Cyber Security Engineer SoC/SIEM
malvern, midlands, united kingdom
Methods Business and Digital Technology
log parsing, and agent deployment. Detection Engineering & Threat Rules: Develop and tune custom detection rules using ESQL, EQL, and Lucene syntax to identify malicious activity. Use MITRE ATT&CK-aligned techniques and contribute to the design of the detection roadmap. Create and maintain bespoke investigation guides to assist SOC analysts in conducting triage and escalation. … during client interactions and project reviews. Desirable Skills and Experience Prior experience in Defence, Government, or Critical National Infrastructure environments. Familiarity with security frameworks such as MITRE ATT&CK, NIST CSF, or ISO 27001 including how to map TTP's to Rule coverage. Experience with SOAR or SIEM enrichment tools (e.g., TheHive, MISP, Cortex). More ❯
Posted: