Social network you want to login/join with:
Principal Security Consultant - SIEM, london
col-narrow-left
Client:
RiverSafe
Location:
london, United Kingdom
Job Category:
Other
-
EU work permit required:
Yes
col-narrow-right
Job Views:
4
Posted:
28.04.2025
Expiry Date:
12.06.2025
col-wide
Job Description:
Role
* Lead the design, deployment and tuning of enterprise-grade SIEM platforms (e.g. Splunk, Azure Sentinel etc.)
* Collaborate with stakeholders to define logging requirements, use cases, detection rules and dashboards
* Oversee integration of data sources from cloud, on-prem, endpoint, network and application layers
* Create and maintain detection rules, correlation logic and alerts tailored to specific threat scenarios
* Provide technical leadership and mentorship to team members
* Work closely with SOC teams to align SIEM capabilities with business objectives
* Conduct SIEM health checks, performance tuning and capacity planning
Skills
* Expertise in SIEM design, deployment and optimisation
* Hands-on expertise with one or more major SIEM platforms (e.g. Splunk, Sentinel etc.)
* Deep understanding of log ingestion, parsing, normalisation and enrichment
* Strong grasp of MITRE ATT&CK framework, threat detection and alert logic
* Experience with cloud logging and monitoring (AWS CloudTrail, Azure Monitor, GCP etc.)
* Experience with threat modelling, cloud security or Identity and Access Management is desirable
#J-18808-Ljbffr