2 of 2 CSOC Jobs in Central London

improving the government's ability to detect and respond to cyber threats across multiple portfolios. You'll work alongside the SIEM Product Owner and CSOC teams to define and deliver architectural and engineering enhancements using Splunk SaaS and related technologies. Key Responsibilities Produce and maintain architecture diagrams, high- and low … level design documentation Lead configuration of Splunk and associated infrastructure (AWS EC2, S3, SQS, etc.) Drive use case development aligned with CSOC and MITRE ATT&CK framework Attend and represent the project at key technical forums (ADF, TDA, workshops) Deliver improvements to SIEM architecture, use cases, automation, and data enrichment … Essential Skills & Experience Strong experience in Splunk SaaS as a lead engineer and/or architect Deep understanding of SIEM Engineering & Architecture , particularly in CSOC environments Demonstrated experience leading end-to-end SIEM improvement initiatives Proven ability to define and implement change within complex cyber environments Excellent documentation, communication, and More ❯

producing architecture diagrams, high level and low-level design documents. You will also be able to configure Splunk with use cases in line with CSOC standards and also configuration of Splunk as part of onboarding CNI and all other systems. Configuration of all infrastructure including AWS - EC2, S3 buckets, SQS … to Splunk SaaS is also essential. You must have experience of defining improvements within Cyber departments, particularly, SIEM improvements within Cyber Security Operations Centre (CSOC) functions that result in an increase in SIEM Maturity Levels. Please apply ASAP to discuss further. More ❯