Cyber Security Consultant - SIEM Content Development

  • Job ref:


  • Location:

    Brentford, London

  • Sector:


  • Job type:


  • Salary:

    £65000 - £70000 per annum

  • Contact:

    Charlie Cameron

  • Email:

  • Published:

    about 1 year ago

  • Start date:


Cyber Security Consultant - SIEM Content Development

- Permanent Opportunity

- Role is based in Brentford

- Up to 60/40 split between being on site and remote

- Paying between £65,000 - £70,000 per annum

Job Description

SIEM Content Development Specialist works in the Cyber Security Operations Team. This role is at the heart of the CDO team and a SIEM Content Development Specialist can expect to be involved concurrently in a number of areas like content development, security analytics, security reporting and advisories, residual risk assessment etc.

Required Skills

  • Solid experience in SIEM content development and refinement.

  • Prior experience of SOC analyst experience (Level2 or above) required

  • In depth and extensive hands-on experience in security event analysis, create and refine SIEM/EDR rules and deliver efficiency within the SIEM and all other technologies used within the team

  • Deep knowledge of IPv4/IPv6, TCP networking protocols

  • Deep knowledge of Windows/Linux operating systems

  • Good working knowledge of security technologies such as SIEM (ArcSight, Sentinel, QRadar, LogRhythm, Splunk), EDR (Microsoft Defender, FireEye, Tanium), IDS/IPS, firewalls, proxies, web application firewalls, anti-virus, etc.

  • Understanding of Window Security Event logs and Syslog

  • Excellent familiarity with endpoint/perimeter security attack vectors and detection (blue/purple teaming)

  • Familiarity with standard security frameworks such as MITRE, cyber kill chain and APT campaign strategies

  • Good knowledge of cloud platforms such as Azure, O365, Google cloud, AWS, Oracle

  • Good working knowledge of regular expression development

  • Scripting and programming experience is highly desirable

  • Kusto or SQL knowledge, including rule/query optimisation

  • Proven ability to prioritise workload, meet deadlines and utilise time effectively

  • Good interpersonal and communication skills, works effectively as a team player and the ability to communicate technical information to a non-technical audience