Google SecOps Engineer (SOAR/UEBA) - Outside IR35
I am currently assisting a client who operate in a regulated industry, financial services, who are currently embarking a programme of work focused on maturity/designing and implementing security posture utilising SIEM tools such as Google Chronicle & implementing UEBA/SOAR (Security Orchestration, Automation, and Response / User and Entity Behaviour Analytics) built on GCP/Google Cloud so Google SecOps/Security Operations experience is highly desirable. 
 
Key Responsibilities; 
- Enable and validate UEBA alerting within Chronicle SIEM, based on log sources 
- Deliver a minimum viable UEBA capability with tested detection logic 
- Provide engineering support to accelerate onboarding of log sources required for UEBA enrichment and detection fidelity 
- Demonstrate the ability to work with Google Chronicle and SecOps APIs, specifically for the purpose of updating and managing reference data 
- Conduct current state assessment of detection engineering capabilities and log source coverage 
- Design and implement detection use cases aligned to MITRE ATT&CK framework 
- Enable SOAR integration by identifying high-fidelity detections and mapping 
 
Key Technical / IT Security Skills; 
- Chronicle SIEM 
- Google SecOps 
- UEBA Tooling 
- Windows Event Logs 
- BindPlane 
- MITRE ATT&CK 
- Strong SOC background 
- SOAR playbooks 
- GCP 
 
Finer Details; 
- Outside IR35 
- Contract until End of December, possibly longer 
- Hybrid, 4 times a month in the London office 
 
Please apply for consideration 
- Company
- SF Recruitment
- Location
- London, South Bank, United Kingdom
- Employment Type
- Contract
- Salary
- £500 - £700/day
- Posted
- Company
- SF Recruitment
- Location
- London, South Bank, United Kingdom
- Employment Type
- Contract
- Salary
- £500 - £700/day
- Posted