Security Incident and Event Management SME - West End

IT/Information/Cyber Security
Ref: 146 Date Posted: Monday 28 Nov 2022
LinkedIn ShareShare
Location:              London
Reports to            IT Systems Management Tooling Lead
Salary:                  £49,482 -  £59,582
 
The Role
 
How would you like an exciting and high-reaching role providing security tooling!
 
As part of a successful and growing team, you'll provide deep hands-on expertise, in designing, implementing, and improving SIEM (Security and Incident Event Management), and security tooling!
 
This critical role ensures that the cyber security tooling used remains relevant and protects the College from the continuously evolving threats, which could cause the College material damage to its finances, teaching, learning, and/or reputation. The role will be responsible for an industry-leading suite of security tools, including a large enterprise Splunk Cloud implementation with security and service intelligence capability, a Security Orchestration, Automation and Response (SOAR) provision, and additional cyber security tooling.  The role would suit someone who has a detailed understanding of cyber security and experience building SIEM toolsets and wants to work in an environment where we consistently push the capabilities of security tools, in an environment that is constantly seeing change. You'll also be investigating and implementing opportunities for our SOAR tool to automate responses to real-time threats.
 
Duties and responsibilities
 
  • As a Security Incident and Event Management SME you will work within the Systems Management Tooling team, among a team of specialists where we provide tooling for a wide variety of business needs.
  • You will need to understand SIEM tools, logs, and events and how to build data feeds into Splunk in a CIM format.
  • You will provide a critical role in working to improve the SIEM and Security tooling capability within the college.
  • Along with the SIEM toolset, you will be responsible for a collection of threat hunting and cyber security monitoring toolsets
  • Working with the Security Experience team to provide security data, build dashboards, write queries, and provide advice to support their aim of identifying security threats.
 
Essential requirements
 
  • Strong knowledge of SIEM (Splunk) tools
  • A proven background in using a SIEM tool, including onboarding data feeds in a CIM format.
  • Knowledge and experience of cyber security threats and using a SEIM toolset to identify and protect against them
  • Experience with cyber security tooling, including SOAR and vulnerability discovery and remediation toolsets.
  • Experience working in a hybrid environment that includes both onsite and cloud infrastructure.
  • Degree or equivalent, preferable in computer systems/solutions infrastructure / or technology-related innovation or comparable
 
Benefits
  • A generous holiday allowance of 25 days per annum (plus 6 college closure dates)
  • Flexible working which includes a mix of onsite and remote working