SIEM Engineer

Job Title: SIEM Engineer
Location: Wokingham/Hybrid (3 days per week on site)
Duration: 3 months from the start
Rate: £430 per day inside ir35

SC security clearance is required for this role

We are looking for a highly skilled Security Engineer to support the deployment, configuration, and management of modern SIEM and EDR platforms. This role is ideal for someone with strong hands-on technical security expertise and a passion for threat detection, analysis, and automation.

Key Responsibilities:

• Syslog experience and/or strong Linux skills

SIEM Deployment & Management

• Configure, deploy, and maintain SIEM platforms such as Microsoft Sentinel or Elastic SIEM.
• Build and optimise log ingestion pipelines.

EDR Deployment & Management

• Manage and maintain tools including Tanium, Trellix, FireEye, Microsoft Defender, or Elastic EDR.

Threat Detection & Analysis

• Monitor security logs and alerts.
• Investigate anomalies, understand attack patterns, and provide actionable recommendations.

Syslog Management

• Configure and maintain Syslog servers.
• Manage Syslog feeds and ensure reliable log forwarding.

Log Ingestion for Sentinel

• Deploy out-of-the-box integrations.
• Develop custom connectors and ingestion methods for diverse log sources.

Collaboration

• Work closely with IT, SOC, and wider security teams to strengthen the organisation's cybersecurity posture.

Required Skills & Qualifications

• Strong background in security engineering, SIEM/EDR tooling, and network security.
• Certifications such as CISSP, CEH, GIAC, AZ-500, SC-100, or relevant vendor-specific credentials.
• Scripting proficiency in Python, PowerShell, KQL (Kusto Query Language), or Kibana Query Language.
• Strong analytical mindset with the ability to process large datasets, detect threats, and identify misconfigurations.
• Excellent written and verbal communication skills for documenting findings and engaging stakeholders.

If you are interested in this role please feel free to submit your CV

Many thanks,