Role Title: SIEM Engineer
Duration: contract to run until 01/06/2025
Location: Wokingham, Hybrid 70/30%
Rate: up to £567 p/d Umbrella inside IR35
Clearance required: Eligible to go through BPSS
Role purpose / summary
* Build and deploy innovative technical solutions to advance the security capability of the Cyber Security Operations function.
* Manage and oversee the configuration of various security tools to enable key stakeholders, such as CSOC and Threat Hunting and Detection Engineering (THaDE).
* Collaborate with application administrators across the business to onboard data sources into the SIEM data lake.
* Optimise forensic telemetry collection mechanisms to ensure accurate and efficient parsing and ingestion to the SIEM.
* Build resilient forensic telemetry collection technologies to support 24/7/365 monitoring of control systems by CSO.
* Spearhead process improvement and curate, update and develop an internal cyber engineering knowledgebase.
Key Skills/ requirements
* Is passionate about security and building secure infrastructure and secure foundations.
* Is curious and enthusiastic about dealing with bespoke or less common data sources.
* Has strong analytical and problem-solving skills and ability to handle complex and dynamic situations.
* Has a keen awareness of current and emerging cyber threats, trends, and best practices.
* Has proven experience working with SIEM platforms and related tooling.
* Has a strong understanding of SIEM concepts and best practices.
* Is familiar with SIEM telemetry onboarding processes and techniques.
* Is knowledgeable about various data source formats and protocols (e.g., syslog, JSON, REST API).
* Has experience in troubleshooting and resolving data quality or ingestion issues.
* Has previously worked closely with security tooling such as EDR, Deception Tech, Malware Sandboxes, Vulnerability Management Tooling, etc.
* Is familiar with security incident response and investigation processes.
* Has excellent problem-solving and analytical skills.
* Has strong communication and collaboration abilities.
* May have relevant certifications (e.g. GIAC), but this is not required.
#J-18808-Ljbffr