SIEM Engineer; Security Information and Event Management - SC CLEARED and Remote

SIEM Engineer (Security Information and Event Management) - SC CLEARED - Wokingham and Remote (3 months)

One of our Blue Chip Clients is urgently looking for a SIEM Engineer (Security Information and Event Management).

CANDIDATES MUST HOLD ACTIVE SC CLEARANCE

• SIEM Deployment & Management – Set up, configure, and maintain SIEM tools like Sentinel, Elastic
• EDR deployment, configuration & management – experience with tools like Tanium, Trellix, Fire Eye, Defender, Elastic EDR
• Threat Detection & Analysis – Monitor security logs, detect anomalies, and investigate potential threats
• Experience configuring Syslog Servers and maintaining and configuring syslog feeds
• Log ingestion Creation for Sentinel – Deploy OOTB integrations & develop & deploy custom integrations for various log source types
• Collaboration – Work with IT and security teams to improve overall cybersecurity posture

• Technical expertise:
  Strong knowledge & experience in security engineering with SIEM & EDR platforms, network security, and understanding of cybersecurity frameworks
• Certifications:
  
  CISSP, CEH, GIAC, or vendor‑specific SIEM certifications, AZ‑500, SC‑100, etc.
• Programming & Scripting:
  Familiarity with Python, Power Shell, KQL (Kusto query language), Kibana Query Language or other scripting languages
• Analytical Thinking & problem solving:
  Ability to analyze large datasets and identify threats, mitigations, misconfigurations, etc.
• Communication
  
  Skills:
  
  Ability to document findings and communicate effectively with stakeholders

Please send CV for full details and immediate interviews. We are a preferred supplier to the client.