Cyber Security Engineer - SIEM

  • Job Reference: ST/7338
  • Date Posted: 18 November 2019
  • Recruiter: 2 Source Talent
  • Location: Manchester
  • Salary: £50,000 to £55,000
  • Sector: IT & Informaton Security
  • Job Type: Permanent
  • Work Hours: Full Time
  • Contact: Admin admin
  • Email:

Job Description

Our client who is a technology-driven business focussing on integrated solutions from public to private cloud, business systems to security services. They are looking for a Cyber Security Engineer to join their rapidly growing Cyber team. As a Cyber Security Engineer, you will be responsible for being the technical lead for all SIEM and security platforms.



  • This is a hands-on technical role and requires a high level of technical ability across a variety of security systems, particularly within Microsoft.
  • Although the focus is on Cyber Security, broad knowledge and/or experience of modern IT systems and infrastructure is necessary.
  • You will establish and maintain processes, tooling and metrics that help provide a high level of productivity, supportability, and operational readiness
  • Intrusion Analysis:
  • Cyber Security Incident Response: 
  • Threat Assessment
  • You will be the technical lead for AlienVault and Azure Sentinel as the core SIEM offering

·        Configure and develop SIEM tooling, and associated toolsets, to deliver effective and efficient SOC services through automation and orchestration, and to increase MTTD whilst reducing false positives and negatives.


Skills and Experience:

  • A thorough understanding of internet communications protocols and in-depth packet analysis, including knowledge of how these protocols are commonly secured.
  • An understanding of multiple operating systems and their programming interfaces such as UNIX Shell and PowerShell
  • An understanding of cryptography and related concepts and principles
  • An ability to undertake coding tasks using various languages
  • An understanding of Cyber Incident Response and how to identify if an incident has occurred and how to assess and limit the impact it may have.



  • Extensive work experience within the SIEM/SOC environment.
  • Experience of configuration management tools, host virtualisation, SIEM tools, containerisation, vulnerability scanners, proxies, WAFs
  • Experience in secure AWS, or other, Cloud architectures and engineering solution