SIEM/SOAR content developer - SOC - Cyber-Security Incident Response - Contract - Glasgow

SIEM/SOAR content developer with hands-on experience within an enterprise Security Operations Centre, focused on improving the coverage, quality and automation of cyber-security detection and response.

You will develop playbooks and automation in SOAR with analysts to improve efficiency of the SOC, Develop analytics in Splunk/or Elastic Search to detect actionable security alerts, Monitoring and supporting SIEM and SOAR platforms to ensure security and stability of SOC infrastructure.

Must be highly experienced with Unix/Linux command-line tools and Shell Scripting/Python. Expected to have knowledge of exploitation techniques (eg MITRE ATT&CK) and use-case development and thorough TCP/IP protocol experience.

By applying to this job you are sending us your CV, which may contain personal information. Please refer to our Privacy Notice to understand how we process this information. In short, in order to supply you with work finding services, we will hold and process your personal data, and only with your express permission we will share this personal data with a client (or a third party working on behalf of the client) by email or by upload to the Client/third parties vendor management system. By giving us permission to send your CV to a client, this constitutes permission to share the personal data that would be necessary to consider your application, interview you (Phone/video/face to face) and if successful hire you. Scope AT acts as an employment agency for Permanent Recruitment and an employment business for the supply of temporary workers. By applying for this job you accept the Terms and Conditions, Data Protection Policy, Privacy Notice and Disclaimers which can be found at our website