Hackajob Birmingham, England, United Kingdom
Join or sign in to find your next job
Join to apply for the SIEM Application Engineer role at hackajob
hackajob Birmingham, England, United Kingdom
1 day ago Be among the first 25 applicants
Join to apply for the SIEM Application Engineer role at hackajob
hackajob is collaborating with BT (Networks) to connect them with exceptional tech professionals for this role.
Job Description - SIEM Application Engineer
Job Details
* Job title: SIEM Application Engineer
* Reports to: SIEM Software Engineer Manager
* Team: Security Engineering
* Location: Birmingham
* Job Dimensions: Responsible for designing, deploying, managing, and optimizing Elastic SIEM solutions built on ECK to improve threat detection and security monitoring within BT.
* Hours: Full time
* No. Direct Reports: 0
* Career Level: D
Why BT Group?
BT is a purpose-driven organization with a rich history as a pioneer in telecommunications. We focus on research, innovation, and delivering exceptional service to our customers. We promote an inclusive environment where everyone can succeed. We support critical infrastructure worldwide, including emergency services, hospitals, and financial institutions, and are committed to progress and innovation in a fast-changing digital world.
Why this job matters
The Network SIEM is vital to BT’s network security, meeting TSA requirements and improving CAF levels. As a SIEM Application Engineer, you will support the development, implementation, and operation of BT’s strategic SIEM solutions, focusing on Elasticsearch to enhance threat detection, incident response, and security posture.
What You’ll Be Doing - Your Accountabilities
* Design and implement SIEM solutions using Elasticsearch in collaboration with security analysts and architects.
* Optimize SIEM rules, alerts, and dashboards for efficient threat detection.
* Collaborate effectively with team members to achieve security objectives.
* Create and maintain documentation for technical and business audiences.
* Write efficient Elasticsearch queries and monitor system performance.
* Contribute to security projects and work closely with security operations and incident response teams.
* Stay updated on emerging threats and security best practices.
* Configure Elasticsearch pipelines for data ingestion, primarily from Kafka, and enhance data enrichment with threat intelligence feeds.
* Participate in team discussions, define procedures, organize team events, and mentor colleagues.
* Attend briefings and talks to stay informed about BT news and updates.
* Set personal goals with the Team Lead and work towards achieving them.
Advantages
* Experience with Elastic Stack (ELK) and SIEM implementation.
* Knowledge of offensive testing frameworks, Linux, Windows, and network administration.
* Experience with cloud services (public/private), OpenStack, and Kubernetes.
* Cybersecurity qualifications and knowledge of Telecoms Security Act (TSA).
* Understanding of architectural concepts like microservices and service mesh.
* Familiarity with Git, DevOps practices, Terraform, and Ansible.
* Strong knowledge of security policies and regulatory frameworks.
Essential Skills
* Experience with Elastic Security, including setting up access controls, authentication, and encryption.
* Ability to develop, test, and optimize detection rules based on the MITRE ATT&CK Framework.
* Proficiency in performance tuning Elasticsearch and Logstash queries.
#J-18808-Ljbffr