Who are we looking for?
We are seeking a highly skilled and experienced Senior Security Engineer to join our Managed Security Service Provider (MSSP) team. You will be responsible for driving our adoption of Splunk, client onboarding projects, managing multi-vendor SIEM proof of concepts with a specific focus on a Splunk Enterprise Security and Microsoft Sentinel, developing custom connectors to ingest log data into SIEM tooling. The ideal candidate will possess a deep understanding of infrastructure as code (IaC) and DevOps Pipelines with Bicep/Terraform and proficiency in scripting/programming languages such as Python/Go. Experience with Splunk deployments, log management, and threat detection is required, including expertise in dashboard creation, query development, and alert configuration. Additional experience in Microsoft Sentinel deployments is beneficial.
What you'll be doing
This role sits within our MSSP team, as a senior member of the security engineering team focused on growing our SIEM management capabilities and integrating those into our Managed SOC offering in a consistent and professional way. You will work on a variety of projects, the below should be considered key focus areas of the role:
* Client Onboarding Projects: Lead and execute comprehensive client onboarding processes, ensuring a seamless transition and integration into SOC.
* Splunk Proof of Concepts (PoCs): Design, implement, and manage PoCs for Splunk and Microsoft Sentinel demonstrating their capabilities and value to clients.
* Custom Data Connectors: Develop, test, and deploy custom data connectors to integrate various data sources into SIEM systems, including Splunk and Azure Sentinel.
* Infrastructure as Code (IaC): Utilize Bicep and Terraform for automating cloud infrastructure deployment and management, ensuring scalability and consistency.
* Scripting and Automation: Develop and maintain automation scripts using Python/Go and Function Apps to streamline security operations.
* SIEM Expertise: Deploy, configure, manage, and optimize Splunk for security monitoring, log ingestion, query development, and threat detection.
* Technical Leadership: Provide technical guidance and mentorship to junior engineers, fostering a culture of continuous learning and improvement.
* Client Engagement: Work closely with clients to understand their security needs, provide expert advice, and ensure satisfaction with our services.
* Pre-Sales Support: Work closely with the sales team to accurately scope projects and their deliverables, ensuring proper resource allocation.
* Documentation and Reporting: Create and maintain comprehensive documentation for projects, processes, and configurations.
What we're looking for
You'll have experience of:
* 3+ Years of Splunk Enterprise Security deployment and administration experience.
* 3+ years of experience in DevOps, IT security, or a related field.
* Strong knowledge of scripting languages such as Python, Go or Shell.
* Strong knowledge of Infrastructure as Code (IaC) tools such as Bicep, Terraform or CloudFormation.
* Experience with cloud platforms (AWS, Azure, GCP).
* Familiarity with CI/CD tools (Jenkins, GitLab, CircleCI, Azure DevOps).
* Experience with security tools (SAST, DAST, IAST, RASP).
* Understanding of container and orchestration technologies (Docker, Kubernetes).
* Ability to explain complex security topics in an understandable manner.
* Strong problem-solving skills and the ability to work under pressure.
* Knowledge of networking, firewalls, VPNs, IDS/IPS, and other security technologies, including on-premise infrastructure, and how these integrate into SOC monitoring.
What's in it for you?
Our vision is to create a safe, inclusive digital world where people and organisations can thrive. Our values of Do the Right Thing, One Team and Above and Beyond emphasises the importance of the part we play in society, and our commitment to our people and clients. Our story to-date has been phenomenal, but success doesn't end here and as we continue to grow and scale, we want to keep the same culture, passion and commitment to high quality that has enabled us to get this far. Bridewell will provide a great career opportunity with continual development as well as the following:
* Competitive Salary
* 25 Days Holiday - Plus buy and sell options
* Flexible Working (around core office hours)
* Profit Share Scheme
* Company Pension
* Employee Shareholder Scheme
* Dedicated Training Budget
* Home Office Equipment (for remote working employees)
* Life Assurance
* Cycle to Work Scheme
* Electric Vehicle Scheme
* Private Healthcare (incl. Gym discounts)
* Vision Care
* Birthday off (After 1 year)
About Bridewell
One of the most exciting prospects in the UK Cyber Security sector today, Bridewell is one of the fastest growing Cyber Security services businesses with a strong track record for delivering complex security projects and providing excellent customer service. Bridewell has an exciting and varied portfolio of clients across Financial Services, Manufacturing, Oil & Gas, Government, Critical National Infrastructure and more. Bridewell holds the Gold level Investors in People award which we feel solidifies and reflects on the outstanding calibre that makes us truly One Team. Along with our focus on our people, we also have a big focus on sustainability and recognise the role we play in the fight against climate change. Today, Bridewell is proud to be a carbon negative business.
Location: Bridewell operates a hybrid and flexible working policy, however for this role you will need to either be based in or willing to travel to London regularly.
Note: To be eligible for this job you must either hold SC or be eligible and willing to go through security clearance.
Bridewell values diversity in the workplace and is a fair and equal opportunity employer. We are committed to creating an equal and inclusive working environment, with the aim that our employees will be truly representative of all sections of society and each person feels respected and able to give their best.
#J-18808-Ljbffr