51 to 75 of 88 Remote/Hybrid SIEM Jobs

this candidate to have expertise within: Modern Workplace: Voice and Contact Centre Endpoint, M365, Teams and Viva Security Practice: M365, Intune, Defender, SOC, SIEM, etc. Cloud Data and AI: AI & Automation: Copilot, Copilot Studio and Power Platform This should be combined with experience and high-level understanding of large-scale ...

Entra ID (Azure AD), Microsoft 365 E5, Azure IaaS/PaaS, Windows/Linux/Unix. Strong knowledge of security tooling such as SIEM, endpoint detection (EDR/XDR), and vulnerability management platforms. Hands-on experience with policy development, access control models and logging standards. Experience supporting assurance activities … government-mandated reviews (e.g. GovAssure, Secure by Design). Knowledge of Incident Management, Vulnerability Assessments, SIEM & SOC Systems. Familiarity with ITSM workflows and change control procedures Experience designing or reviewing secure software supply chain and CI/CD security . Ability to interpret CVEs, CVSS scores, and threat intelligence feeds. ...

including Entra ID (Azure AD), Microsoft 365 E5, Azure IaaS/PaaS, and Windows/Linux/Unix systems. Utilise security tooling such as SIEM, EDR/XDR, and vulnerability management platforms to monitor and improve security posture. Develop and implement security policies, access control models (RBAC, ABAC), and logging … Cyber Essentials. Experience conducting security audits and implementing remediation strategies. Technical expertise across cloud and enterprise platforms (Azure, M365, operating systems). Familiarity with SIEM, SOC operations, endpoint detection, and vulnerability management tools. Knowledge of ITSM processes, change control, and governance frameworks. Experience with CI/CD security and software ...

likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible for UK SC Clearance. Key Responsibilities … Develop, maintain, and optimise detection content (primarily within Splunk SIEM) to identify threats across cloud, endpoint, and network environments. Collaborate across security functions to identify gaps in logging, alerting, and detection coverage aligned to business risk. Improve SecOps processes by recommending enhanced logging, identifying trends, and driving operational optimisation. Conduct ...

role for you. As our Cyber Security Engineer, youll play a key part in supporting and evolving our security tooling, especially our SIEM platform. Youll work directly with both internal teams and customers to ensure strong security outcomes across the board. You will: Take ownership of SOC tooling, with … primary focus on our SIEM platform. Implement SIEM solutions into customer environments and tune data feeds effectively. Work closely with the SOC to maintain and continuously improve SIEM rulesets and use cases. Provide expert cyber guidance and technical leadership to customers. Support major security incidents and play a hands ...

understanding of Information Security solutions e.g. email/web gateways, Privileged Account Management (PAM), Identity Governance and Administration (IGA), Security Information and Event Management (SIEM), Endpoint protection etc. Knowledge/experience working with firewalls is highly advantageous Experience of Cloud security solutions and standards is highly advantageous Competence, knowledge and ...

teams. Support NAC policy design aligned to Zero Trust principles. Analyse impacts to wired, wireless, and VPN access. Document NAC integrations (AD, MDM, PKI, SIEM). Support NAC rollouts, upgrades, and compliance initiatives. Assist with operational readiness and change management. Translate security requirements into clear business outcomes. Desirable Experience with ...

strong background in Azure infrastructure, as well as AWS experience and Windows Server knowledge. Key Responsibilities: Technically Proficient Implementing Security Controls Administration of SIEM tools and Security Controls (Sentinel, Defender, DarkTrace) Incident Response Security Operations Centre Vulnerability Management & Reporting Continuous Improvement Training & Awareness Secure Architecture Support Compliance and Framework Alignment … Essential Skills: Experience with Microsoft Sentinel, Microsoft Defender for Endpoint/Cloud SIEM tools, threat intelligence platforms, and vulnerability management Technical experience securing Microsoft Azure and Amazon Web Services cloud environments as well as on-premise/virtual Microsoft technologies Strong analytical, communication, and problem-solving skills, including the ability ...

Security Operations team and primary relationship with any outsourced SOC solution ensuring 24/7 monitoring and response coverage. Oversee cyber defence capabilities including SIEM, SOAR, EDR/XDR, threat intelligence, and identity protection. Develop and maintain operational procedures, playbooks, and response frameworks. Direct the full incident response lifecycle: detection … assessments, and customer assurance activities About you: Requirements: Experience managing a SOC or security operations function within a complex enterprise environment. Strong understanding of SIEM, SOAR, EDR, IDS/IPS, firewalls, and cloud-native security tooling. Knowledge of cyber security frameworks such as NIST CSF, MITRE ...

suite. The Role As our Senior Security Analyst, you will own the evolution of our security posture. Youll be the driving force behind our SIEM/SOAR capabilities and the guardian of our SOC 2 Type II and ISO 27001 standards. Key Responsibilities: Security Operations: Lead monitoring, detection, and incident … response for internal and client-facing systems. SIEM/SOAR Ownership: Enhance and automate our Azure Sentinel capabilities. Incident Response: Investigate real-world threats (malware, phishing, cloud misconfigurations) and ensure rapid remediation. Vulnerability Management: Conduct regular assessments, penetration testing, and risk analysis. Compliance & GRC: Maintain SOC 2 Type II accreditation ...

clear commercial reporting to stakeholders Main Skills Needed: Proven experience in strategic account management and Cybersecurity technologies, services and solutions (Inclusive of SOC/SIEM, EDR, MDR, Security Assessments, GRC etc.) Consultative in approach, able to identify growth opportunities within existing accounts to develop relationships and position new solutions that ...

services Design and implement enterprise grade logging and monitoring solutions using OCI Logging, OCI Monitoring, Events and Alarms. Integrate OCI monitoring with third party SIEM, ITSM and APM tools (e.g. Splunk, BMC etc.) Demonstrable experience with Oracle Cloud Infrastructure (OCI), including proficiency in the design and build of services such ...

processes Onboard systems including Windows, Linux/Unix, and network devices into PAM platforms Support Active Directory privileged account management Integrate PAM solutions with SIEM tools for logging and alerting Troubleshoot technical issues related to connectors, sessions, and integrations Produce clear technical documentation and runbooks Required Skills & Experience Proven hands … and auditing Knowledge of Active Directory and enterprise infrastructure environments Experience onboarding systems (Windows/Linux/network devices) into PAM platforms Familiarity with SIEM integration and security event monitoring Understanding of security frameworks such as ISO 27001 or NIST Strong troubleshooting and problem-solving skills Ability to obtain ...

tiered access model, legacy AD decommissioning, secure hybrid environments Microsoft 365 & Cloud Security Microsoft Defender XDR (Endpoint, Identity, Office 365, Cloud Apps) Microsoft Sentinel (SIEM): log ingestion, alert tuning, detection rules, incident workflows Intune & Endpoint Management: device compliance, MDM/MAM, BYOD enforcement Endpoint, Infrastructure & Asset Security Network, DNS & Access … Azure Firewall, VPN security, and network segmentation of azure infrastructure PowerShell scripting for security, identity, and infrastructure tasks Security automation using Logic Apps and SIEM workflows if required The salary on offer for this role is up to £60,000. ...

session monitoring and recording Support service account discovery and lifecycle management Onboard servers, network devices, and systems into PAM platforms Integrate PAM solutions with SIEM tools for monitoring and alerting Troubleshoot technical issues related to connectors, sessions, and access controls Produce clear technical documentation and operational runbooks Ensure alignment with … controls and security best practices Experience across Windows, Linux/Unix, and network environments Knowledge of Active Directory and privileged account management Familiarity with SIEM integration and security event monitoring Understanding of security frameworks such as ISO 27001 and NIST Strong troubleshooting and problem-solving skills Ability to obtain security ...

maturity across the environment. This is a hands-on technical role suited to a seasoned cyber security professional with deep expertise in endpoint security, SIEM engineering, and threat detection engineering, alongside the ability to mentor and uplift existing team capability. Key Responsibilities Lead the deployment, configuration, and ongoing management … dashboards, correlation searches, and data models Act as a senior escalation point for high-priority security incidents, supporting containment and remediation using EDR and SIEM tooling Develop and implement SOAR automation workflows to streamline detection and response processes Conduct proactive threat hunting activities using advanced queries and behavioural analytics Support ...

support when required. This is a hands-on technical role where youll investigate complex alerts, support threat-hunting activities, contribute to the tuning of SIEM detections, and help improve SOC processes and response playbooks. Youll also play an important role in mentoring analysts and supporting the continued development … automation, and response capabilities are introduced. You will: Investigate, triage, and respond to security alerts across customer environments Support the tuning and maintenance of SIEM detection rules alongside senior analysts Carry out proactive threat analysis and support threat-hunting activities Act as an escalation point for Tier 1 analysts, providing ...

evolving cyber threats. As the SecOps Lead, you will manage security monitoring and incident response activities while providing strategic direction for security tools including SIEM and Endpoint Detection & Response (EDR) platforms. You will work closely with internal teams and external security partners to strengthen our threat detection capabilities and improve … strengthen the organisation's security posture and defensive controls. Skills & Experience Experience in Cyber Security or Security Operations leadership Proven experience working with SIEM platforms such as Google Chronicle or similar. Strong knowledge of network security, threat detection, and incident response. Experience analysing malware, security alerts, and attack patterns. Understanding ...

monitor network segmentation, including DMZ architectures and micro-segmentation strategies. Integrate network security controls with enterprise platforms such as Identity and Access Management (IAM), SIEM, SOAR, and SOC tooling. Ensure network configurations and controls align with NIST, FISMA, and FedRAMP requirements. Develop and maintain network security diagrams, standard operating procedures … firewalls, VPNs, secure gateways, and network segmentation controls. Familiarity with Zero Trust architecture principles and secure connectivity models. Experience integrating network controls with IAM, SIEM, SOAR, and SOC environments. Working knowledge of federal compliance frameworks such as NIST SP 800-53, FISMA, and FedRAMP. Experience developing technical documentation, architecture diagrams ...

ownership, and a drive to continuously improve the security posture of complex systems. Familiarity with some of the following: Cloudflare (DDoS protection, WAF), OSS SIEM tools (Splunk, Elastic, etc), Incident management platforms (e.g. Incident.io, PagerDuty) Familiarity with at least one of the following CI/CD systems (Github Actions, Concourse … governance frameworks (e.g., CIS Benchmarks, NIST, SOC2, ISO 27001, PCI DSS) and how to operationalize them. Hands-on experience with building and maintaining a SIEM comprised of open-source and hosted components Experience securing consumer-facing web and iOS/Android applications Experience designing policies and administering Vault & other Hashicorp ...

your expertise genuinely matters. In this hands-on technical role, youll own the end-to-end design, development and maturity of detection logic across SIEM platformsengineering effective responses to real-world attacker techniques. Youll operate with a high degree of autonomy, acting as a trusted SME across multiple secure environments … Farnborough office. Security: You must hold or be eligible for SC Clearance. What you'll be doing: Design, build, test and continuously refine advanced SIEM detection logic, including rules, correlations and analytics. Research emerging threats, vulnerabilities and adversary TTPs, mapping them to MITRE ATT&CK to close detection and visibility ...

expertise genuinely matters. In this hands-on technical role, you’ll own the end-to-end design, development and maturity of detection logic across SIEM platforms—engineering effective responses to real-world attacker techniques. You’ll operate with a high degree of autonomy, acting as a trusted SME across multiple … Farnborough office. Security: You must hold or be eligible for SC Clearance. What you'll be doing: Design, build, test and continuously refine advanced SIEM detection logic, including rules, correlations and analytics. Research emerging threats, vulnerabilities and adversary TTPs, mapping them to MITRE ATT&CK to close detection and visibility ...

enhancing detection efficacy, reducing false positives, and ensuring robust coverage against evolving threat landscapes. Key Responsibilities Design and implement detection use cases across SIEM and SOAR platforms using threat intelligence and incident data Develop, map, and maintain detection logic aligned to MITRE ATT&CK frameworks Continuously tune and optimise correlation … evolve a repository of use cases, KPIs, and SOC performance metrics Requirements 6+ years of commercial experience in SOC content engineering, detection engineering, or SIEM administration Strong hands-on experience with SIEM platforms and query languages (e.g. SPL, KQL) Solid understanding of detection engineering principles, data modelling, and regex Proven ...

shell) Demonstrated experience working in all phases of the SDLC Deep understanding and experience using cyber security operations, security monitoring, endpoint (EDR), Network, and SIEM Tools. Prior SOC experience a plus Extensive knowledge of network and server security protocols, technologies, and products. Industry recognized certifications (CISSP, GCIH, GCFA, OSCP … effectively solve current security challenges. Refusing to accept the status quo Qualifications Combination of the following: Degree in Information Technology, Engineering or similar SIEM management - Desirable to have some advanced Certification from SIEM vendor on products such as ArcSight , MS Sentinel or Logrhythem Skills Network Protocols Cyber Security Tools/ ...

Cyber Security Operations Analyst (Tier 2) Role: Cyber Security Operations Analyst (Tier 2) Specialism(s): Security Operations, Security Alerts, Security Incident Management, SIEM, Defender, Cofense, Azure, Email Security, Conditional Access Policies, User Authentication, EDR, Playbooks Security Assessment, Vulnerability Analysis, Risk Analysis, SOAR Type: Contract, Daily Rate Pay Rate … minimum of 5 years can be considered* Role Requirements * Play an active role in the CSOC Operations team by: o Monitor active SIEM solutions and platforms o Investigate and triage to security alerts and incidents o Be the escalation point for junior analysts, offering knowledge and mentorship where required ...