Opnet Security Engineer Incident & Vulnerability
Role details
Job location
Tech stack
Job description
As a Opnet Incident & Vulnerability Security Engineer you will be responsible for the day-to-day maintenance, optimisation and automation of SOC tooling across the Protect, Detect and Respond functions within the NIST Cybersecurity Framework.
Day-to-day, you'll contribute to the development and configuration of new or revised SOC tooling, support of forensic investigations, monitoring adversary tactics, techniques and procedures whilst maintaining compliance.
Your responsibilities will include:
- Supporting the development, implementation and configuration of new or enhanced SOC tooling ensuring alignment with the business needs
- Driving optimisation and automation across SOC tooling to enhance detection and response, reduce analyst workload, deliver full support to the Protect, Detect and Respond functions
- Delivering full tooling visibility and independent assurance of all assets
- Managing, administering and maintaining security devices dailys (e.g , firewalls, IDS/IPS, SIEM, SOAR, EDR)
- Developing and tuning detection signatures, automation scripts and correlation rules to improve SOC detection capabilities
- Integrating standard and non-standard log sources into SIEM platforms, This role is 37 hours per week based at Corsham. Hybrid working patterns available. Travel to customer sites will be expected.
Requirements
- Proven hands-on experience in the implementation, maintenance and configurations of a wide range of SIEM and SOAR platforms
- Previous experience of applying ISO 27001:2013 security and risk controls
- The ability to script and automate using Python, Perl, PowerShell, BASH or equivalent languages to support SOC operations
- Demonstrable experience of applying the MITRE ATT&CK adversarial framework to map attacker TTPs and IoCs into actionable detection use cases
- Previous experience of digital forensics, malware analysis and threat intelligence
- The ability to work with Windows and Linux operating systems with a strong background in the analysis of TTPs, We value difference and we don't have a fixed idea when it comes to background or education, provided you can show the required level of experience and willingness to learn then we would like to hear from you.
Benefits & conditions
- Matched contribution pension scheme, with life assurance
- Generous holiday allowance, with the option to purchase additional days
- Options to join Health Cash Plan, Private Medical Insurance and Dental Insurance
- Employee discount portal: Personal Accident Insurance, Travel Insurance, Restaurants, Cinema Tickets and much more
- We are proud to support the Armed Forces community by honouring the Armed Forces Covenant and maintaining our Gold Award standard in the Defence Employer Recognition Scheme
- Volunteering Opportunities - helping charities and local community
Our Recruitment Process:
We want to make sure that our recruitment process is as inclusive as possible and we aspire to bring out the best in our candidates by creating an environment where everyone feels value, heard and supported. If you have a disability or health condition that may affect your performance in certain assessment types, please speak to your Recruiter about potential reasonable adjustments.
Many roles in QinetiQ are subject to national security vetting being completed, applicants who already hold the appropriate level of vetting may be able to transfer it upon appointment. A number of roles are also subject to additional restrictions, which mean factors such as nationality or previous nationalities may affect the roles that you can be employed in.
