SOC SME - Cyber Security
Posted 3 days ago by AA Business Consulting
Negotiable
Undetermined
Undetermined
Coventry, England, United Kingdom
Summary: The role of SOC SME - Cyber Security requires over 15 years of experience in cybersecurity, focusing on the design and implementation of network security, SIEM, SOAR, and threat intelligence. The position is based in Coventry, England, and involves leading the deployment of Microsoft Sentinel across global operational technology environments. Key responsibilities include configuring log sources, developing custom analytics, integrating threat intelligence, and automating incident response workflows.
Key Responsibilities:
- Lead Sentinel Deployment for OT SOC
- Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response
- Configure and onboard diverse log sources including Nozomi Networks, firewalls, EDR, VMDR, and other OT/IT systems into Sentinel
- Develop and fine-tune KQL-based analytics rules tailored to OT threat scenarios
- Integrate threat intelligence feeds into Sentinel to enhance detection capabilities
- Design and implement playbooks using Logic Apps to automate incident response workflows
- Build custom workbooks and dashboards to visualize OT security posture, threat trends, and SOC performance metrics
Key Skills:
- 15+ years of experience in Cybersecurity
- Expertise in Network Security, SIEM, SOAR, and Threat Intelligence
- Proficiency in Microsoft Sentinel
- Experience with Sentinel, Cribl, and Anomali
- Knowledge of KQL for analytics rule development
- Ability to configure log sources and integrate threat intelligence
- Experience in incident response automation using Logic Apps
Salary (Rate): 360GBP/day
City: Coventry
Country: United Kingdom
Working Arrangements: undetermined
IR35 Status: undetermined
Seniority Level: undetermined
Industry: IT
Role: 15+ years of experience in Cyber security Designing & implementation on Network Security, SIEM, SOAR & Threat Intelligence.
Location: Pilot Way, Ansty, Coventry, England
Buy Rate: 360GBP/day
Skills Required - Sentinel, Cribl & Anomali
Key Responsibilities:
- Lead Sentinel Deployment for OT SOC
- Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response.
- Log Source Integration
- Configure and onboard diverse log sources including Nozomi Networks, firewalls, EDR (e.g., Defender for Endpoint), VMDR (e.g., Qualys), and other OT/IT systems into Sentinel.
- Custom Analytics & Detection Rules
- Develop, and fine-tune KQL-based analytics rules tailored to OT threat scenarios, ensuring high-fidelity alerts and minimal false positives.
- Threat Intelligence Integration
- Integrate threat intelligence feeds into Sentinel to enhance detection capabilities and contextualize alerts within the OT landscape.
- Incident Response Automation
- Design and implement playbooks using Logic Apps to automate incident response workflows for common OT security events.
- Execution of the use cases on SIEM, SOAR & Threat Intelligence
- Build custom workbooks and dashboards to visualize OT security posture, threat trends, and SOC performance metrics.