Security Engineer - SIEM - sought by investment bank based in London - Contract - Hybrid
*Inside IR35 - umbrella*
Key Responsibilities
1. SIEM Management & Optimization:
* Design, implement, and maintain Microsoft Sentinel workspaces, connectors, analytics rules, and playbooks
* Develop advanced KQL queries for threat hunting and reporting
* Optimize SIEM performance, cost, and data retention policies
* Troubleshoot log ingestion and parsing issues
2. Log Source Integration:
* Onboard and configure critical log sources (AD, firewalls, servers, cloud infrastructure)
* Manage event collection and forwarding infrastructure
* Implement data filtering and custom log parsing
3. Threat Detection & Use Case Development:
* Develop and refine detection rules based on threat intelligence and attack patterns
* Continuously improve detection efficacy and reduce false positives
4. Security Monitoring & Incident Response:
* Monitor systems for anomalies and malicious activity
* Contribute to threat hunting and incident response playbooks
* Provide expert guidance on securing applications and infrastructure
5. Security Advisory & Innovation:
6. Support PoCs for new secur...