Security Monitoring Lead - Yorkshire
My client are hiring for a Security Monitoring Lead on a permanent basis.
What would you be responsible for in this role?
Work with our managed SOC Provider to ensure that Splunk SIEM (Security Information and Event Management) platform is appropriately documented and managed.
Provide quality assurance over incident alerting, reviewing analysts work and feeding back clarifications and best practice.
Develop and maintain documented incident response plans and contribute to the enhancement of the incident detection.
Investigate security alerts, working with the Incident Handling team on response activities.
Expand the SIEM solution to ingest more log sources, develop use cases and complete on-boarding of equipment.
Work with the project delivery function to ensure Security Logging and Monitoring is incorporated and delivered according to project timescales.
Management and evaluation of security incidents and alerts to identify opportunities for appropriate tuning and enhanced detections.
Use advanced analytic tools to determine emerging threat patterns and vulnerabilities.
Investigate business requirements and generate reports for technical and non-technical stakeholders.
Provide subject matter expertise, training and management support to the Cyber Security Operations team and wider IT Community.
Keep up to date with the latest security and technology developments by researching and evaluating emerging cyber security threats and new approaches to management and resolution.
Communicate with stakeholders findings and area for invitation/remediation
What would we like to see in you?
In-depth knowledge of concept, procedures and processes of SIEM solutions specifically Splunk. Ability to utilise related applications to protect organisational networks and cloud services from cyber risks.
Expert knowledge of the processes, tools and techniques of information security management, ability to deploy and monitor information security systems, as well as detect, resolve and prevent violations of IT security, to protect organisational data.
Extensive knowledge of techniques, approaches and processes for digital threats; ability to detect, monitor and analyse.
Knowledge of cloud security tools and monitoring cloud deployments.
A good understanding of security approach to cloud computing and hybrid cloud deployments.
Experience of mentoring and leadership.
Evidence of continuous professional development in the Cyber Security field.
Strong communication skills to a wide variety of stakeholders.
A willingness to learn new technologies, improve on current skillset and willing undertake training where required.
A quick thinker, pragmatic in approach with the ability to balance the business needs with security requirements.