SIEM Engineer (FortiSIEM)
Some travel to Ipswich (Mainly remote)
Daily rate - Inside IR35
* Assist Build Production FortiSIEM System
* Assist in Full Component Resilience Testing (Pre-Prod/Production)
* Assist in Log Source On-Boarding/Parser Testing/Configuration
* Assist in Agent Deployment
* Assist in Playbook Implementation
* Assist in ServiceNow Integration - Incident Log Creation
* Assist in Team BAU Training
* Configuration and Management: Installing, configuring, upgrading, and maintaining the FortiSIEM platform
* Threat Detection & Analysis: Developing, tuning, and managing correlation rules and dashboards to identify potential security incidents in Real Time across both IT and OT networks.
* Incident Response: Supporting security operations centre (SOC) analysts in investigating incidents detected by FortiSIEM, performing deep dives into logs, and utilising automated incident mitigation scripts.
* Monitoring and Reporting: Monitoring system performance, availability, and change analysis, and generating compliance reports (eg, ISO 27001, GPG13, NIST standards) for regulatory requirements.
1. Integration: Integrating various data sources, including logs, performance metrics, and threat intelligence feeds, from diverse devices (Firewalls, Servers, applications, etc.) into the SIEM f...