£65000 - £70000 per annum
5 months ago
- Permanent Opportunity
- Role is based in Brentford
- Up to 60/40 split between being on site and remote
- Paying between £65,000 - £70,000 per annum
SIEM Content Development Specialist works in the Cyber Security Operations Team. This role is at the heart of the CDO team and a SIEM Content Development Specialist can expect to be involved concurrently in a number of areas like content development, security analytics, security reporting and advisories, residual risk assessment etc.
Solid experience in SIEM content development and refinement.
Prior experience of SOC analyst experience (Level2 or above) required
In depth and extensive hands-on experience in security event analysis, create and refine SIEM/EDR rules and deliver efficiency within the SIEM and all other technologies used within the team
Deep knowledge of IPv4/IPv6, TCP networking protocols
Deep knowledge of Windows/Linux operating systems
Good working knowledge of security technologies such as SIEM (ArcSight, Sentinel, QRadar, LogRhythm, Splunk), EDR (Microsoft Defender, FireEye, Tanium), IDS/IPS, firewalls, proxies, web application firewalls, anti-virus, etc.
Understanding of Window Security Event logs and Syslog
Excellent familiarity with endpoint/perimeter security attack vectors and detection (blue/purple teaming)
Familiarity with standard security frameworks such as MITRE, cyber kill chain and APT campaign strategies
Good knowledge of cloud platforms such as Azure, O365, Google cloud, AWS, Oracle
Good working knowledge of regular expression development
Scripting and programming experience is highly desirable
Kusto or SQL knowledge, including rule/query optimisation
Proven ability to prioritise workload, meet deadlines and utilise time effectively
Good interpersonal and communication skills, works effectively as a team player and the ability to communicate technical information to a non-technical audience