as Code practices. Assist in securing data platforms and implementing internal SIEM. Collaborate on securing Microsoft 365 and Azure cloud services. Operate SIEM andSOAR capabilities and enhance identity governance. Requirements: Hands-on experience with Microsoft Sentinel and Defender suite. Proficiency in Azure Landing Zones security enhancement. Familiarity with Microsoft … Entra ID andSOAR tooling. Ideally, experience in securing GitHub and data platforms. Knowledge of ISO 27001, Cyber Essentials Plus, and CIS. Scripting skills with Python and KQL. Strong English communication skills. more »
and managing Fortinet FortiAnalyzer. • Provide guidance to Infrastructure and Product teams on securing Microsoft 365 and Azure cloud services. • Establish and manage SIEM andSOAR capabilities using Azure Logic Apps or equivalents. • Enhance the usage and support of Entra ID (previously Azure AD) for IAM, Identity Governance, and PIM. • Document … with enhancing security in Azure Landing Zones (e.g., Key Vault, NSGs, WAF). • Experience with Microsoft Entra ID, including identity governance. • Proficiency in using SOAR tooling, automating security operations, and policy as code. • Ideally, experience in securing GitHub or similar platforms. • Ideally, experience in securing data platforms (e.g., Databricks, Snowflake more »
Cyber Assessment Framework (CAF) and ISA/IEC 62443, ISO/IEC 27001/27002, and GDPR. Working knowledge of security technologies including SIEM, SOAR, EDR, AV, IDS/IPS, NAC, AD, DLP, Web Filtering, Email Filtering, Behavioural Analytics. Knowledge of adversarial tactics, techniques, procedures (TTPs) and industry standard frameworks more »
quick, informed decisions under pressure. Relevant certifications such as GIAC, or Microsoft certifications would be advantageous. Any experience with SOC Prime, Carbon Black, andSOAR would be advantageous. Hybrid based - 2 days per week expected in their Warrington office. Paying up to 70k, depending on experience. As this is a more »
Corsham, England, United Kingdom Hybrid / WFH Options
J&C Associates Ltd
as they occur as part of an incident response team. • Implement metrics and dashboards to give visibility of the Enterprise infrastructure. • Use of the SOAR platform to assist with playbook automationand case management capabilities to streamline team processes and tools. • Produce documentation to ensure the repeatability and standardisation of more »
detection/prevention systems. Proficiency in securing operating systems such as Windows, Linux, and macOS. Knowledge of large-scale security technology deployments (SIEM/SOAR/EDR/NDR). Ability to lead technical teams and manage service providers effectively. Familiarity with threat intelligence sources and incident prioritization. Understanding of more »
implementing security by design.Other essentials:Background that covers cyber technology, security operations, incident response, architecture, and training.Experience in implementing technology such as SIEM, XDR, SOAR, etc.Background in Financial Services or other regulated industries (desired)Experience in leading through leaders and developing an internal capabilityGood soft skills, and the ability to more »
need: · Extensive experience of working within a SOC or adjacent role. · Experienced in responding to cyber incidents. · Conversant with common security tooling (E.g., SIEM, SOAR, EDR, NDR). · Understanding of threat actors, their tactics, techniques, and procedures. · Understanding of security event data, the value of different data sources and tools more »
Location: Remote, must be a resident of UK, Ireland, Bulgaria, Italy, Sweden or South Africa MUST hold valid RIGHT TO WORK, unfortunately we are not able to offer sponsorship About Us Integrity360 is one of Europe’s leading cyber securitymore »
Microsoft Sentinel and LogRhythm In-depth experience with Microsoft Sentinel, including use case and rule development, workbook/playbook creation, KQL & Logic Apps/SOAR Experience in managing Microsoft Sentinel as an MSSP, including Lighthouse, and management and multi-customer environments using DevOps About Capita Technology and Software Solutions (TSS more »
within Secuirty Engineering · Understanding of Security Operations · Experience with security toolsets such as (but not limited to) SIEM, cloud security (zero trust, CASB ect), SOAR, CVM tools. Desirable skills: · Experience with using Zscaler · Experience with using CrowdStrike. · Experience with using Qualys CVM. If you are ready to take the next more »
Leeds, England, United Kingdom Hybrid / WFH Options
Harvey Nash
by design. Other essentials: Background that covers cyber technology, security operations, incident response, architecture, and training. Experience in implementing technology such as SIEM, XDR, SOAR, etc. Background in Financial Services or other regulated industries (desired) Experience in leading through leaders and developing an internal capability Good soft skills, and the more »
to data, security, and network engineers. Technical Scope: Security Domains : Architecture and strategy across IT security areas such as Identity & Access Management, SIEM/SOAR, Threat Prevention, Network Security, Application Security, Data Privacy. Compliance : Ensure data securityand compliance with relevant regulatory andsecurity standards (e.g., NIST, CyberEssentials Plus, NCSC more »
threat actors, and the tactics and techniques adopted. Proven experience with programming - Python, Rust, C++ or other major languages Knowledge of SecOps tooling (SIEM, SOAR, TI). more »
Edinburgh, Scotland, United Kingdom Hybrid / WFH Options
Denholm Associates
part of the Cyber Security Operations team, this role will support: Security Platform Optimisation, covering endpoint, network, cloud and logging technologies SecurityOrchestrationAutomationandResponse, building securityautomation playbooks and integration's Security Data & Analytics, onboarding data and developing detection logic and analytics Essential Criteria: Demonstrable experience working in … cyber security Experience supporting security tools, such as SOAR, SIEM, EDR, NGFW, CSPM, WAF, AV Industry recognised certifications such as Certified Splunk Architect, PCSAE, CISSP/CCSP, CEH or equivalent experience Experience working in a hybrid (on-prem/multi-cloud) environment. Knowledge of one or more scripting languages with more »
relevant experience CISSP, CEH, OSCP, GCIH or applicable security field Incident, change and problem process management experience Experience in SIEM (Splunk, Sentinel), IPS andSOAR tools a plus Experience with investigating and managing major/complex cyber security incidents end-to-end Knowledge of adversarial tactics, techniques, procedures (TTPs) & industry … Att&ck, ISO27000, ISO27001) Strong working knowledge of security technologies including but not limited to SIEM, EDR/EPP, AV, IDS, IPS, AD, DNS, SOAR E: j.bhard@locke-mccloud.com Locke & McCloud are the UK’s leading cyber security & information security staffing company – through having a sole focus on the cyber more »
using a combination of existing knowledge resources and independent research.Understand Threat Intelligence and its use in an operational environmentProduce new workflows for automation into SOAR tools for common attack types.Continually improve the service and review use cases and propose changes and enhancements in line with the changing threat.SOC Analyst Technical more »
cyber security systems and tooling • Reasonable knowledge of Security Information and Event Management systems • Reasonable knowledge of Firewall systems (Fortigate essential) • Foundational knowledge of SecurityOrchestration, AutomationandResponse (SOAR) systems • Good knowledge of common operating systems (Windows, Mac, Linux) • Good knowledge of networking and network equipment • Relevant certifications such more »
South East London, England, United Kingdom Hybrid / WFH Options
Client Server
cyber security experience with a strong understanding of security concepts, principles and best practiceYou're experienced with security tools and technologies e.g. Splunk, SIEM, SOAR, EDR, NDRYou have a good knowledge of Linux and associated scripting languages e.g. Python, bash, PowerShellYou have an infrastructure/systems engineering backgroundIdeally you will more »
Centre (NCSC) Cyber Assessment Framework (CAF) and ISA/IEC 62443, ISO/IEC 27001/27002, GDPR.Working knowledge of security technologies including SIEM, SOAR, EDR, AV, IDS/IPS, NAC, AD, DLP, Web Filtering, Email Filtering, Behavioural Analytics.Knowledge of adversarial tactics, techniques, procedures (TTPs) and industry standard frameworks (Mitre more »
Experience in selling SaaS solutions. Experience in working for cyber-related channel partners and MSSPs - an advantage. Experience in selling cyber solutions like SIEM, SOAR, Threat Hunting, Incident Response, and Threat Intelligence - an advantage. Technical hands-on experience in SOC, Cyber security, or IT - an advantage. Experience in working with more »
or related field AND 5+ years sales and negotiation experience or related work or internship experience.3+ years' experience selling Security Solutions (EDR, XDR, SIEM, SOAR) to MSSP and MSP customers.Additional Or Preferred Qualifications (PQs) Bachelor's degree in business management, Information Technology, Marketing (or equivalent) or related field AND 10+ more »
combination of existing knowledge resources and independent research. Understand Threat Intelligence and its use in an operational environment Produce new workflows for automation into SOAR tools for common attack types. Continually improve the service and review use cases and propose changes and enhancements in line with the changing threat. SOC more »
related field AND 5+ years sales and negotiation experience or related work or internship experience. 3+ years' experience selling Security Solutions (EDR, XDR, SIEM, SOAR) to MSSP and MSP customers. Additional Or Preferred Qualifications (PQs) Bachelor's degree in business management, Information Technology, Marketing (or equivalent) or related field ANDmore »
telemetry requirements. Experience with SIEM platforms such as Splunk, Azure Sentinel, Qradar, Exabeam, etc. Python scripting MITRE Caldera and ATT&CK Atomic Red Team SOARautomationand enrichment Strong work ethic and postive can do attitude Bias for action and execution of tasks Willingness to grow skillset Career Level - IC4 … includes being a United States Affirmative Action Employer Responsible for authoring, tuning and deploying SIEM detections, Threat Hunting andautomation via pyton scripting andSOAR tools. May participate in an incident management team, responding to security events in line with Oracle incident response playbooks. Investigates purported intrusions and breaches, and … junior level security operations engineers in the department. Responsible for authoring, tuning and deploying SIEM detections, Threat Hunting andautomation via pyton scripting andSOAR tools. May participate in an incident management team, responding to security events in line with Oracle incident response playbooks. Investigates purported intrusions and breaches, andmore »