24 Permanent SIEM Jobs in the South East

Security Engineering, Network security and/or SOC experience. Experienced engineer with demonstrable detailed knowledge of security products, Web Application Firewalls, SASE, access control, SIEM, AV, email and web security gateways, firewalls, load-balancers, ACLs, TCP/IP, routing and switching. Strong understanding of Security Infrastructure design, IT Security best more »

Security Engineering, Network security and/or SOC experience. Experienced engineer with demonstrable detailed knowledge of security products, Web Application Firewalls, SASE, access control, SIEM, AV, email and web security gateways, firewalls, load-balancers, ACLs, TCP/IP, routing and switching. Strong understanding of Security Infrastructure design, IT Security best more »

and a team of cyber analysts, preferably in a large and complex organisation. Expert knowledge of security operations processes, tools and technologies, such as SIEM, SOAR, EDR, XDR NDR, threat intelligence, vulnerability management, forensics and malware analysis. Strong understanding of security frameworks, standards and regulations, such as ISO 27001, NIST more »

Security Engineering, Network security and/or SOC experience. Experienced engineer with demonstrable detailed knowledge of security products, Web Application Firewalls, SASE, access control, SIEM, AV, email and web security gateways, firewalls, load-balancers, ACLs, TCP/IP, routing and switching. Strong understanding of Security Infrastructure design, IT Security best more »

commercial experience with the following technologies/systems: Check Point Firewall/NIDS/DLP/Anti-Virus/Identity Awareness/URL Filtering SIEM/Splunk Enterprise Desktop and Server Anti-Virus/Malware and endpoint protection technologies Vulnerability Security Scanning (e.g., Nessus) Microsoft Windows Server family of products more »

and risk levels Develop and maintain SecOps documentation, policies, and procedures Maintain cybersecurity solutions across systems, applications, and infrastructure Investigate security alerts from the SIEM tool and take appropriate incident response actions. Communicate with stakeholders about security incidents, detailing actions taken. Support the Cyber Incident Response Manager by triaging events more »

/pcaps Solid understanding of TCP/IP, Routing and DNS Compliance monitoring (GDPR, ISO etc) Defence in Depth techniques. Experience in using a SIEM (ELK, Logstash, Splunk, Sentinel etc) for reporting and analysis, with experience in configuring and tuning alerts and alarms and ingesting new log sources Monitor threat more »

implement Security as Code practices. Assist in securing data platforms and implementing internal SIEM. Collaborate on securing Microsoft 365 and Azure cloud services. Operate SIEM and SOAR capabilities and enhance identity governance. Requirements: Hands-on experience with Microsoft Sentinel and Defender suite. Proficiency in Azure Landing Zones security enhancement. Familiarity more »

remediation of vulnerabilities in line with best practise and policy. Assist with the investigation vulnerability results and remediation efforts. Assist with management of the SIEM service, including the ingestion of new log sources, configuration of alerting and providing expert knowledge to aid the investigation of alerts where required. Support the more »

experience of cyber security Extensive practical experience in managing Microsoft server systems, NGAV, Amazon Cloud services, AD, ADFS, M365, security, public clouds, Azure services, SIEM, vulnerability assessment, patch management, DLP, and endpoint protection. Substantial proven expertise in supporting large corporate systems and applications within a large enterprise networked environment. (Educational more »

incidents, advising on containment points and response strategies. Threat understanding - Maintain a deep understanding of evolving cybersecurity threats What you will bring: Experience with SIEM tools including Splunk, QRadar, and Sentinel. Ability to assess and impact business changes on the security posture. Possess current certifications for enterprise level security platforms. more »

a similar Cyber/IT Security/InfoSec based role Experience in a wide range of Cyber Security areas. Experience with security tool sets (SIEM, FIM, EDR, NDR) The ability to contextualise, categorise and prioritise security events, incidents, and alerts Knowledge of security framework and standards implementation (NiST, ISO27001, PCI … spot and investigate anomalous behaviour Strong Communication skills and the ability to communicate and present at all levels IT Cyber Security Manager Technologies involved: SIEM - Logpoint Automated Intrusion and response - Darktrace AntiVirus/Malware detection Email Filtering & Web Security - Mimecast FIM - Tripwire VMware & VDI Horizon Windows Environment Microsoft Azure & O365 more »

SSR tools like Next.js • Modern web application development practices Desirable skills • Azure API Management • Virtual Network architectures • K8s security features (SecurityContext, network policies) • KQL • SIEM systems such as Sentinel • Cloudflare • A/B and MVT Testing • GitOps approach and DevOps workflow automation • BDD, ATDD, TDD • CRM, CMS and ERP Systems more »

Do you have extensive experience with Splunk? Eligible for DV clearance? And can be based in either Gosport or Glasgow with some remote working? If yes to all of this then read on! As a Managing Security Engineer, you will more »

smoothly as well as ordering new equipment and improving existing processes. Main projects will include: Patch Management, Windows 10 Deployment, Cloud Migration, MDM Deployment, SIEM Deployment, Perimeter Security & WAN Management, Cyber Essentials Level 2 & ISO 2001 (Not Essential!) The Ideal Candidate For this role it is essential that you are more »

L2 & L3 Switching concepts IP routing technologies such as OSPF & BGP Redundancy protocols such as VRRP Security principles such as Stateful Firewall, UTM, IPSec & SIEM Wireless principles such as SSIDs, Encryption & Authentication Excellent written and oral communication skills; including the ability to translate technical jargon for a non-technical audience more »

with the following technologies/systems: o Check Point Firewall/NIDS/DLP/Anti-Virus/Identity Awareness/URL Filtering o SIEM/Splunk o Enterprise Desktop and Server Anti-Virus/Malware and endpoint protection technologies Vulnerability Security Scanning e.g. Nessus o Microsoft Windows Server family … Citrix/VMWare 🌳 Ideally the candidate will be CISSP certified and be certified in Risk and information systems 🌳 Experience of managing and developing a SIEM system, and feeding events into a SOC in order to identify and alert on security incidents 🌳Understanding of security issues and ability to allocate work more »

on bids and/or large and complex changes. Solid understanding of a variety of network and routing protocols. Experience with Network Management or SIEM designs, tooling or support. Demonstrable troubleshooting skills and approach to defect resolution. SDWAN experience is advantageous. Your benefits: 25 Days annual leave plus public holidays more »

investigating incidents, and assisting in incident response. You will also play a vital role in maintaining and optimizing our security information and event management (SIEM) platform. While previous experience in a Managed Security Service Provider (MSSP) environment is advantageous, it is not a strict requirement. Key Responsibilities Utilize a SIEM … incident analysis and investigation, escalating issues as necessary. Contribute to containment strategies during security incidents, data loss, or breaches. Assist in the design and implementation of SIEM use cases to enhance detection capabilities. Ensure the SIEM platform's health through daily checks and proactive maintenance. Employ various applications and systems … and Hunting methodologies. Experience supporting Incident and Change Management processes. SOC Analyst - Fully remote UK (£50,000 - £70,000 + Bonus) Desired Skills and Experience SIEM/SOC/Threat Hunting/Cyber Security/QRadar more »

5+ years commercial experience with the following technologies/systems: Firewall/NIDS/DLP/Anti-Virus/Identity Awareness/URL Filtering SIEM Enterprise Desktop and Server Anti-Virus/Malware and endpoint protection technologies Vulnerability Security Scanning Microsoft Windows Server family of products. Operational experience of PCI … Good understanding of TCP/IP Identity and access management systems Active Directory, GPO Configuration Citrix/VMWare Experience of managing and developing a SIEM system, and feeding events into a SOC in order to identify and alert on security incidents Understanding of security issues and ability to allocate work more »

commercial experience with the following technologies/systems: Check Point Firewall/NIDS/DLP/Anti-Virus/Identity Awareness/URL Filtering SIEM/Splunk Enterprise Desktop and Server Anti-Virus/Malware and endpoint protection technologies Vulnerability Security Scanning e.g. Nessus Microsoft Windows Server family of products. … of TCP/IP Identity and access management systems Active Directory, GPO Configuration Citrix/VMWare Desirable Experience: Experience of managing and developing a SIEM system, and feeding events into a SOC in order to identify and alert on security incidents Understanding of security issues and ability to allocate work more »

Code practices. • Assist in securing data platforms, including Data Bricks, Azure SQL, and other in-house developed apps/plugins. • Collaborate on implementing internal SIEM using Sentinel and work towards establishing an internal SOC. • Support the Infrastructure team in configuring firewalls securely and managing Fortinet FortiAnalyzer. • Provide guidance to Infrastructure … and Product teams on securing Microsoft 365 and Azure cloud services. • Establish and manage SIEM and SOAR capabilities using Azure Logic Apps or equivalents. • Enhance the usage and support of Entra ID (previously Azure AD) for IAM, Identity Governance, and PIM. • Document security processes, tool configurations, and security service delivery more »

and communicate effectively at all levels to both technical and non-technical audiences, assess and evaluate risk and understand the implications of new technologies. SIEM experience with designing, implementing and maintaining Splunk Excellent analytical and problem-solving skills coupled with ability to assess complex situations, identify risks, and recommend effective more »

on automation in collaboration with the Head of Information Security Operations and the rest of the team. OxCERT runs an on-premises Elasticsearch-based SIEM solution, an Intrusion Detection System (IDS), and a vulnerability scanning service as well as other open source and commercial tools. We are one of the … Software and Open Source technologies and actively supports several related project communities. Current projects include the enhancement of the existing Elastic based security information and event management system, the deployment of a new incident response tool, and development of an IT forensics capability. The team has achieved standing and recognition more »