Summary: The SIEM Engineer role involves building and deploying technical solutions to enhance the security capabilities of the Cyber Security Operations function. The position requires managing security tool configurations and collaborating with application administrators to onboard data sources into the SIEM data lake. This is a hybrid contract position based in Berkshire for an initial duration of four months, classified as inside IR35.

Key Responsibilities:

• Build and deploy innovative technical solutions to advance the security capability of the Cyber Security Operations function.
• Manage and oversee the configuration of various security tools to enable key stakeholders, such as CSOC and Threat Hunting and Detection Engineering (THaDE).
• Collaborate with application administrators across the business to onboard data sources into the SIEM data lake.
• Optimise forensic telemetry collection mechanisms to ensure accurate and efficient parsing and ingestion to the SIEM.
• Build resilient forensic telemetry collection technologies to support 24/7/365 monitoring of NESO and its control systems by CSO.
• Spearhead process improvement and curate, update and develop an internal cyber engineering knowledgebase.

Key Skills:

• Experience with SIEM and Azure – Essential.
• Building secure infrastructure and secure foundations.
• Strong analytical and problem-solving skills with the ability to handle complex and dynamic situations.
• Keen awareness of current and emerging cyber threats, trends, and best practices.
• Proven experience working with SIEM platforms and related tooling.
• Strong understanding of SIEM concepts and best practices.
• Familiarity with SIEM telemetry onboarding processes and techniques.
• Knowledgeable about various data source formats and protocols (e.g., syslog, JSON, REST API).
• Experience in troubleshooting and resolving data quality or ingestion issues.
• Previous work with security tooling such as EDR, Deception Tech, Malware Sandboxes, Vulnerability Management Tooling, etc.
• Familiarity with security incident response and investigation processes.
• Excellent problem-solving and analytical skills.
• Strong communication and collaboration abilities.
• Relevant certifications (e.g. GIAC) are a plus but not required.

Salary (Rate): undetermined

City: Berkshire

Country: United Kingdom

Working Arrangements: hybrid

IR35 Status: inside IR35

Seniority Level: undetermined

Industry: IT