SIEM Engineer

Overview

Role: SIEM Engineer
Duration: 3 Months +
Location: Birmingham - Hybrid
Rate: £509 per day (Inside IR35)

Responsibilities

• SIEM Solution Development:
  • Collaborate with security analysts and architects to design and implement SIEM solutions using Elasticsearch.
  • Optimize SIEM rules, alerts, and dashboards for efficient threat detection.
• Collaboration:
  • Collaborate effectively with others to drive forward key security objectives.
• Query Optimization and Performance Tuning:
  • Write efficient Elasticsearch queries to retrieve relevant security events.
  • Monitor and manage the performance of the SIEM infrastructure.
• Security Engineering:
  • Contribute to security engineering projects, transitions, and transformations.
  • Work closely with security operations and associated security incident response systems.
  • Stay informed about emerging threats and security best practices.

Skills Required

• 3 years + experience working in a Cyber Security Engineer / SIEM Engineer role.
• Experience setting up access controls, authentication and encryption using Elastic Security features.
• Knowledge of detection rule development, including the ability to create, test and optimise detection rules to identify suspicious activities and potential threats.
• Performance Tuning with Elasticsearch and Logstash including fine-tuning query performance using Elasticsearch indices and mappings.
• Experience of monitoring Logstash pipelines.
• Experience with Kibana visualization and monitoring, creating custom visualizations to track data quality metrics and systems performance.
• Knowledge of offensive testing frameworks advantageous.