SIEM Application Engineer

SIEM Application Engineer

Posted 1 day ago by Rubicon Consulting

Apply
Negotiable
Undetermined
Undetermined
West Midlands
Apply
Access Controls Authentications Business Requirements Documentation Computer Science Cyber Incident Response Cyber Security Data Encryption Data Protection Strategy Data Quality Data Visualisation Elasticsearch Encryption Enterprise Security Identity And Access Management Information Systems Kibana Logstash Management MITRE ATT&CK Framework Query Optimisation Query Performance Security Engineering Security Information And Event Management (SIEM) Threat Detection Vulnerability Vulnerability Management

Summary: The SIEM Application Engineer role at Rubicon Consulting involves developing and optimizing SIEM solutions using Elasticsearch, collaborating with security teams, and enhancing threat detection capabilities. The position requires a strong focus on security engineering, query optimization, and compliance with data protection regulations. The role is based in West Midlands and is offered on a 6-month rolling contract. Candidates should have extensive experience in cybersecurity solutions and relevant technologies.

Key Responsibilities:

  • Collaborate with security analysts and architects to design and implement SIEM solutions using Elasticsearch.
  • Optimize SIEM rules, alerts, and dashboards for efficient threat detection.
  • Drive forward key security objectives through effective collaboration.
  • Write technical and business documentation and presentations.
  • Write efficient Elasticsearch queries to retrieve relevant security events.
  • Monitor and manage the performance of the SIEM infrastructure.
  • Contribute to security engineering projects, transitions, and transformations.
  • Work closely with security operations and incident response systems.
  • Stay informed about emerging threats and security best practices.
  • Set up access controls, authentication, and encryption using Elastic Security features.
  • Ensure compliance with data protection regulations.
  • Create, test, and optimize detection rules based on the MITRE ATT&CK Framework.
  • Fine-tune query performance using Elasticsearch indices and mappings.
  • Monitor Logstash pipelines and optimize resource utilization.
  • Leverage Kibana for data visualization, dashboards, and real-time monitoring.
  • Create custom visualizations to track data quality metrics and system performance.

Key Skills:

  • Security and Compliance with Elastic Security.
  • Detection Rule Development based on the MITRE ATT&CK Framework.
  • Performance Tuning with Elasticsearch and Logstash.
  • Kibana Visualization and Monitoring.
  • Bachelor’s/Master’s degree in Computer Science, Information Systems, Engineering, or related fields.
  • 5+ years of engineering experience in delivering cybersecurity solutions.
  • Experience with SIEM technologies (Elastic preferred), vulnerability management, and access management.

Salary (Rate): undetermined

City: West Midlands

Country: undetermined

Working Arrangements: undetermined

IR35 Status: undetermined

Seniority Level: undetermined

Industry: IT

Detailed Description From Employer:

Rubicon Consulting is currently recruiting for an SIEM Application Engineer on a 6 month rolling contract based in West Midlands.

Role Summary

  • SIEM Solution Development
    • Collaborate with security analysts and architects to design and implement SIEM solutions using Elasticsearch.
    • Optimize SIEM rules, alerts, and dashboards for efficient threat detection.
  • Collaboration:
    • Collaborate effectively with others to drive forward key security objectives
    • Presentation and documentation writing (to both technical and business audiences)
  • Query Optimization and Performance Tuning:
    • Write efficient Elasticsearch queries to retrieve relevant security events.
    • Monitor and manage the performance of the SIEM infrastructure.
  • Security Engineering:
    • Contribute to security engineering projects, transitions, and transformations.
    • Work closely with security operations and associated security incident response systems
    • Stay informed about emerging threats and security best practices.

Requirements:

  • Essential: · Security and Compliance with Elastic Security
    • Set up access controls, authentication, and encryption using Elastic Security features.
    • Ensure compliance with data protection regulations.
  • Detection Rule Development:
    • Ability to create, test, and optimise detection rules to identify suspicious activities and potential threats based on the MITRE ATT&CK Framework
  • Performance Tuning with Elasticsearch and Logstash:
    • Fine-tune query performance using Elasticsearch indices and mappings.
    • Monitor Logstash pipelines and optimize resource utilization.
  • Kibana Visualization and Monitoring:
    • Leverage Kibana for data visualization, dashboards, and real-time monitoring.
    • Create custom visualizations to track data quality metrics and system performance.
  • Bachelor’s/Master’s degree in Computer Science, Information Systems, Engineering, or other related fields
  • 5+ years of engineering experience in delivering cybersecurity solutions
  • Experience in key cyber technologies such as SIEM technologies (Elastic preferred), vulnerability management, access management and other commonly used Enterprise security controls. Ideally from both a development and operational perspective.

Our Company

Rubicon Consulting is a Talent management consultancy which helps you to optimise business performance and competitive advantage by choosing the right people first time!

Apply
Similar Jobs
Loading data...