2 of 2 Contract SIEM Engineer Jobs in the Midlands

My client, a leading IT Security focused Managed Services Provider is looking to hire a new SIEM focused SOC Engineer for a 6 month project based in Birmingham. The primary function of the Senior SOC Engineer is to enhance our security operations capabilities. This role requires deep expertise in SIEM platforms, including Splunk, IBM QRadar, Microsoft … Chronicle, with a strong focus on playbook development, analytical rule creation, and threat modelling. You will be instrumental in building and optimizing our detection and response strategies. Job Duties SIEM Engineering & Management Deploy, configure, and maintain SIEM platforms (Splunk, QRadar, Sentinel, Defender, Chronicle). Onboard and normalize log sources across cloud and on-prem environments. Develop and optimize … analytical rules for threat detection, anomaly detection, and behavioural analysis. Skills Must be able to obtain SC Clearance or already hold SC clearance. SIEM Expertise: Hands-on experience with at least two of the following: Splunk IBM QRadar Microsoft Defender for Endpoint Microsoft Sentinel Google Chronicle Technical Skills: Strong knowledge of log formats, parsing, and normalization. Experience with KQL More ❯

components to ensure visibility and completeness of data collection. Linux Proficiency: Administer and troubleshoot Linux-based systems, with command-line fluency and Scripting ability (eg Bash, Python) to support SIEM operations, log parsing, and agent deployment. Detection Engineering & Threat Rules: Develop and tune custom detection rules using ESQL, EQL, and Lucene syntax to identify malicious activity. Use MITRE ATT … SOC analysts in conducting triage and escalation. SOC Maturity & Policy Development: Contribute to the development of SOC processes and policies, including detection logic life cycle, alert tuning procedures, and SIEM configuration governance. Play a key role in maturing the operational use of SIEM tooling and automation within the SOC environment. Defence Writing & JSP Familiarity: Prepare formal documentation in … Infrastructure environments. Familiarity with security frameworks such as MITRE ATT&CK, NIST CSF, or ISO 27001 including how to map TTP's to Rule coverage. Experience with SOAR or SIEM enrichment tools (eg, TheHive, MISP, Cortex). Knowledge of additional log forwarding/processing tools (eg Elastic Agent, Fluentd). Exposure to vulnerability management and threat intelligence platforms such More ❯