident management/responses and mitigating the risks. You will have proven experience in SIEM, Anti-Virus, Vulnerability management, Data Loss Prevention and security tools as well as a good understanding of compliance around ISO 27001 and PCI-DSS This ...

servers, databases, applications, cloud, and DevOps environments. Configure password vaulting, rotation, reconciliation, session monitoring, recording, and auditing. Integrate CyberArk with Active Directory, identity providers, SIEM platforms, ticketing systems, and other enterprise tools. Develop automation using CyberArk REST APIs and PowerShell or Python scripting. Act as the escalation point for complex ...

profession standards with HR/L&D.Timely access to SL stakeholders, systems, repositories, and tooling (e.g., policy library, LMS, phishing platform, service management/SIEM, PMO data). Availability of policy owners and project managers for reviews and attestations. SL will provide required clearances, facilities, and collaboration tools. Core experience ...

Security (IAM, MFA, encryption, policy enforcement) Storage & data services (object/block/file, backup, replication) Automation (IaC, pipelines, scripting) Observability (logging, metrics, tracing, SIEM integration) Why Join Quorum? Quorum is an employee-owned IT consultancy, delivering managed services, projects, and professional services to organisations across the public and private ...

likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible for un-caveated UK SC Clearance. … Responsibilities Develop, maintain, and optimise detection content (primarily within Splunk SIEM) to identify threats across cloud, endpoint, and network environments. Collaborate across security functions to identify gaps in logging, alerting, and detection coverage aligned to business risk. Improve SecOps processes by recommending enhanced logging, identifying trends, and driving operational optimisation. ...

likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible for un-caveated UK SC Clearance. … Responsibilities Develop, maintain, and optimise detection content (primarily within Splunk SIEM) to identify threats across cloud, endpoint, and network environments. Collaborate across security functions to identify gaps in logging, alerting, and detection coverage aligned to business risk. Improve SecOps processes by recommending enhanced logging, identifying trends, and driving operational optimisation. ...

workshops, stakeholder sessions, and requirement discussions Support UAT, validation, and policy rollouts Track project progress, risks, and deliverables Assist in evaluating NAC tools & integrations (SIEM, CMDB, ITSM) Required Skills & Experience Senior Business Analyst (enterprise/financial services preferred) Strong experience with NAC tools – Forescout preferred Solid network fundamentals (VLANs, 802.1X ...

recovery governance, and secure operational restoration. IT/OT Integration Assurance: Collaborate with cross-functional architecture and engineering teams to govern system onboarding (e.g., SIEM/SOC infrastructure monitoring) across both corporate enterprise and industrial Operational Technology (OT/SCADA) environments. Requirements Governance: Create procurement-grade business analysis artifacts, including ...

senior escalation point for Level 1 and Level 2 analysts Conduct proactive threat hunting activities and identify emerging attack patterns Develop and optimise SIEM detection rules, correlation logic, and automation workflows Improve incident response processes, runbooks, and security operations procedures Analyse security alerts and telemetry to identify threats and vulnerabilities … have: Strong experience within a Security Operations Centre (SOC) environment Proven experience handling high-severity cyber incidents and incident response Hands-on experience with SIEM technologies, log analysis, and threat detection Strong understanding of Microsoft security tooling including Microsoft Sentinel, Defender XDR and Entra ID Experience with KQL (Kusto Query ...

Cyber Security, with the following skills and experience: Experience in SOC operations, incident response, and forensic analysis. Proficiency in Security Information and Event Management (SIEM), including tools such as Splunk, Defender, and Tenable Threat Modelling System solutions, as well as with IDS/IPS and vulnerability scanners. Ability to perform ...

clear commercial reporting to stakeholders Main Skills Needed: Proven experience in strategic account management and Cybersecurity technologies, services and solutions (Inclusive of SOC/SIEM, EDR, MDR, Security Assessments, GRC etc.) Consultative in approach, able to identify growth opportunities within existing accounts to develop relationships and position new solutions that ...

reviews and continuous improvement actions Own and manage key security platforms, including security awareness and secure communications tools Ensure effective configuration and use of SIEM and monitoring technologies, with meaningful reporting for senior stakeholders Identify, assess and mitigate cyber risks through regular assessments and control reviews Chair or contribute … and security governance Very strong familiarity with Microsoft security technologies, including Microsoft 365, E5 licensing and the associated security stack (e.g. identity, endpoint, email, SIEM and cloud security tooling) Broad technical exposure across infrastructure, cloud and network technologies, with the ability to translate technical risk into business language Experience working ...

role in a growing SecOps function protecting a modern Microsoft and cloud environment. This is a highly technical role focused on incident response, SIEM optimisation, vulnerability management, and security engineering, helping drive a Zero Trust journey and supporting ISO 27001 & CIS controls. What you'll be doing Lead and support … incident response, threat monitoring and root-cause analysis Tune and optimise SIEM & CrowdStrike EDR for maximum effectiveness Drive vulnerability management, remediation and risk reduction Secure cloud and infrastructure across Intune, Entra ID, Palo Alto, Cisco ISE, Mimecast and more Implement key security controls including MFA, SSO, PAM, WAF, DDoS ...

and improve operational efficiency Investigate security incidents and drive root cause analysis and remediation Implement and manage tools such as Microsoft Defender, Nessus, and SIEM/SOAR platforms Develop secure cloud templates and baseline configurations Partner with engineering teams to embed secure coding and DevSecOps practices Stay up to date … prem environments Deep understanding of Azure security, DevOps, and automation Hands-on experience with EDR/DLP tools (e.g. Microsoft Defender) Experience with SIEM/SOAR platforms Knowledge of frameworks such as ISO 27001, NIST, and CIS Strong troubleshooting and problem-solving skills Ability to manage multiple priorities ...