Qualys Total Cloud and address any findings relating to non-compliance. Auditing configurations in order to plan remediations and verify compliance requirements are met. SIEM Integration and Configuration for Microsoft Cloud Services: Configure cloud services and Defender for Cloud for integration with Rapid7 InsightIDR SIEM to enhance security monitoring and … incident response capabilities. Integrate SIEM for monitoring Entra ID sign-in, audit, and risk log categories. Work with Security Operations to build and test required alert/detection rules Experience: Professional experience in cloud security, particularly with Microsoft Azure, Entra ID and Microsoft 365. Proficiency with Rapid7 InsightIDR, Qualys, andmore »
will play a pivotal role in safeguarding our organization's critical infrastructure and data against cyber threats. Your expertise in designing, implementing, and maintaining SIEM solutions will help us proactively identify and mitigate security incidents, ensuring the confidentiality, integrity, and availability of our systems. The requirement for being in the … office is 4 days per month. Responsibilities: Work with the technical lead/SME for the CSOC andSIEM service offering by managing and improving the platforms to meet the requirements of the business and/or client. Assist in establishing and maintaining processes, tooling, and metrics that help provide … implemented through onboarding or continuous improvement activities. Qualifications & Experience: Professional experience of working in an Incident Response Team or a similar environment. Knowledge of SIEM platforms such as Azure Sentinel, Microsoft Defender, Splunk, ArcSight, QRadar, or LogRhythm. Strong analytical and problem-solving skills with the ability to handle complex securitymore »
SOC team to ensure the effective support and delivery of the following: Provide around the clock protective monitoring through the use of industry leading SIEM, IDS and threat Intelligence Technologies. Provide advice and guidance to client targets of cyber attacks and malicious activity to a high standard. Provide incident reporting … and effective manner. Provide analytical support to other SOC team members during security incidents and Threat Mining engagements. Assistance with onboarding process - deployment of SIEM, EDR and Vulnerability Management tools Direct communication with customers on threats and alerts Providing customers with reports and presenting findings Assistance with active directory administration. more »
Manchester, Clifton, City and Borough of Salford, United Kingdom Hybrid / WFH Options
Advania UK
will play a pivotal role in safeguarding our organization's critical infrastructure and data against cyber threats. Your expertise in designing, implementing, and maintaining SIEM solutions will help us proactively identify and mitigate security incidents, ensuring the confidentiality, integrity, and availability of our systems. Responsibilities: - Work with the technical lead …/SME for the CSOC andSIEM service offering by managing and improving the platforms to meet the requirements of the business and/or client - Assist in establishing and maintaining processes, tooling and metrics that help provide a high level of productivity, supportability, and operational readiness - Actively participate in … implemented through onboarding or continuous improvement activities Qualifications & Experience: Professional experience of working in an Incident Response Team or a similar environment Knowledge of SIEM platforms such as Azure Sentinel, Microsoft Defender, Splunk, ArcSight, QRadar, or LogRhythm. Strong analytical and problem-solving skills with the ability to handle complex securitymore »
Doncaster, England, United Kingdom Hybrid / WFH Options
Cloud Decisions
Engineer you'll work handling both reactive and proactive security engagements. Your responsibilities will include: ✨Protective Monitoring: Utilize industry-leading SecurityInformation & EventManagement (SIEM) and Intrusion Detection Systems (IDS) to monitor and detect threats. Provide advice and guidance to clients targeted by cyber attacks and malicious activity. ✨Incident Reporting … Communication: Communicate directly with customers regarding threats and alerts. Prepare and present findings to clients. ✨Technical Assistance: Assist with the onboarding process, including deploying SIEM, Endpoint Detection and Response (EDR), and Vulnerability Management tools. Provide support for active directory administration and firewall management. Key Skills and Traits Needed: Must be more »
Liverpool, Merseyside, United Kingdom Hybrid / WFH Options
Sanderson Recruitment Plc
security metrics and reports, maintain comprehensive documentation, and develop new procedures as necessary. Security Platforms Management : Support, maintain, and govern all security platforms, including SIEM, NAC, Firewalls, endpoint security, and more. Threat Analysis and Response : Conduct advanced analysis of network, endpoint, and log data to determine root causes and impacts … policies and procedures. Key Requirements: Proven experience in leading and mentoring a technical team within an IT function. Strong expertise in using and supporting SIEM tools , Network Access Control , and Next-Gen Firewalls . Demonstrated ability to conduct thorough threat analysis , forensic investigations , and manage cyber security incidents . Experience more »
Preston, Lancashire, United Kingdom Hybrid / WFH Options
BAE Systems
hardware & cyber security toolsets as required for the role Continuously work towards organisational, departmental, and individual objectives and uphold security standards and principles Supporting SIEMand SOAR technologies Provide ongoing managementand administration of Cyber Security solutions Provide support to projects delivering and implementation of Cyber Security solutions Provide guidance … to create custom KQL scripts that are used to conduct sophisticated security data analysis and uplift incident response and threat detection capabilities within a SIEM Highly motivated with the ability to work autonomously to complete a range of tasks to time and quality with the minimum of supervision Understanding of … log management, log source integration and connector development skills to support ingests without off the shelf support Capable of building and supporting a Sentinel SIEM platform from a Cyber-Engineering perspective Possessing an open and communicative style that engenders trust and promotes good working relationships Desirable: Cyber Security Technical Control more »
Employment Type: Permanent
Salary: £60000/annum Depending on skills and experience
Information Technology, Computer Science or relevant experience CISSP, CEH, OSCP, GCIH or applicable security field Incident, change and problem process management experience Experience in SIEM (Splunk, Sentinel), IPS and SOAR tools a plus Experience with investigating and managing major/complex cyber security incidents end-to-end Knowledge of adversarial … tactics, techniques, procedures (TTPs) & industry standard frameworks (Mitre Att&ck, ISO27000, ISO27001) Strong working knowledge of security technologies including but not limited to SIEM, EDR/EPP, AV, IDS, IPS, AD, DNS, SOAR E: j.bhard@locke-mccloud.com Locke & McCloud are the UK’s leading cyber security & informationsecurity staffing company more »
Skelmersdale, Lancashire, North West, United Kingdom Hybrid / WFH Options
Police Digital Services
including their TTPs Experience in utilising open-source intelligence and the development of tools to assist with this Experience in conducting malware, phishing, andSIEM log analysis Knowledge of relevant CTI sources Excellent knowledge of adversarial cyber actors, including their TTPs and the adversary lifecycle Comprehensive experience in conducting malware … phishing, andSIEM log analysis Experience with threat modelling systems and risk assessment models Extensive experience in utilising open-source intelligence Experienced CTI analyst with the ability to progress service provided to police forces, lead development, and train juniors Demonstrated ability to manage customer relationships Strong leadership skills with the more »
Wigan, Greater Manchester, North West, United Kingdom Hybrid / WFH Options
Police Digital Services
including their TTPs Experience in utilising open-source intelligence and the development of tools to assist with this Experience in conducting malware, phishing, andSIEM log analysis Knowledge of relevant CTI sources Senior Excellent knowledge of adversarial cyber actors, including their TTPs and the adversary lifecycle Comprehensive experience in conducting … malware, phishing, andSIEM log analysis Experience with threat modelling systems and risk assessment models Extensive experience in utilising open-source intelligence Experienced CTI analyst with the ability to progress service provided to police forces, lead development, and train juniors Demonstrated ability to manage customer relationships Strong leadership skills with more »
Warrington, England, United Kingdom Hybrid / WFH Options
Tata Consultancy Services
Role : SIEM SOC Engineer - L2 Job Type: Permanent Location: Warrington, Hybrid Ready to leverage your proficiency in Cybersecurity? Are you looking for an exciting opportunity to build a strong performing team, encouraging best practices in Cybersecurity? Join us as a SIEM SOC Engineer - L2 ! Careers at TCS: It means more … bring products to life. Work with customers and identify opportunities to support their strategy and improve their processes across functions. The Role: As a SIEM SOC Engineer - L2 , you will be responsible for collaborating with teams to design and implement Sentinel for specific client needs. Key Responsibilities: Collaborate with teams … in a SOC environment. Understanding of security concepts, threats, and vulnerabilities. Proficiency in KQL for querying and analyzing security data. Knowledge of troubleshooting with SIEM tools. Knowledge of developing queries and reports for log source integration. Experience in lookups and field value mapping. Ability to understand security threats landscape andmore »