Security Engineer SIEM - Hybrid
Anson McCade
Charing Cross, United Kingdom
8 days ago
Role details
Contract type
Permanent contract Employment type
Full-time (> 32 hours) Working hours
Regular working hours Languages
English Compensation
£ 82KJob location
Charing Cross, United Kingdom
Tech stack
Amazon Web Services (AWS)
Azure
Cloud Computing
Computer Security
Computer Networks
System Configuration
Identity and Access Management
Intrusion Detection and Prevention
Microsoft Software
Security Information and Event Management
TCP/IP
Virtual Machines
Software Vulnerability Management
Computer Network Technologies
Data Ingestion
Cyber Threat Analysis
Microsoft Sentinel
Splunk
Security Orchestration, Automation & Response
Job description
The SIEM Engineer will support the design, deployment, configuration and ongoing development of the SOC's security monitoring capability. The role will work across technologies including Splunk, Microsoft Sentinel, SOAR, Microsoft XDR and wider security tooling, with a major focus on SIEM engineering, data onboarding, integrations, detection content and threat-led use cases.
Requirements
- Strong experience designing, building, deploying and operating SIEM and SOAR platforms
- Hands-on experience with Splunk and/or Microsoft Sentinel, ideally with strong exposure to both
- Experience with technologies such as Splunk Enterprise Security, Splunk SOAR, UBA, Elastic or Microsoft XDR
- Proven experience deploying and configuring SIEM platforms across cloud and/or on-premises environments
- Experience supporting high-volume data ingestion environments
- Strong experience with log collection and onboarding data sources into a SIEM
- Ability to define and develop threat-led detection use cases, playbooks and automation content
- Experience integrating SIEM platforms with identity management, vulnerability management, asset management, threat intelligence and case management systems
- Strong knowledge of Azure and/or AWS security controls and detection capabilities
- Experience deploying security technologies across cloud, containerised and virtual machine environments
- Strong understanding of enterprise ICT and security architecture
- Good networking knowledge, including TCP/IP and the ability to identify normal and abnormal network traffic
- Detailed understanding of threat intelligence, threat actors and TTPs
- Experience developing technical test procedures against functional and non-functional requirements
- Strong technical documentation and client-facing communication skills
Benefits & conditions
- Salary: £72,000 - £82,000
- 10% annual bonus
- Opportunity to help build a new enterprise-scale SOC from the ground up
- Hybrid working with customer-site attendance near Frimley approximately once every one to two weeks
- London and Frimley are ideal locations, with flexibility for candidates based elsewhere who can travel regularly
- Excellent benefits package
- Strong technical development and career progression opportunities
- Candidates must be eligible to obtain SC clearance