This position is no longer open for applications

SIEM Engineer

SIEM Engineer (BBBH63074) Berkshire, England

Salary: £Market

SIEM Engineer

Whitehall Resources are currently looking for a SIEM Engineer on a Hybrid basis based in Berkshire for an initial 4 month contract.

*** INSIDE IR35 ***

Key Accountabilities:

  • Build and deploy innovative technical solutions to advance the security capability of the Cyber Security Operations function.
  • Manage and oversee the configuration of various security tools to enable key stakeholders, such as CSOC and Threat Hunting and Detection Engineering (THaDE)
  • Collaborate with application administrators across the business to onboard data sources into the SIEM data lake.
  • Optimise forensic telemetry collection mechanisms to ensure accurate and efficient parsing and ingestion to the SIEM.
  • Build resilient forensic telemetry collection technologies to support 24/7/365 monitoring of NESO and its control systems by CSO.
  • Spearhead process improvement and curate, update and develop an internal cyber engineering knowledgebase (bonus points if you?re already skilled in Mermaid or Markdown!) About you


Key Skills:

  • Experience with SIEM and Azure - Essential
  • Building secure infrastructure and secure foundations.
  • Has strong analytical and problem-solving skills and ability to handle complex and dynamic situations.
  • Has a keen awareness of current and emerging cyber threats, trends, and best practices.
  • Has proven experience working with SIEM platforms and related tooling. o Has a strong understanding of SIEM concepts and best practices. o Is familiar with SIEM telemetry onboarding processes and techniques.
  • Is knowledgeable about various data source formats and protocols (e.g., syslog, JSON, REST API).
  • Has experience in troubleshooting and resolving data quality or ingestion issues.
  • Has previously worked closely with security tooling such as EDR, Deception Tech, Malware Sandboxes, Vulnerability Management Tooling, etc.
  • Is familiar with security incident response and investigation processes.
  • Has excellent problem-solving and analytical skills.
  • Has strong communication and collaboration abilities.
  • May have relevant certifications (e.g. GIAC), but this is not required.
;