SIEM Specialist

As part of a brand new Cyber team my client is looking to employ a SC cleared SIEM specialist to assist in the build out a Nationwide cyber defence platform .

Responsibilities

• Accountable for new and updated rules, log sources, dashboard and documentation
• Continuously identifying operational and technical improvements that can be made within the SIEM tools
• The lifecycle of a use-case
• The lifecycle of a dashboard.
• The lifecycle of a log source.
• Responsible for supporting playbook creation (configuration) of existing or new log-sources
• Responsible for defining time and risk information related to the delivery of the use-case dashboard and log source deliverables.
• Create or modify standard and custom rules either with a manual custom rule or via automation
• Continuously identify operational and technical improvements that can be made
• Creation of content on SIEM
• Creation rules on SIEM

Essential experience

Candidates must hold current SC (or above clearance)

• Proven experience in SIEM content delivery
• SME in SIEM technology
• Development of SIEM rules and use-cases
• Experience of working in an operational security environment
• Experience in internal and external stakeholder management and engagement
• Awareness of the threat landscape and how that informs SIEM content delivery.
• Ability to convert elements such as Postattack Frameworks and Threat Intel into deliverable content.