426 to 450 of 473 SIEM Jobs

customer environments and internal infrastructure by providing continuous 24/7 security monitoring and initial alert triage. You will review and analyse security alerts generated by SIEM platforms and associated security tools, assess their relevance and severity, and escalate suspected security incidents in accordance with documented procedures and service level … working in a Security Operations Centre or similar operational environment. Ability to interpret and analyse logs and alerts from IT, network, and security systems. Experience with SIEM technologies such as Huntsman, Securonix, or Splunk. Foundational knowledge of IT and network security concepts (e.g. Windows, firewalls, IPS, web proxy, email security ...

experience (2 years+) Perform triage of security events ; determine scope, priority and impact, and make recommendations that enable expeditious remediation. Demonstratable experience working with SIEM technology and SIEM engineering (including tool configuration) i.e. ArcSight within an enterprise SOC. Experience in creation of use-cases, analytics and playbooks . An understanding ...

summary Band 7 Cyber Security Analyst (SOC & SIEM Lead) Join us and help define what great looks like We are looking for an experienced Cyber Security Analyst to take a leading role in developing and running our Security Operations (SOC) and SIEM capability. This role is ideal for someone … good practice. Main duties of the job What you will do Lead the day-to-day operation and ongoing development of our SOC and SIEM capability Own and continuously improve detection use cases, alerting, triage, and response processes Act as a technical lead for monitoring and detection , ensuring controls ...

ongoing transformation initiatives. Key Responsibilities: Own day to day cyber security operations, keeping systems and data secure Support and improve security tooling (firewalls, SIEM, endpoint, encryption) Monitor, investigate and respond to security incidents Look after core network infrastructure (LAN/WAN, Wi-Fi, L2/3, remote access, load balancing … vulnerability checks and ensure patching is up to date Use SIEM tools to spot and act on potential threats early Support audits, access controls and compliance requirements Get involved in (and lead) security and infrastructure projects Keep documentation and processes up to date Work with third-party suppliers where needed ...

real time, and driving continuous improvement across a modern IT environment. Key Responsibilities Own and manage the organisation's cyber security tooling including firewalls, SIEM, IPS, endpoint protection, vulnerability management, and threat monitoring. Support and maintain core network infrastructure across LAN/WAN, Layer 2/3 networking … operational stability, compliance, documentation, and high service standards. Experience Required Strong experience across cyber security operations and network infrastructure. Hands-on knowledge of firewalls, SIEM tools, endpoint security, and networking technologies. Experience responding to security incidents and managing vulnerabilities. Strong troubleshooting and problem-solving capabilities. Relevant certifications such as Security+ ...

priority, ensuring appropriate escalation and response. Manage end-to-end incident response activities from detection through to resolution. Support the development and enhancement of SIEM use cases, detection rules, analytics, and playbooks. Conduct real-time analysis of logs and security data to identify malicious activity or policy violations. Work closely … documentation, and operational procedures. Requirements: Proven experience working as a SOC Analyst (Tier 2/3) within enterprise or critical environments. Strong experience with SIEM technologies (e.g. ArcSight or similar), including configuration and engineering support. Ability to triage security alerts and accurately assess risk, impact, and priority. Experience managing security ...

real time, and driving continuous improvement across a modern IT environment. Key Responsibilities Own and manage the organisation's cyber security tooling including firewalls, SIEM, IPS, endpoint protection, vulnerability management, and threat monitoring. Support and maintain core network infrastructure across LAN/WAN, Layer 2/3 networking … operational stability, compliance, documentation, and high service standards. Experience Required Strong experience across cyber security operations and network infrastructure. Hands-on knowledge of firewalls, SIEM tools, endpoint security, and networking technologies. Experience responding to security incidents and managing vulnerabilities. Strong troubleshooting and problem-solving capabilities. Relevant certifications such as Security+ ...

implement and maintain effective OT security controls. Key Responsibilities Implement OT security controls (segmentation, secure remote access, monitoring tools) Integrate OT environments into SIEM/SOC platforms and tune detections Support OT asset discovery, inventory, and security assessments Identify vulnerabilities and support remediation planning Assist with OT incident response … critical infrastructure environments Strong OT/ICS security background Experience implementing OT security controls and strategies Knowledge of OT networks, segmentation, and industrial protocols SIEM/SOC integration experience in OT environments Strong understanding of: IEC 62443 NIST Cybersecurity Framework ISO 27001 UK CAF framework Experience with OT risk assessments ...

lead on threat detection, incident response, and continuous security improvement across the business. What You'll Be Doing Monitoring and analysing security events (SIEM, endpoints, networks) Investigating incidents, performing root cause analysis and remediation Identifying vulnerabilities and driving proactive security improvements Acting as the go-to escalation point for security … teams to embed security across systems What We're Looking For Experience in a cybersecurity/IT security role Strong knowledge of security tools (SIEM (Sentinel), EDR/XDR, firewalls, IDS) Experience working in a SOC/NOC or similar environment Good understanding of security frameworks (ISO 27001, NIST, GDPR ...

lead on threat detection, incident response, and continuous security improvement across the business. What You'll Be Doing Monitoring and analysing security events (SIEM, endpoints, networks) Investigating incidents, performing root cause analysis and remediation Identifying vulnerabilities and driving proactive security improvements Acting as the go-to escalation point for security … teams to embed security across systems What We're Looking For Experience in a cybersecurity/IT security role Strong knowledge of security tools (SIEM (Sentinel), EDR/XDR, firewalls, IDS) Experience working in a SOC/NOC or similar environment Good understanding of security frameworks (ISO 27001, NIST, GDPR ...

giving you the chance to influence detection capability and response maturity. What You'll Be Doing Monitoring & Triage Analyse and triage security alerts using SIEM platforms Correlate events and identify patterns across multiple data sources Assess severity, scope, and business impact Investigation & Analysis Conduct detailed investigations across endpoint, network, identity … Contribute to documentation, playbooks, and operational standards What We're Looking For Strong experience within a SOC/CSOC environment Hands-on expertise with SIEM tools (e.g. Microsoft Sentinel, Splunk, Elastic) Experience with query languages such as KQL/ES|QL/Kibana Solid understanding of threat detection, IOCs, and ...

security monitoring strategy and best practice. What you will bring: Proven experience deploying and managing Splunk at enterprise scale. Strong hands-on knowledge of SIEM engineering, including indexing, parsing, onboarding and performance tuning. Experience designing and optimising detection content, including MITRE ATT&CK-aligned use cases and alert tuning … experience with KQL and EQL would be beneficial, but is not essential. Experience with automation and Infrastructure-as-Code within security monitoring or SIEM environments. Solid understanding of SIEM platform operations, including clustering, scaling, high availability, disaster recovery and performance optimisation. Strong problem-solving skills and a proactive approach ...

doing: Overseeing Security Operators during shifts, ensuring continuous security monitoring Performing initial investigations of potential threats using Security Incident and Event Management (SIEM) tools Monitoring SIEM systems for faults and anomalies Contributing to routine security incident management by identifying, prioritising, and escalating threats Supporting the confidentiality, integrity, and availability ...

robust protection of business systems and data. Key Responsibilities Manage day-to-day cyber security operations and incident response Monitor and optimise security tools (SIEM, firewalls, endpoint security) Maintain and support network infrastructure (LAN/WAN, Wi-Fi, L2/L3) Identify threats, conduct investigations, and implement security fixes Support … cyber security projects and ongoing improvements Key Skills & Experience Proven experience in cyber security operations and network infrastructure Strong knowledge of Palo Alto firewalls, SIEM tools, and endpoint security Experience with L2/L3 networking (Nexus, LAN/WAN, Wi-Fi) Vulnerability management (e.g. Qualys) and incident response expertise Understanding ...

improvements and engineering enhancements Support detection engineering, tuning, and platform optimisation Lead automation and SOAR initiatives to improve efficiency Collaborate with SOC providers on SIEM governance and data ingestion Ensure platforms meet regulatory and compliance requirements Maintain engineering documentation, standards, and governance Represent engineering in client governance and audit activities … issues Experience & Knowledge Essential: Significant experience in security engineering and platform management Strong leadership experience managing technical teams Deep knowledge of Microsoft Defender and SIEM platforms (e.g. Sentinel) Experience in hybrid cloud and on-prem environments Strong understanding of security architecture and frameworks Experience in regulated environments (e.g. financial services ...

investigations and incident response for OT-related cyber events Analyse industrial network traffic to identify anomalies, threats and protocol misuse Integrate OT telemetry into SIEM and EDR platforms to enhance visibility and correlation Support secure by design initiatives for new OT systems, including segmentation and access control validation Assess vulnerabilities … control systems (ICS) - including SCADA, PLCs, DCS Hands-on experience with OT security tools (e.g. Claroty, Nozomi, Dragos or similar NDR platforms) Experience with SIEM, EDR and network traffic analysis Background in incident response, threat detection and security monitoring within OT or converged environments Understanding of network segmentation, secure remote ...

enhancing detection efficacy, reducing false positives, and ensuring robust coverage against evolving threat landscapes. Key Responsibilities Design and implement detection use cases across SIEM and SOAR platforms using threat intelligence and incident data Develop, map, and maintain detection logic aligned to MITRE ATT&CK frameworks Continuously tune and optimise correlation … evolve a repository of use cases, KPIs, and SOC performance metrics Requirements 3+ years of commercial experience in SOC content engineering, detection engineering, or SIEM administration Strong commercial experience with Splunk Strong hands-on experience with SIEM platforms and query languages (e.g. SPL, KQL) Solid understanding of detection engineering principles ...

with BAE Systems in Preston on helping them source a Systems Administrator that has a couple of years' experience working with Linux (RHEL) and SIEM technologies. About the Role This role focuses on the day-to-day administration, monitoring, and support of Red Hat Linux servers within an enterprise environment. … system health, troubleshooting issues, and ensuring reliable performance across both Linux and Windows platforms. Alongside core system administration duties, you'll support security tooling (SIEM and SOAR), ensuring systems are correctly configured to collect, process, and deliver accurate data. You'll also help onboard new systems and data sources, ensuring ...

rotational basis. Develop and tune detection rules to improve alert quality and reduce false positives. Write and optimise queries (e.g., KQL) across SIEM platforms. Collaboration & Support: Work closely with internal teams and third-party providers to investigate and resolve incidents. Support MSSP interactions and escalations where required. Participate in incident …/Tier 3 preferred). Strong background in incident investigation and response. Experience handling escalated alerts and security tickets. Technical Skills: Experience with SIEM platforms (e.g., Microsoft Sentinel). Experience with EDR/XDR tools (e.g., CrowdStrike). ServiceNow or similar ITSM/SecOps platforms. Ability to write and optimise ...

SIEM Engineer – Watford, UK Up to £85,000 salary depending on experience Full time onsite role in Watford DV clearance required ABOUT THE CLIENT Our client is a highly respected technology and security services provider supporting organisations operating in complex and security critical environments. Their teams design and deliver advanced … ensure the right controls, tooling and processes are in place to protect critical systems and data. You will take ownership of detection engineering, SIEM platform performance and the full lifecycle of security detection content, ensuring security monitoring remains effective, scalable and reliable. Key responsibilities include: Acting SME on Splunk Enterprise ...

across identity, access, network and XDR technologies, ensuring system health, data integrity and effective alerting. You will support multi-tenant platforms such as XDR, SIEM, monitoring analytics, queries and dashboards, and identify opportunities to improve performance. You will contribute to onboarding by supporting ingestion pipelines, enrichment processes and integrations that … incidents, supporting investigation, containment and recovery activities, and contributing to post incident remediation and service improvement. Diagnose and resolve service incidents relating to security tooling (e.g. SIEM, XDR, logging pipelines), escalating complex issues where appropriate and contributing to root cause analysis and preventative actions. Support the planning, assessment and implementation ...

Discover and vault service/application/shared accounts Configure session proxies, Just-in-Time access, and break-glass procedures Integrate PAM with SIEM and Active Directory/Entra ID Manage upgrades, patches, and troubleshoot platform issues Maintain documentation, policies, and runbooks Support audit and compliance reporting Essential Requirements: Hands … Credential vaulting, password rotation, and session monitoring experience Onboarding Windows, Linux/Unix, and network devices to PAM Knowledge of AD privileged accounts and SIEM integration Understanding of ISO 27001/NIST CSF frameworks Strong troubleshooting and documentation skills Desirable: Degree in InfoSec, CS, or STEM Beyond Trust certifications Experience ...

ensuring compliance with relevant industry standards, enabling the business to operate securely and efficiently in a dynamic threat landscape. PRINCIPAL ACCOUNTABILITIES: Monitor and analyse SIEM, network, and endpoint logs to detect threats, vulnerabilities, and anomalies. Evaluate and triage security alerts, accurately distinguishing genuine threats from false positives and applying appropriate … experience in cybersecurity Strong knowledge of security protocols, cryptography, and security technologies Proven experience with security tools such as firewalls, EDR/XDR software, SIEM and intrusion detection systems. Experience within a NOC/SOC environment. Ability and enthusiastic approach to pick up new technologies and learn them Ability ...

MSPs to ensure security controls are implemented and sustained. Contribute to governance artefacts - policies, standards and documentation that underpin OT security. Support integration with SIEM/SOC functions for OT environments. What our client is looking for Strong OT security experience within ICS or critical infrastructure - ideally from … process industries. Hands-on experience implementing OT security strategies, policies and standards. Solid understanding of OT networks, segmentation and common industrial protocols. Familiarity with SIEM/SOC integration for OT environments. Experience working with operations/engineering teams and advising MSPs or third-party security providers. Excellent communication and documentation ...

rapidly expanding team investing in new capabilities and empowering analysts to develop and progress Key Responsibilities Deliver high‐quality security analysis by reviewing SIEM outputs and taking appropriate investigative and response actions Drive improvements across monitoring capability, processes, and tooling Engage confidently with a wide range of stakeholders, from technical … security challenges Act as an escalation point for junior analysts and manage incidents through investigation to response Essential Skills & Experience Strong experience working with SIEM technologies such as Splunk, ArcSight, LogRhythm, or AlienVault Solid understanding of how to maximise the value of security tooling Exposure to building SOC capability and ...