you will have good security qualifications such as SANS/CREST qualifications, however, equivalent experience is just as well regarded. Strong working knowledge of SIEM, SOAR, EDR tooling is essential, as is an understanding of the MITRE ATT&CK framework. Experience in CNI/Defence sectors is also desirable.This is more »
About The RoleHippo Digital is recruiting a Principal SIEM Engineer to join our Hippo Herd. SIEM Engineers work in multi-disciplinary teams who build, support & maintain enterprise scale data platforms and solutions helping clients to drive transformation through improved data access and visibility.As a Principal SIEM Engineer, you will have … in a nutshell:Splunk Core Certified accredited SME acting as both consultant and engineer on large scale Splunk Enterprise Security projectsCreating/tuning of SIEM detection rules to satisfy client requirementsProviding technical consultancy for Hippo clients predominantly in the cyber security spaceWorking in hybrid teams across multiple clientsLeading and providing more »
looking for a SOC Manager to help them grow their Security Operation department from the ground up.Key skills required for this role Security Operations, SIEM, SOC Important SOC, Security Operation, SIEM, SOAR Job descriptionTitle: Cyber Security Operations ManagerLocation: Either Crawley or London (Hybrid)Salary: Up to 80,000 base plus … and developing incident response playbooks/processes, Security Orchestration, Automation and Response (SOAR), running red-team exercises and tabletop crisis war games.Working knowledge of SIEMand SOAR solutions, Identity and Access Managementand Data Loss Prevention technologies preferably including FortiSIEM, Q-Radar, Sentinel, Darktrace, Microsoft Defender.Experience managing suppliers for an more »
in managing security consultants. Demonstrable consulting experience, trusted advisor, working in partnership with customers and a good relationship builder. Previous experience of working with SIEM products like Splunk, Exabeam, ArcSight, Sentinel, Cisco Sourcefire or other IPS/IDS products is essential Security transformation programmes – design andmanagement of security solution more »
ISO27001/17 and STRIDE Threat Modelling Framework. Understanding of general security practices such as encryption, IAM, PAM, penetration testing, container security, securityinformationandeventmanagement etc. and supporting technologies. Ability to take ownership and work proactively . Organised with a proven ability to prioritise workload, meet deadlines, andmore »
VMware, Messaging (Exchange 2016+), IIS, SQL 2012+, Linux appliances, architecture and OS, backup technologies, Citrix, and Cisco networking. understanding of security technologies such as SIEM, firewalls, intrusion detection/prevention systems, anti-virus software, authentication systems, and log management. knowledge of security approaches including ISMS, risk analysis and assessments, the more »
role 3+ experience with cloud vulnerabilities 2+ years of experience with endpoint protection tools 2+ years of experience with securityinformationandeventmanagement (SIEM) tools 1+ years of experience with perimeter security Primary Functions Operate within the global Cybersecurity Team within the Information Technology department Ensure global alignment with … needed with security awareness content such as communications, posters, presentations Experience with securitymanagement/configuration cloud tools and services Experience maintaining and troubleshooting: endpoint security, SIEM systems, network security, cloud security, and perimeter security tools. Experience with Active Directory Experience with Microsoft desktop and server operating systems, RedHat Linux more »
Qualys Total Cloud and address any findings relating to non-compliance. Auditing configurations in order to plan remediations and verify compliance requirements are met. SIEM Integration and Configuration for Microsoft Cloud Services: Configure cloud services and Defender for Cloud for integration with Rapid7 InsightIDR SIEM to enhance security monitoring and … incident response capabilities. Integrate SIEM for monitoring Entra ID sign-in, audit, and risk log categories. Work with Security Operations to build and test required alert/detection rules Experience: Professional experience in cloud security, particularly with Microsoft Azure, Entra ID and Microsoft 365. Proficiency with Rapid7 InsightIDR, Qualys, andmore »
Firewalling principles generally) - virtual and physical, IDS/IDP, CASB and SASE concepts, network segmentation as well as experience in network packet analysis andSIEM log analysis (advantageous). The Perimeter Security Engineer will be an SME and act as a platform owner for perimeter security technologies and will need … virtual and physical Extensive experience in secure network perimeter design including network segmentation Packet capture and analysis experience using vendor and open-source tooling SIEM log analysis and anomaly detection experience (preferable) Coding and automation experience Python and/or Terraform (preferable) CISSP certifications or familiarity with CISSP concepts Hybrid more »
Will Need to Succeed: Minimum 5+ years of experience working in 24x7 enterprise operations, preferably security operations Minimum 3+ years of experience working with SIEM, including running investigations (correlating events on different aspects such as source/destination addresses, usernames, and process names) Demonstrable comprehension of InformationSecurity including malware more »
in securing cloud environments such as AWS, Azure, or GCP. Proficiency in security technologies and tools such as firewalls, intrusion detection/prevention systems, SIEM, and vulnerability management. Experience with IaC tools like Terraform, CloudFormation, or ARM templates. Deep understanding of IAM, encryption, network security, and data protection strategies in more »
on Sentinel, IAC, and SecOps. Previous experience working in start-ups or software development companies is highly desirable. Proficiency with Microsoft Sentinel and other SIEM platforms. Strong experience with Infrastructure as Code (IAC) tools such as Terraform, CloudFormation, or ARM. Hands-on experience with security tools and technologies In-depth more »
VMware, Messaging (Exchange 2016+), IIS, SQL 2012+, Linux appliances, architecture and OS, backup technologies, Citrix, and Cisco networking. Expertise in security technologies such as SIEM, firewalls, intrusion detection/prevention systems, anti-virus software, authentication systems, log management, and content filtering. Solid grasp of security approaches including ISMS, risk analysis more »
the firm. It would be ideal if your also knowledgeable in AWS, GCP. Security wise you will be knowledgeable in CASB, CSPM and IAM, SIEM etc. Required Skills & experience: Tenure as a Microsoft Security Architect in a blue-chip client Strong Azure experience Experience of a Cloud Adoption project Computer more »
years of experience with perimeter security administration (Web proxy, SMTP gateway, firewall) 3 or more years of experience with securityinformationandeventmanagement (SIEM) tools 3 or more years of experience with endpoint protection tools 2 or more years of experience working with threat intelligence feeds and IOCs Cybersecurity more »
Edinburgh, Scotland, United Kingdom Hybrid / WFH Options
Denholm Associates
platform. This role presents an exciting opportunity to get involved in innovative projects designing security controls and delivering emerging security technologies. Good knowledge of SIEM tooling is essential. Reporting to the Cyber Security Engineering Manager, you will help to deliver improvements across a number of our cyber security domains including … Analytics, onboarding data and developing detection logic and analytics Essential Criteria: Demonstrable experience working in cyber security Experience supporting security tools, such as SOAR, SIEM, EDR, NGFW, CSPM, WAF, AV Industry recognised certifications such as Certified Splunk Architect, PCSAE, CISSP/CCSP, CEH or equivalent experience Experience working in a more »
to be on site 3 days a week in our Birmingham office. Why this job matters Your role as a Software Engineer in the SIEM Platform team, within Secure Development is to support the development, implementation, operation and support of BTs Strategic SIEM development. We are seeking a skilled Software … Engineer with expertise in Elasticsearch (or other SIEMand/or Data platforms) to join our dynamic team. As a Software Engineer you will play a critical role in designing, developing, and maintaining our securityinformationandeventmanagement (SIEM) system. Your focus will be on leveraging Elasticsearch and related … Enhance data enrichment by integrating threat intelligence feeds and contextual information. • SIEM Solution Development: o Collaborate with security analysts and architects to design and implement SIEM solutions using Elasticsearch. o Optimize SIEM rules, alerts, and dashboards for efficient threat detection. • Query Optimization and Performance Tuning: o Write efficient Elasticsearch queries more »
engineering team. Knowledge: • Knowledge of big data technologies and ecosystems (e.g., NiFi). • Knowledge of current market and emerging leaders in data analytical andSIEM platforms. • Knowledge of network security implementations (e.g., host-based IDS, IPS), including their function and placement in a network. • Knowledge of intrusion detection systems and … ICS/network architectures and technologies. • Working with frameworks and technologies that support data-intensive distributed applications. • Experience maintaining and administrating data analytical andSIEM platforms. • Experience using host and network-based IDS/IPS • Experience using packet capture solutions. • Skill in developing and deploying signatures. • Skill to apply cybersecurity … Cyber Foundation Pathway, SANS SEC 301 Intro to InformationSecurity, SANS 401 Security Essentials Bootcamp. • Certified engineer in a market leading data analysis/SIEM platform. • SANS SEC501 Advanced Security Essentials Enterprise Defender. • SANS SEC 511 Continuous Monitoring & Security Operations. • SANS SEC555: SIEM with Tactical Analytics more »
Information Technology, Computer Science or relevant experience CISSP, CEH, OSCP, GCIH or applicable security field Incident, change and problem process management experience Experience in SIEM (Splunk, Sentinel), IPS and SOAR tools a plus Experience with investigating and managing major/complex cyber security incidents end-to-end Knowledge of adversarial … tactics, techniques, procedures (TTPs) & industry standard frameworks (Mitre Att&ck, ISO27000, ISO27001) Strong working knowledge of security technologies including but not limited to SIEM, EDR/EPP, AV, IDS, IPS, AD, DNS, SOAR E: j.bhard@locke-mccloud.com Locke & McCloud are the UK’s leading cyber security & informationsecurity staffing company more »
conveying technical aspects to an audience (e.g. product demos to the customer). Working knowledge of using the Scaled Agile Framework (SAFe). ArcSight SIEM toolset, or open to cross-train into ArcSight SIEM toolset (ESM, SmartConnectors, Logger and ArcMC). DV Cleared Application Packager - 5 days onsite near Reading more »
Warrington, England, United Kingdom Hybrid / WFH Options
Tata Consultancy Services
Role : SIEM SOC Engineer - L2 Job Type: Permanent Location: Warrington, Hybrid Ready to leverage your proficiency in Cybersecurity? Are you looking for an exciting opportunity to build a strong performing team, encouraging best practices in Cybersecurity? Join us as a SIEM SOC Engineer - L2 ! Careers at TCS: It means more … bring products to life. Work with customers and identify opportunities to support their strategy and improve their processes across functions. The Role: As a SIEM SOC Engineer - L2 , you will be responsible for collaborating with teams to design and implement Sentinel for specific client needs. Key Responsibilities: Collaborate with teams … in a SOC environment. Understanding of security concepts, threats, and vulnerabilities. Proficiency in KQL for querying and analyzing security data. Knowledge of troubleshooting with SIEM tools. Knowledge of developing queries and reports for log source integration. Experience in lookups and field value mapping. Ability to understand security threats landscape andmore »
and risk levels Develop and maintain SecOps documentation, policies, and procedures Maintain cybersecurity solutions across systems, applications, and infrastructure Investigate security alerts from the SIEM tool and take appropriate incident response actions. Communicate with stakeholders about security incidents, detailing actions taken. Support the Cyber Incident Response Manager by triaging events more »
of staff · Minimum two years experience working within Secuirty Engineering · Understanding of Security Operations · Experience with security toolsets such as (but not limited to) SIEM, cloud security (zero trust, CASB ect), SOAR, CVM tools. Desirable skills: · Experience with using Zscaler · Experience with using CrowdStrike. · Experience with using Qualys CVM. If more »
Reading, England, United Kingdom Hybrid / WFH Options
Project People
commercial experience with the following technologies/systems: Check Point Firewall/NIDS/DLP/Anti-Virus/Identity Awareness/URL Filtering SIEM/Splunk Enterprise Desktop and Server Anti-Virus/Malware and endpoint protection technologies Vulnerability Security Scanning e.g. Nessus Microsoft Windows Server family of products. … of TCP/IP Identity and access management systems Active Directory, GPO Configuration Citrix/VMWare Desirable Experience: Experience of managing and developing a SIEM system, and feeding events into a SOC in order to identify and alert on security incidents Understanding of security issues and ability to allocate work more »