Security Engineer SIEM

CYBERSECURITY ENGINEER - SIEM

We are seeking a highly motivated and experienced SIEM Security Engineer with CrowdStrike next generation technology experience to join a growing security team. You will play a crucial role in detecting, analysing, and responding to security threats, ensuring the confidentiality, integrity, and availability of our critical systems and data.

Responsibilities:

• Design, implement, and maintain the SIEM platform (e.g., Splunk, QRadar, Azure Sentinel, etc.), including log ingestion, parsing, correlation, and reporting.
• Develop and customise SIEM rules, dashboards, and reports detecting and alert on security incidents and anomalies.
• Develop and follow a DevOps lifecycle, standardising a route to live or all Security engineering development.
• Integrate various security tools and data sources with the SIEM platform.
• Monitor the SIEM platform for performance and health, ensuring its availability and scalability.
• Investigate and analyse security alerts and incidents, escalating as necessary.
• Collaborate with other security team members and IT staff to improve security posture and incident response capabilities.
• Strong experience with ISO27001 – NIST – CIS Top20 – DevOps – CI/CD – AppSec - ProdSec
• Develop and follow a DevOps lifecycle, standardising a route to live or all Security engineering development.
• Automate security tasks and processes using scripting languages (e.g., Python, Bash).
• Stay up to date with the latest security threats, vulnerabilities, and technologies.
• Work closely with the SOC teams to manage detection and response.
• Document SIEM configurations, processes, and procedures.
• Participate in security audits and compliance assessments.
• Provide support and training to other team members on the use of the SIEM platform.
• Contribute to the development and implementation of security best practices.

• Deep understanding of SIEM technologies and their applications.
• Strong knowledge of security concepts, including network security, endpoint security, vulnerability management, and incident response.
• Experience with log management and analysis.
• Proficiency in scripting languages (e.g., Python, Bash) is highly desirable.
• Excellent analytical and problem-solving skills.
• Strong communication and collaboration skills.
• Security certifications (e.g., Security+, CISSP, GSEC) are a plus.

Flexible working options are available.

#4658805 - James Francis