We specialise in delivering cutting‑edge IT and cybersecurity solutions to our diverse client base. We provide expert‑managed services to help clients protect their data, comply with regulations, and manage evolving cyber threats. We are looking for a skilled Information Security Manager to join our team and be billed out to a key client to enhance their information security posture.
Responsibilities
* Enhance security operations capabilities and build sophisticated detection and response strategies.
* SIEM Engineering & Management: Deploy, configure, and maintain SIEM platforms such as Splunk, IBM QRadar, Microsoft Defender, Microsoft Sentinel, and Google Chronicle.
* Onboard and normalize log sources across cloud and on‑prem environments.
* Develop and optimise analytical rules for threat detection, anomaly detection, and behavioural analysis.
* Playbook Development & Automation: Design and implement incident response playbooks for various threat scenarios, integrate playbooks with SOAR platforms, and continuously refine playbooks based on threat intelligence and incident feedback.
* Threat Detection & Response: Monitor and analyse security alerts and events to identify potential threats, perform in‑depth investigations, coordinate incident response activities, and collaborate with threat intelligence teams to enrich detection logic.
* Threat Modelling & Use Case Development: Conduct threat modelling exercises using frameworks such as MITRE ATT&CK, STRIDE, or Kill Chain, translate threat models into actionable detection use cases and SIEM rules, and prioritise detection engineering efforts based on risk and business impact.
* Reporting & Collaboration: Generate reports and dashboards for stakeholders on security posture and incident trends, work closely with IT, DevOps, and compliance teams to ensure secure system configurations, provide mentorship and guidance to junior analysts and engineers, and maintain accurate documentation of security procedures and incident response plans.
* Other responsibilities: Scope and stand up new solutions, assist the pre‑sales team with requirements on new opportunities, demonstrate SOC tools to clients, and contribute continuous service improvement recommendations for change to address incidents or persistent events.
Qualifications
* Must be able to obtain SC Clearance or already hold SC clearance.
* Hands‑
#J-18808-Ljbffr