SIEM Administrator – Global Brand – Enterprise & Fast pace – Leeds REF 884

Published
September 29, 2020
Location
LEEDS, United Kingdom
Category
Job Type
Salary
£NEG + Bens

Description

  • Salary:  £NEG
  • Education Requirements - none but degree preferred or commercial exposure
  • Experience Requirements - Expert
  • Industry - Technology
  • Location: Leeds
  • Qualifications - Any MS or Security Relevant Quals
  • Responsibilities - see below list within spec
  • Skills - see below list within spec
  • Work Hours - The role will initially require 3 days in the office per week but normal working practises will apply post Covid.

Principal Duties, Responsibilities & Accountabilities:

The role of the SIEM Administrator will be to work closely with our security team to develop and deliver solutions to gain visibility of security events within our environment. Build new or develop existing event correlation, reporting and remediation capabilities based on advanced monitoring use cases, external threat intelligence, and known traffic patterns. Regularly review Audit Logs to recognise both normal and abnormal activity.

Responsibilities: 

  • Develop and enhance security policies, processes, procedures and technical controls to strengthen security capabilities and resilience to cyber threats
  • Take a proactive role in identifying security risks, mitigations and opportunities to strengthen resilience to cyber-attacks and security incidents
  • Participate in the design and implementation of systems and applications to ensure that proposed solutions comply with the company’s IT Security policies
  • Assist with security incident management and response activities
  • Interact with the IT team to provide and share technical issue resolution knowledge and deployment/adoption processes best practices
  • Provide analysis of information security risk and issues of non-compliance
  • Manage, maintain, optimise and tune the Microsoft Sentinel SIEM solution, ensuring all key systems send activity information to the SIEM solution and that the solution recognises and differentiates between both normal and abnormal system activites
  • Investigate unusual behaviour highlighted by SIEM, reporting potential threats or malicious activity and support security incident response efforts as required
  • Develop dashboards and reports for monitoring of real-time log data, that clearly report on and highlight critical events
  • Provide internal training, support and knowledge transfer to other Information Security team members, to enable efficient management of SIEM related processes

Skills:

  • Experience and good understanding of Microsoft technologies including: Azure Active Directory, Windows Server, and M365
  • An in depth knowledge of the Microsoft Sentinel SIEM solution and configuration best practice and use
  • Use of advanced security assessment tools
  • Basic understanding of firewall and intrusion detection system administration
  • Basic understanding of TCP/IP
  • Ability to tune and harden various operating systems
  • Ability to use security systems to correlate and respond to security alerts and events

Detailed knowledge of

  • SIEM administration, log investigation, analysis and reporting
  • Common exploitation tools, tactics and procedures
  • Persistent attacks, detection methods and how malicious software persists on compromised systems. Security incident response procedures and best practices

We believe this is an excellent opportunity for candidates who have a strong understanding of IT security with experience of working in a fast-paced environment.

Apply
Drop files here browse files ...

Read our Privacy Policy