SIEM Engineer

Role: SIEM Engineer

Type: Permanent

Location: Basingstoke

We are looking for an experienced SIEM Engineer for one of our global IT clients, who would be responsible for the design, implementation and on-going support of solutions to meet business needs, aligned to agreed compliance standards.

What skills / experience we are looking for:

• Knowledge and experience of Cyber Security and evidence of working as a SIEM Engineer with previous experience of the software, including architectural design, configuring, operating and problem solving activities.

• As a senior member of the team, you will be accountable for the technical elements of complex work packages, working closely with customers and internal stakeholders to deliver comprehensive SIEM Management and support.

• Provide a Technical Escalation Point during security incidents and advise on mitigation measures.

• Support the customer with the creation of reports and dashboards, manage alarms and usage cases as and when required.

• Maintain a keen understanding of evolving threats and vulnerabilities to ensure the security of customer networks.

• Update Protective Monitoring/SIEM documentation, processes and procedures and ensure validity as required.

What you can expect to be doing:

• Working across multiple teams, you'll be the Subject Matter Expert for the LogRhythm SIEM Providing technical advice and guidance to SOC staff, Third Line, System Architects, Project Managers and other teams.

• Developing strong relationships across the organisation, with external strategic support partners and 3rd party vendors who provide tooling support. This ensures the safety of both on-prem data and systems, hosted and supported in other geographical locations. Knowledge and experience of SaaS, PaaS and IaaS solutions is desirable.

• Responsibility for the on-going management and in-service configuration changes of multiple SIEM solutions in a 24/7 environment with an on call requirement.

• You will troubleshoot, diagnose, report and resolve issues which may arise with a number of the tools used to deliver our services (including other SIEM tooling)

• Support the SOC Analysts in the use of the toolset and with investigations to establish the facts surrounding potential suspicious activities and to understand the impact and possible risks associated.

• Creation, amendment, tuning and supporting the engineering of protective monitoring use cases.

• Provide security consultancy to other internal teams for matters relating to the SIEM.

• Support bid teams with their customer engagement by providing knowledge of the SIEM/SOC operations.

• Creation of custom parsing RegEx for on-boarding new log sources

• Troubleshooting issues that may occur within the SIEM and resolving them with the help of vendor support

Note: To apply this role, the candidate must either hold a SC or should be willing to undergo SC. (Security Clearance)

Project People is acting as an Employment Agency in relation to this vacancy.