• Location: Reading, England
  • Date Posted: 14th Jan, 2022
  • Reference: 7234612

Job Description


The role will involve actively researching new threats and creating detection rules that can be leveraged by our SIEM platforms as well as creating rules to meet our client base requirements. Whilst the role focuses on the creation of detection rules, you will work closely with our Security Orchestration, Automation, and Response (SOAR) engineering team to develop appropriate playbooks to help our Cyber Security Operation Centre (CSOC) Analysts respond to the incidents generated.



Role & Responsibilities


* Act as a subject matter expert on cloud security, Incident detection, and response.


* Research and develop new detection rules to identity security incidents across our SIEM platforms


* Work alongside our SOAR Engineers to design response actions to newly created detection rules


* Work alongside CSOC Analysts to improve the speed of response and capture information of security incidents


* Work alongside our Azure teams to ensure newly created rules and response actions are deployed across the required environments through DevOps.



Skills & Qualifications


* Experience working within a Security Operation Centre (SOC)



* Experience creating detection rules within a SIEM to detect threat


* Experience with KQL queries


* Experience with Azure Sentinel or an alternative SIEM solution.