United Kingdom, remote with occasional travel to Birmingham.
*PLEASE NOTE – DUE TO THE NATURE OF THE ROLE WE REQUIRE CANIDIDATES WHO HAVE THE RIGHT TO WORK IN THE UK AND ARE ELIGIBLE FOR SECURITY CLEARANCE.
As a SIEM Engineer, you will primarily be responsible for the professional support and delivery of infrastructure to our Managed Detection & Response clients.
We are looking for a candidate with previous experience in administering various flavours of Linux operating systems in a Microsoft Azure environment. Ideally, you will have been working with the technology stack comprising our SIEM platform including Elastic, Sentinel, and platform as a service (PaaS) tools like Docker.
You will be familiar with industry standard frameworks such as ITIL and the CIS Hardening Guides, and have working knowledge of Jira, GIT and other key deployment tools.
You will have excellent organisational and communication skills (both oral and written), and attention to detail. You should be comfortable conversing on the phone or in a video call with internal and external stakeholders as well as technical and management resources from other parts of the organisation.
Microsoft Sentinel Responsibilities
- End-to-end deployment of Azure Sentinel
- Configuration of data connectors for security events, threat intelligence platforms, Linux Syslog, Office 365, etc.
- Configuration of Linux Syslog servers for ingestion of logs via Log Analytics agents
- Create custom analytics rules to detect threats
- Build dashboards for clients and visualise collected data
- Manage client infrastructure including Linux servers and various Azure capabilities
- Proactively identify potential issues in systems and technology stacks, and coordinate with other team members to ensure operational issues do not impact client-facing SLAs
- Monitoring and troubleshooting of functional and performance issues
- Implementation of hardening measures and security baselines
- Acting as a point of escalation in service incidents
- Testing and validation of new technologies to be integrated into future architecture releases of our containerised platforms
Want to be part of the team?
Apply by sending your CV and cover letter to firstname.lastname@example.org