The Security SIEM content engineer role is responsible for providing operational leadership and support for the group SIEM infrastructure.
As part of the Security Operations Team, the candidate will work closely with his direct manager to identify potential uses cases and report on metrics generated.
Take ownership of the SIEM infrastructure, monitor the health status and size it properly. Ensures optimal operation of SIEM filters, rules, expressions, reports, data monitors and other identification mechanisms of the threat and vulnerability management technologies.
Provide operational ownership of SIEM infrastructure & services, identifying potential use cases, implement new log sources and work to deliver meaningful alerts to our SoC.
Analysing, designing, developing and delivering solutions to stop adversaries Identifying threats Work closely with management to establish and deliver consistent technical direction and report security alerts which have been addressed and which not. ...