Cyber Security Engineer - SIEM/SPLUNK - Contract

SOLA Group
London (Central), London (Greater)
Up to £550 p/d
12 Oct 2018
09 Nov 2018
Job Type

Cyber Security Engineer - SIEM/SPLUNK - Contract 

The Cyber security Engineer will be responsible for working with our Cyber security's SIEM platform based on Splunk, engineering and implementing data collection, storage and analysis solutions in the cloud.

This position will be responsible for the health, accuracy and maintenance of the Splunk application on a go-forward basis. The role will involve architecting upgrades and proactively seeking out improvements in the application while working with operations and support teams to implement these upgrades and enhancements. This role will also involve designing Splunk queries that assist the cybersecurity department in identifying potentially malicious activity and assisting other teams to make better data driven decisions.

This position requires technical background in Information Security practice, and solid communication and organization skills. The successful candidate is very motivated and willing to take on challenges, able to multi-task to succeed and has the ability work independently and with minimal oversight.

The Information Security team is responsible for helping the organization balance risk by aligning policies and procedures with the business requirements. The team is responsible for the development, enforcement and monitoring of security controls, policies and procedures, and for the delivery of security services. The Information Security team sets strategic direction for security within the organization and aligns with stakeholders throughout the company.

The role and requirements:

  • Work as part of the Cyber-security program, assisting various departments and individuals to on-board new data sources.
  • Work with other Cyber-security teams such as Incident Response.
  • Keep current on external and internal threat behaviours. Translate these behaviours into search language queries in the SIEM platform.
  • Partner with system owners to identify upcoming end of life components, and plan track their decommissioning.
  • Strong knowledge of regulatory standards that govern Information Security Incident Response and Investigation practices such as state and federal privacy laws, Electronic Communications Privacy Act.
  • Ability to work in a time-sensitive environment; must be detail oriented and able to multitask to meet deadlines and company objectives
  • Hands-on experience managing SEIM platforms. Strong familiarity with Splunk architecture, implementation, management and maintenance.
  • Construct advanced reports, dashboards and alerts using Splunk and other cloud native analysis tools. Operationalize these capabilities with documentation in the form of standard operating procedures.

Successful candidates are ideally eligible for SC and open to European travel.