Found Description
Salary: £? - ? per year
Requirements
- Active DV clearance is essential.
- Strong experience in SOC or cyber security operations.
- Hands-on experience with SIEM platforms such as Splunk, Sentinel, or Elastic.
- Ability to develop and tune detection rules and alerts.
- Experience with incident response and threat analysis.
- Knowledge of MITRE ATT&CK, IOCs, and TTPs.
- Familiarity with SOAR tools and automation.
- Scripting experience such as Python, PowerShell, or Bash is beneficial.
Responsibilities
- Monitor, investigate, and respond to security incidents across secure environments.
- Develop and tune SIEM detection rules and correlation logic.
- Support SIEM and SOAR tooling optimisation and automation.
- Integrate and onboard log sources to improve visibility across systems.
- Conduct threat analysis, including TTPs and IOCs.