76 to 100 of 104 Remote/Hybrid SIEM Jobs

Role - Database Security Consultant Location -3 days from Canary Wharf office and 2 days from home Contract - Inside IR35 Job Description Key Responsibilities: Security Onboarding & Product Integration: Collaborate closely with Product Team to integrate and ...

with cloud security across AWS, Azure or Google Cloud Understanding of network security, encryption, authentication and access control Experience with security tooling such as SIEM, IDS, firewalls and vulnerability assessment tools Knowledge of threat modelling and risk assessment TO BE CONSIDERED: Please either apply through this advert or emailing … client in conjunction with this vacancy only. KEY SKILLS Security Architect, Cyber Security, ISO 27001, NIST, Cloud Security, AWS, Azure, Risk Assessment, Threat Modelling, SIEM, Defence ...

Compromise (IOCs) and attacker behaviour Analyse adversary techniques and map activity to the MITRE ATT&CK framework Develop, tune and maintain detection rules for SIEM and EDR platforms Threat Intelligence Management Collect, validate and analyse cyber threat intelligence from multiple sources Monitor emerging threats, vulnerabilities and attack trends Produce clear … Keywords Cyber Threat Intelligence Analyst, Threat Intelligence Analyst, Cyber Threat Analyst, Threat Hunter, Cyber Security Analyst, Microsoft Sentinel, Defender XDR, KQL, Kusto Query Language, SIEM, EDR, MITRE ATT&CK, Threat Hunting, Cyber Threat Intelligence, Malware Analysis, IOCs, OSINT, SOC, Incident Response, Blue Team, Microsoft Security, Azure Security, MSP, Managed Services ...

tiered access model, legacy AD decommissioning, secure hybrid environments Microsoft 365 & Cloud Security Microsoft Defender XDR (Endpoint, Identity, Office 365, Cloud Apps) Microsoft Sentinel (SIEM): log ingestion, alert tuning, detection rules, incident workflows Intune & Endpoint Management: device compliance, MDM/MAM, BYOD enforcement Endpoint, Infrastructure & Asset Security Network, DNS & Access … Azure Firewall, VPN security, and network segmentation of azure infrastructure PowerShell scripting for security, identity, and infrastructure tasks Security automation using Logic Apps and SIEM workflows if required The salary on offer for this role is up to £60,000. ...

cyber security operations , owning the end-to-end security lifecycle across enterprise infrastructure. Key responsibilities include: Security monitoring, threat hunting and incident response SIEM, MDR oversight and vulnerability management Firewall, VPN, IDS/IPS and Zero Trust technologies Pen testing coordination and CVSS-led remediation Security architecture planning, policies and … Checkpoint, Cisco ISE, Zscaler (ZIA/ZPA/ZDX), Splunk, Sophos MDR, Mimecast, Okta Networking: Cisco (Catalyst, Nexus), Fortinet, firewalls and VPNs Security Ops: SIEM, intrusion detection, ethical hacking Scripting: PowerShell What They're Looking For Proven experience in a security-focused infrastructure role Strong hands-on expertise with firewalls ...

search for a Cyber Security Analyst. This is an ideal role for someone looking to apply their understanding of typical SOC tooling (SIEM, EDR, Vulnerability) in a public service environment with a large and diverse digital estate and it is a key role in helping LCC's vulnerability management, security … security team to develop and implement procedures and policies that are aligned with the NCSC Cyber Assessment Framework (CAF) Working with service providers around SIEM outputs and EDR tools, undertaking IT Health Checks, infrastructure monitoring & security gap remediation. Responding to security tickets, analysing the potential severity and following through with ...

built for you. You will: As our Tier 3 Analyst, youll play a critical role in strengthening our CSOC: Develop, optimise, and maintain SIEM detections across diverse customer estates Lead structured threat hunting informed by intelligence and hypothesis-driven methods Manage complex incidents including scoping, containment strategy, and root cause … Proven background within a SOC or equivalent operational security function Demonstrable ownership of incidents within demanding SLA environments Strong working knowledge of SIEM, EDR, and email security platforms Practical experience with Microsoft XDR technologies Ability to create and tune detections using KQL Track record of supporting or mentoring other analysts ...

root cause analysis, and implement lessons learned Maintain and enhance incident response playbooks aligned to industry frameworks Security Technology Oversight Provide operational oversight for SIEM, SOAR and EDR technologies Work with detection engineering teams to improve use cases and correlation rules Support onboarding of log sources and optimisation of detection … Manager – Key Skills Required 10+ years experience in cybersecurity operations 3+ years in SOC leadership/SOC management roles Strong hands-on knowledge of SIEM, SOAR and EDR technologies Experience with tools such as LogRhythm, Splunk, Microsoft Sentinel, Securonix Understanding of incident response frameworks and SOC operating models Experience working ...

standards. You will play a key role in clearing an immediate backlog of assurance deliverables while providing technical oversight to junior engineers and supporting SIEM integration activities. This is a hybrid East London role with no trackside/site access required. Key Responsibilities Cybersecurity Governance & Assurance Produce and maintain: Cyber … Provide design assurance for: Secure communications Firewalls (e.g., Cisco, Juniper) Switching and routed network environments Assess effectiveness of implemented security controls in networked systems SIEM Integration Support Produce documentation for SIEM onboarding: Data source identification Logging requirements Use-case and control alignment Support assurance activities for SIEM integration (e.g., Microsoft ...

Your day-to-day will include: Monitoring and triaging security events via our ITSM platform Analysing alerts using a range of security tools including SIEM, EDR, and email security platforms Leading deep-dive investigations and working with incident responders to contain and eradicate threats Acting as the escalation point … privilege access, endpoints, email, and cloud environments Translating complex security findings into clear, actionable communication for customers Enhancing alert playbooks and helping evolve our SIEM use cases Staying ahead of the threat landscape with CTI-informed analysis and mitigation advice Who you are: Proven experience in a SOC or similar ...

experienced cyber professionals investigating security alerts, supporting incident response, and helping improve detection capability across client environments. Responsibilities Monitor and investigate alerts within a SIEM environment Analyse logs and identify potential security incidents Triage alerts and escalate incidents where required Assist with incident investigation and reporting Support the development and … analysts and engineers on security operations Key Skills & Experience 1–2 years’ experience in a SOC Analyst or security monitoring role Experience working with SIEM platforms (Microsoft Sentinel beneficial) Understanding of common cyber threats and attacker techniques Exposure to Microsoft security technologies such as Defender or Azure security tools Strong ...

Security Incident Response (SIR), Vulnerability Response (VR), Threat Intelligence, and Configuration Compliance . Design and deliver integrations between ServiceNow and cybersecurity tools such as SIEM, SOAR, EDR platforms, threat intelligence feeds, and CMDB. Collaborate with cybersecurity, IT operations, and engineering teams to design secure workflows for incident response, vulnerability management … ServiceNow workflows, scripting, CMDB, Discovery, and integrations (REST/SOAP, MID Server) . Experience integrating ServiceNow with third-party cybersecurity platforms such as SIEM, SOAR, and endpoint security tools. Strong stakeholder engagement skills with the ability to work across security leadership, IT teams, and enterprise architects . Familiarity with security ...

SIEM Support - Splunk Consultant Location: Hybrid - Primarily Remote with occasional onsite visits Onsite Location: Redhill Contract Length: Initial 60-90 days Start Date: ASAP Rate: £600 per day Engagement: Contract Overview We are seeking an experienced SIEM Support Consultant with strong Splunk expertise to support an existing Splunk Cloud deployment … . The role will focus on onboarding assets, integrating data sources, and documenting the current SIEM environment . This role requires someone capable of working independently in a mature Splunk environment , ensuring assets and systems are successfully integrated while maintaining clear operational documentation. The consultant should have a strong cross ...

Assessment Papers, Risk Treatment Plans, Risk Business Cases, and Security Management Plans. Knowledge and experience with security architecture and Security Information and Event Management (SIEM) tools, such as Splunk, Defender, Sentinel, ELK, and Tenable Threat Modelling System solutions. Extensive understanding of cybersecurity threats, attack vectors, vulnerabilities, and security controls. Demonstrable ...

both technical and GRC security experience. Key Responsibilities: Oversee security incident management and response Threat management Configure, implement and maintain security tools such as SIEM, XDR, EDR, vulnerability management Implement and maintain security controls Conduct vendor risk assessments, support internal and external audits Governance, risk and compliance Skills & Experience: Proven … experience in Cyber Security operations, threat management Strong knowledge of SIEM, XDR, EDR, vulnerability management, firewalls and network security Good understanding of risk management, vendor security assessments and compliance Understanding of UK regulations, including Cyber Essentials, ISO27001, NIST On Offer: Salary up to £65,000 Hybrid working - approximately 2 days ...

internal or external threats Conducting privileged account reviews Performing vulnerability and risk assessments Analysing security breaches to determine root cause Contributing to enhancing the SIEM platform Supporting continuous improvement across CSOC operations What you bring: Basic understanding of security threats and compromise methods Knowledge of servers, clients, and network technologies … management, and expectation management skills Desirable SC-200, CompTIA Security+, or related certifications Previous SOC experience Hands-on cyber incident response experience Experience with SIEM platforms, vulnerability assessments or antivirus tooling What can we offer you? Through our one of a kind training programme, the Littlefish Academy, you can increase ...

/Unix servers, network devices and applications to the PAM platform Configure Just-in-Time (JIT) access workflows and approval processes Integrate PAM with SIEM tools for monitoring and alerting Manage platform upgrades, patching and ongoing health monitoring Troubleshoot connector issues and session failures Maintain technical documentation and support audit … credential vaulting, password rotation and privileged access workflows Experience onboarding systems into PAM platforms Strong understanding of Active Directory privileged account management Experience with SIEM integration Ability to obtain SC level security clearance If this sounds like a role for you please apply with an up to date version ...

Delivery Own end-to-end technical design for Network Security services, including: Zero Trust Network Access (ZTNA) NGFW, NAC, IDS/IPS Proxy services SIEM/SOAR integrations Define and assure non-functional requirements (availability, scalability, performance, security, operability) Maintain architecture diagrams, security workflows, threat models, and integration contracts aligned … building, and operating enterprise network security platforms Deep hands-on expertise in one or more of: ZTNA, NGFW, NAC, IDS/IPS Proxy services SIEM/SOAR integrations Strong understanding of Zero Trust Architecture and policy-based access control Proven DevSecOps, IaC, and CI/CD experience Solid grounding ...

services over multiple years. Drive the deployment of best-in-class security technologies, including Endpoint Detection & Response (EDR) and Security Information and Event Management (SIEM) solutions. Collaborate with Cyber Security, IT, and business stakeholders to ensure alignment, adoption, and smooth transition to business-as-usual operations. Support M&A activities … enabling rapid onboarding/offboarding of businesses into the SOC environment. What we're looking for: Proven experience leading SOC consolidation programmes and EDR/SIEM implementations Strong knowledge of cyber security operations, frameworks, and standards Excellent programme and stakeholder management skills Ability to oversee complex, multi-year workstreams, balancing ...

Senior Security Engineer (Incident Response SIEM SOAR AWS) Remote UK to £115k Are you a tech savvy Senior Security Engineer with strong Incident Response experience? You could be progressing your career in a senior, hands-on Senior Security Engineer role as part of a friendly and supportive international team … Senior Security Engineer you will be responsible for strengthening EDR/XDR and DLP configurations, defining new automatic detections of security events in the SIEM, improving automatic security alerts triage and Incident Response playbooks, defining the runbooks to be used during Incident Response and leading the execution of Table ...

XSIAM within an enterprise SOC environment Design and optimise full-spectrum XDR capabilities, improving detection and response across endpoints, networks, and cloud workloads Integrate SIEM and security telemetry sources into XSIAM to create a unified security operations platform Develop and maintain automation workflows and playbooks to streamline incident response and … operating Palo Alto XSIAM, XSOAR or Cortex XDR Experience across full-spectrum XDR environments, including endpoint telemetry and threat detection Strong background working with SIEM platforms and security data pipelines Proven experience building security automation and incident response playbooks Knowledge of SOC operations, threat detection, and incident response frameworks Experience ...

Duration: 18/12/2026 Rate £646 MUST BE PAYE THROUGH UMBRELLA Role Description: Own a component area (e.g., segmentation, NAC, DDI, egress, SIEM detections, runbook automation) within the pod. Refine epics into stories with clear acceptance tests; manage dependencies and keep delivery flow unblocked. Responsibilities Story elaboration: translate … domains; excellent story writing and backlog hygiene. Comfortable with config/policy artefacts (firewall baselines, ISE/NAC policy, DDI plans, proxy/ZTNA, SIEM rules). ITIL change fluency; ServiceNow request/change models. Preferred Certifications PSPO/CSPO; ITIL 4 Foundation; vendor fundamentals in one or more stacks ...

Budget planning & vendor procurement to ensure cost-efficiency. Produce and present performance metrics to senior leadership. Implement and optimise monitoring, detection, and investigative tools (SIEM, etc.) Ideal Experience C5yrs+ years in either (or both) network and security operations — ideally with at least 3-5 years in a managerial/leadership … technical teams. Broad expertise in network infrastructure: routing, switching, firewalls, VPNs, load balancers, cloud networks. Deep understanding of security monitoring and incident response tools (SIEM, etc.) Side notes Hybrid working; 2-3 days office based in Bolton MSP experience is highly desirable ...

Global Recruitment specialist that provides support to the clients across EMEA, APAC, US and Canada. We have an excellent job opportunity for you. Role: SIEM Integration Analyst Location: Knutsford Working Mode: Hybrid (3 days Onsite weekly) Contract Type: Inside IR35 Duration: 6 months Pay Rate: £474 per day Inside IR35 … Collaborate with SOC analysts to refine alert quality and reduce false positives. Maintain documentation and support incident and change processes. Technical Skills: Experience with SIEM platforms (Sentinel, Splunk, QRadar), log formats, and API integration. If you are interested in this position and would like to learn more, please send through ...

seeking a Network Component Product Owner to lead delivery across a defined network or security capability area (e.g., segmentation, NAC, DDI, egress, SIEM detections, or runbook automation). You will translate technical and risk requirements into actionable delivery outcomes, manage dependencies across technology towers, and ensure smooth, continuous delivery within … user stories and maintaining healthy backlogs. Familiarity with configuration and policy artefacts such as firewall baselines, NAC policies, DDI plans, proxy/ZTNA, and SIEM rules. Working knowledge of ITIL change processes and ServiceNow request/change models. Preferred Certifications PSPO or CSPO ITIL 4 Foundation Vendor fundamentals across ...