SIEM Engineer (Security Information and Event Management) - SC CLEARED - Wokingham and Remote

SIEM Deployment & Management - Set up, configure, and maintain SIEM tools like Sentinel, Elastic.

EDR deployment, configuration & management - experience with tools like Tanium, Trellix, FireEye, Defender, Elastic EDR

Threat Detection & Analysis - Monitor security logs, detect anomalies, and investigate potential threats.

Experience configuring Syslog Servers and maintaining and configuring syslog feeds

Log ingestion Creation for Sentinel - Deploy OOTB integrations & develop & deploy custom integrations for various log source types.

Collaboration - Work with IT and security teams to improve overall cybersecurity posture.

Technical expertise. Strong knowledge & experience in security engineering with SIEM & EDR platforms, network security, and understanding of cybersecurity frameworks.

Certifications - CISSP, CEH, GIAC, or vendor-specific SIEM certifications, AZ-500, SC-100,etc.

Programming & Scripting - Familiarity with Python, PowerShell, KQL (Kusto query language), KQL (Kibana Query Language) or other Scripting languages.

Analytical Thinking & problem solving - Ability to analyze large datasets and identify threats, mitigations, misconfigurations, etc.

Communication Skills - Ability to document findings and communicate effectively with stakeholders

Please send CV for full details and immediate interviews. We are a preferred supplier to the client.