Hortor

SIEM Incident Manager

Click Here to Apply

Job Location

UK, United Kingdom

Job Description

SIEM Incident SME - Contract (DV Cleared)

Rate:£550pd - £650pd Inside IR35

Duration:6 months

Locations:Hybrid and then onsite 2/3 days per week in one of the following locations:Corsham, Portsmouth or Northallerton


Due to client requirements, all applicants must require the following, to be considered for this role:

  • Must holdactive DV Clearancethat has not lapsed
  • Security Information and Event Management/Incident Management experience


Role Description:

We are seeking a skilledSIEM / Incident Subject Matter Expertto join our clients expanding cybersecurity team. In this role, you will be responsible for designing, delivering, and maintaining operational cybersecurity capabilities. Your focus will be on conducting proactive, risk-based monitoring on priority C4IS/networks to identify both internal and external cyber threats and attacks.


Responsibilities:

  • Develop and integrate security event monitoring and incident management services.
  • Respond to security incidents as part of an incident response team.
  • Implement metrics and dashboards for enhanced visibility into the Enterprise infrastructure.
  • Utilize the SOAR platform for playbook automation and case management to streamline processes.
  • Produce documentation to ensure repeatability and standardization of security operating procedures.
  • Enhance investigative methods using SOC software toolsets for better analysis recognition.
  • Maintain a baseline of system security in line with the latest threat intelligence and trends.
  • Participate in root cause analysis of incidents with enterprise engineers.
  • Provide SME guidance on various information security standards and best practices.
  • Offer strategic and tactical security guidance, including evaluating technical controls.
  • Engage in the CRM process and collaborate with SOC engineers to maintain up-to-date security alert dashboards.
  • Document, validate, and create operational processes to aid SOC development.
  • Assist in prioritizing and coordinating the protection of critical cyber defense infrastructure.
  • Build, install, configure, and test dedicated cyber defense hardware.
  • Support junior analysts in managing SOC systems.


Essential Experience:

  • Must hold active DV Clearance
  • Experience with ELK (Elastic, Logstash, Kibana) and Tanium.
  • Familiarity with Enterprise ICS/network architectures and technologies.
  • Proficient in SIEM solutions, including use case identification, creation, deployment, and tuning.
  • Previous experience mentoring or coaching junior analysts.
  • Knowledge of MITRE ATT&CK and Cyber Kill Chain frameworks.
  • Skilled in maintaining Microsoft directory services and using virtualization software.
  • Understanding of key security frameworks (e.g., ISO, NIST 800-53, 800-171, 800-172, C2M2).
  • Excellent communication skills, particularly in writing Defense/Government documentation.


Desirable Qualifications:

  • Broad Spectrum Cyber Course (SANS SEC401 or SEC501 or equivalent).
  • SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent).
  • Advanced Analyst Course (SANS SEC503 or equivalent).

ADZN1_UKTJ



Location: UK, GB

Posted Date: 11/27/2024
Click Here to Apply
View More Hortor Jobs

Contact Information

Contact Human Resources
Hortor

Posted

November 27, 2024
UID: 4928311215

AboutJobs.com does not guarantee the validity or accuracy of the job information posted in this database. It is the job seeker's responsibility to independently review all posting companies, contracts and job offers.