Azure Sentinel SIEM Consultant - £80,000 - £90,000 + Depending on Experience
Azure Sentinel, SPLUNK, Design, Architect, Dashboard content SQL, KQL
A global MSSP (Managed Security Services Provider) is seeking a SIEM Expert to work alongside the group SOC function to take responsibility for supporting the delivery of Azure Sentinel SIEM solutions to its large well known clients. The role requires a detail oriented professional with an extensive SIEM background. You may have gained this with other vendor solutions such as Arcsight, LogRhythm QRadar or preferably SPLUNK but have a sound knowledge of Azure Sentinel. The SIEM Expert will be called upon to understand the clients requirements and recommend the appropriate SIEM solution to meet those requirements. You will support the SIEM solutions team with Architecture and Design documentation.
You will be strong technically, have great communication, and customer facing skills and you will excel your career within this organisation guaranteed.
Day to day responsibilities
- Understand customer requirements and recommend best practices SIEM solutions
- Offer consultative advice in security principles and best practices related to SIEM operations
- Developing new SIEM rules, correlations, dashboards to meet the customer needs
- Design and document a SIEM solution to meet the customer needs
- Assist in the creation and verification of Statement of Work (SOW) documentation
- Assist pre-sales with SIEM sizing, Architecture, RFP's and client technical meetings
- Deploy and configure the SIEM platform as per Vendor guidelines and industry Best Practices
- Assist client with technical guidance to configure end log sources in-scope to be logged to the SIEM
- Verification of data of log sources in the SIEM follow the Common Information Model (CIM)
- Document the build of the SIEM solution
- Experience with Azure Sentinel SIEM platform.
- University degree in information security or equivalent work experience
- Preferred SIEM vendor certification of administrator
- Experience and proficient in UNIX/Linux
For immediate consideration, or to discuss this position in confidence in more detail please apply or call.