SIEM Engineer - SC Cleared - inside IR35

• responsible for design and configuration of the protective monitoring capabilities.
• work with the SIEM Product Owner and SIEM Architect to ensure the smooth functioning of SIEM and SOC systems that provide detection capabilities within the Cyber Defence function.
• Configure the EDF managed SIEM correctly with appropriate data sources and keep the design collateral up to date.
• expertise in Microsoft Sentinel, Defender EDR, AWS, Azure, and cloud environments.
• Candidates must also have strong communication and stakeholder management skills.
• Remote working role - occasional monthly visit to offices in South West
• Build the SIEM alerting rule set that meets the requirement to alert SOC analysts to events of interest
• Ensure that the SIEM services operated by our partners are assured and integrate appropriately with systems
• Work with the Cyber Defence team leads to inform the tactical roadmap of SIEM products and services
• Work with IT teams to optimise logging from their systems to the SIEM with sufficient event data to support the alerting requirements.
• Align the SIEM use cases to a common framework (eg Mitre ATT&CK) to demonstrate coverage to the business.
• experience using, designing and configuring SIEM platform(s).
• collecting and reviewing data from multiple logging sources and ensuring suitable alerting and query rules are in place to exploit these.
• integrating common security systems (EDR/IPS/Firewall/Audit) with SOC and SIEM.
• configuration and performance of the organization's security monitoring system to business customers.
• awareness of cyber incident response and associated toolsets and their capabilities.
• Familiarity of the NIST 5 domains identify, protect, detect, respond and recover
• handle multiple competing priorities in a fast-paced environment working effectively with technical and non-technical business owners face to face and virtually.

It is a requirement of this role that you either hold or can obtain and maintain Security Check (SC) clearance.