Cyber Security Engineer SoC/SIEM
ledbury, midlands, united kingdom
Methods Business and Digital Technology
Linux Proficiency: Administer and troubleshoot Linux-based systems, with command-line fluency and scripting ability (e.g. Bash, Python) to support SIEM operations, log parsing, and agent deployment. Detection Engineering & Threat Rules: Develop and tune custom detection rules using ESQL, EQL, and Lucene syntax to identify malicious activity. Use MITRE ATT&CK-aligned techniques and contribute to the design of … with SOAR or SIEM enrichment tools (e.g., TheHive, MISP, Cortex). Knowledge of additional log forwarding/processing tools (e.g. Elastic Agent, Fluentd). Exposure to vulnerability management and threat intelligence platforms such as OpenCTI. Qualifications: Expert knowledge of Azure & Sentinel Proven experience as a Cyber Analyst with a focus on Security Operations. Strong expertise in using … Elastic Stack, including Elasticsearch, Logstash, and Kibana. Familiarity with other SIEM tools and security technologies. Knowledge of cybersecurity best practices, threat intelligence, and incident response. Excellent analytical and problem-solving skills. Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or Elastic Certified Engineer (ECE) are a plus. This role will require you More ❯
Posted: