The Role
:
As a Opnet Incident & Vulnerability Security Engineer you will be responsible for the day-to-day maintenance, optimisation and automation of SOC tooling across the Protect, Detect and Respond functions within the NIST Cybersecurity Framework.
Day-to-day, you’ll contribute to the development and configuration of new or revised SOC tooling, support of forensic investigations, monitoring adversary tactics, techniques and procedures whilst maintaining compliance.
Your responsibilities will include:
1. Supporting the development, implementation and configuration of new or enhanced SOC tooling ensuring alignment with the business needs
2. Driving optimisation and automation across SOC tooling to enhance detection and response, reduce analyst workload, deliver full support to the Protect, Detect and Respond functions
3. Delivering full tooling visibility and independent assurance of all assets
4. Managing, administering and maintaining security devices dailys (e.g, firewalls, IDS/IPS, SIEM, SOAR, EDR)
5. Developing and tuning detection signatures, automation scripts and correlation rules to improve SOC detection capabilities
6. Integrating standard and non-standard log sources into SIEM platforms
Essential experience of the Opnet Incident & Vulnerability Security Engineer:
7. Proven hands-on experience in the implementation, maintenance and configurations of a wide range of SIEM and SOAR platforms
8. Previous experience of applying ISO 27001:2013 security and risk controls
9. The ability to script and automate using Python, Perl, PowerShell, BASH or equivalent languages to support SOC operations
10. Demonstrable experience of applying the MITRE ATT&CK adversarial framework to map attacker TTPs and IoCs into actionable detection use cases
11. Previous experience of digital forensics, malware analysis and threat intelligence
12. The ability to work with Windows and Linux operating systems with a strong background in the analysis of TTPs
Essential qualifications for the Opnet Incident & Vulnerability Security Engineer:
We value difference and we don’t have a fixed idea when it comes to background or education, provided you can show the required level of experience and willingness to learn then we would like to hear from you.
This role is 37 hours per week based at Corsham. Hybrid working patterns available. Travel to customer sites will be expected.
Why Join QinetiQ?
As we continue to grow into new markets around the world, there’s never been a more exciting time to join QinetiQ. The formula for success is our appetite for innovation and having the courage to take on a wide variety of complex challenges.
As a QinetiQ employee, you’ll experience a unique working environment where teams from different backgrounds, disciplines and experiences enjoy collaborating widely and openly as we undertake this exciting and rewarding journey. Through effective teamwork, and pulling together, you’ll get to experience what happens when we all share different perspectives, blend disciplines, and link technologies; constantly discovering new ways of solving complex problems in a diverse and inclusive environment where you can be authentic, feel valued and realise your full potential. Visit our website to read more about our diverse and inclusive workplace culture.
Our Benefits
13. Matched contribution pension scheme, with life assurance
14. Generous holiday allowance, with the option to purchase additional days
15. Options to join Health Cash Plan, Private Medical Insurance and Dental Insurance
16. Employee discount portal: Personal Accident Insurance, Travel Insurance, Restaurants, Cinema Tickets and much more
17. We are proud to support the Armed Forces community by honouring the Armed Forces Covenant and maintaining our Gold Award standard in the Defence Employer Recognition Scheme
18. Volunteering Opportunities - helping charities and local community
Our Recruitment Process:
We want to make sure that our recruitment process is as inclusive as possible and we aspire to bring out the best in our candidates by creating an environment where everyone feels value, heard and supported. If you have a disability or health condition that may affect your performance in certain assessment types, please speak to your Recruiter about potential reasonable adjustments.
Many roles in QinetiQ are subject to national security vetting being completed, applicants who already hold the appropriate level of vetting may be able to transfer it upon appointment. A number of roles are also subject to additional restrictions, which mean factors such as nationality or previous nationalities may affect the roles that you can be employed in.
Please note that all applicants for this role must be willing to go through SC Clearance.