Significant experience of working SIEM engineering with SOC services.
Proven expertise on different log sources, API integration and building custom SIEM parsers.
Hands on experience in deployment of SIEM tools to monitor SaaS, IaaS and PaaS assets.
Competent in designing, administering, troubleshooting. optimising SIEM and other monitoring platforms tools i.e Microsoft Sentinel, AWS GuardDuty, AWS CloudTrail.
Experience of security governance of a large organisation and control implementation of security and regulatory frameworks i.e. ISO27001, Network and Information Systems Regulation, PCI-DSS, Cyber Essentials, Smart Energy Code or Retail Energy Code.
Holder of a professional qualification CCSP, CISSP, Microsoft Certified Azure Engineer, AWS Certified Security Specialty (SCS-C02).
Responsibilities:
Define the cloud security monitoring framework and architecture, ensuring it meets the business goals on security and resilience to optimal effect.
Deliver log collection across hybrid estate including firewalls, IDS, endpoints, servers, applications, IaaS, PaaS and SaaS.
Collaborate, to develop, implement and test SIEM rules and alerting
Document and implement cloud security monitoring and transition to managed security monitoring operations/SOC.