assisting a client who operate in a regulated industry, financial services, who are currently embarking a programme of work focused on maturity/designing and implementing security posture utilising SIEM tools such as Google Chronicle & implementing UEBA/SOAR (Security Orchestration, Automation, and Response/User and Entity Behaviour Analytics) built on GCP/Google Cloud so Google SecOps/… Security Operations experience is highly desirable. Key Responsibilities; - Enable and validate UEBA alerting within Chronicle SIEM, based on log sources - Deliver a minimum viable UEBA capability with tested detection logic - Provide engineering support to accelerate onboarding of log sources required for UEBA enrichment and detection fidelity - Demonstrate the ability to work with Google Chronicle and SecOps APIs, specifically for the … Design and implement detection use cases aligned to MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs - BindPlane - MITRE ATT&CK - Strong SOC background - SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December, possibly longer - Hybrid More ❯
assisting a client who operate in a regulated industry, financial services, who are currently embarking a programme of work focused on maturity/designing and implementing security posture utilising SIEM tools such as Google Chronicle & implementing UEBA/SOAR (Security Orchestration, Automation, and Response/User and Entity Behaviour Analytics) built on GCP/Google Cloud so Google SecOps/… Security Operations experience is highly desirable. Key Responsibilities; - Enable and validate UEBA alerting within Chronicle SIEM, based on log sources - Deliver a minimum viable UEBA capability with tested detection logic - Provide engineering support to accelerate onboarding of log sources required for UEBA enrichment and detection fidelity - Demonstrate the ability to work with Google Chronicle and SecOps APIs, specifically for the … Design and implement detection use cases aligned to MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs - BindPlane - MITRE ATT&CK - Strong SOC background - SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December, possibly longer - Hybrid More ❯
assisting a client who operate in a regulated industry, financial services, who are currently embarking a programme of work focused on maturity/designing and implementing security posture utilising SIEM tools such as Google Chronicle & implementing UEBA/SOAR (Security Orchestration, Automation, and Response/User and Entity Behaviour Analytics) built on GCP/Google Cloud so Google SecOps/… Security Operations experience is highly desirable. Key Responsibilities; - Enable and validate UEBA alerting within Chronicle SIEM, based on log sources - Deliver a minimum viable UEBA capability with tested detection logic - Provide engineering support to accelerate onboarding of log sources required for UEBA enrichment and detection fidelity - Demonstrate the ability to work with Google Chronicle and SecOps APIs, specifically for the … Design and implement detection use cases aligned to MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs - BindPlane - MITRE ATT&CK - Strong SOC background - SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December, possibly longer - Hybrid More ❯
from the SOC. The Lead Incident Response Specialist will have the following responsibilities - Develop and refine incident response standard operating procedures and playbooks Operate and maintain controls related to SIEM, DLP, Vulnerability Management, Cyber Threat Intelligence, Endpoint Protection To ensure incident response efforts and documentation comply with industry standards and best practices like GDPR, SOC, NIST & ISO The LeadIncident Response … Specialist will need to have the following skills/experience - 5+ years experience working within Incident Response or similar Previous experience operating and maintaining IT security controls related to SIEM, DLP, Vulnerability Managementand Cyber Threat Intelligence Must have practical commercial experience of IT Security analysis and engineering experience including securing systems, networks and infrastructure; operational support Previous working within More ❯
growth, collaboration, and working on cutting-edge projects that truly matter. What You Will Do: - Monitor, investigate, and analyse insider-related alerts and activities across advanced security platforms, including SIEM, DLP, UEBA, and EDR. - Identify patterns, anomalies, and behaviours that could indicate insider threats such as data exfiltration, fraud, or misuse of privileges. - Conduct thorough behavioural risk assessments by combining … equivalent practical experience. - At least three years of experience in cybersecurity operations, insider threat programmes, SOC, or similar investigative roles. - Familiarity with insider risk tools and technologies such as SIEM, DLP, UEBA, and EDR. - Strong analytical and investigative skills, with the ability to communicate findings effectively to technical and non-technical stakeholders. - A high level of integrity and discretion when More ❯
growth, collaboration, and working on cutting-edge projects that truly matter. What You Will Do: - Monitor, investigate, and analyse insider-related alerts and activities across advanced security platforms, including SIEM, DLP, UEBA, and EDR. - Identify patterns, anomalies, and behaviours that could indicate insider threats such as data exfiltration, fraud, or misuse of privileges. - Conduct thorough behavioural risk assessments by combining … equivalent practical experience. - At least three years of experience in cybersecurity operations, insider threat programmes, SOC, or similar investigative roles. - Familiarity with insider risk tools and technologies such as SIEM, DLP, UEBA, and EDR. - Strong analytical and investigative skills, with the ability to communicate findings effectively to technical and non-technical stakeholders. - A high level of integrity and discretion when More ❯
