Cyber Security Engineer SoC/SIEM (Contract)
Cyber Security Engineer SoC/SIEM (Contract)
4 days ago Be among the first 25 applicants
This range is provided by Methods. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.
Base pay range
Methods Business and Digital Technology Limited
Methods is a £100M+ IT Services Consultancy who has partnered with a range of central government departments and agencies to transform the way the public sector operates in the UK. Established over 30 years ago and UK-based, we apply our skills in transformation, delivery, and collaboration from across the Methods Group, to create end-to-end business and technical solutions that are people-centred, safe, and designed for the future.
Our human touch sets us apart from other consultancies, system integrators and software houses - with people, technology, and data at the heart of who we are, we believe in creating value and sustainability through everything we do for our clients, staff, communities, and the planet.
We support our clients in the success of their projects while working collaboratively to share skill sets and solve problems. At Methods we have fun while working hard; we are not afraid of making mistakes and learning from them.
Predominantly focused on the public-sector, Methods is now building a significant private sector client portfolio.
Methods was acquired by the Alten Group in early 2022.
Requirements
Responsibilities & Requirements
* Elastic Stack Expertise: Demonstrable expertise across the Elastic Stack, particularly in the use of Kibana for creating advanced visualisations, dashboards, queries, and alerts. You must hold a valid Elastic Certified Analyst certification, with full working knowledge of the competencies it covers, including anomaly detection, dashboard tuning, and timeline analysis
* Data Ingestion & Log Pipeline Engineering: Build, manage and optimise complex Logstash pipelines, utilising a wide range of plugins to handle diverse log formats, transform data, and enrich security telemetry. Ensure reliable ingestion of logs from both structured and unstructured sources into Elasticsearch
* Syslog Configuration: Configure, manage rsyslog and configure centralised logging for network appliances, firewalls, and infrastructure components to ensure visibility and completeness of data collection
* Linux Proficiency: Administer and troubleshoot Linux-based systems, with command-line fluency and scripting ability (e.g. Bash, Python) to support SIEM operations, log parsing, and agent deployment
* Detection Engineering & Threat Rules: Develop and tune custom detection rules using ESQL, EQL, and Lucene syntax to identify malicious activity. Use MITRE ATT&CK-aligned techniques and contribute to the design of the detection roadmap. Create and maintain bespoke investigation guides to assist SOC analysts in conducting triage and escalation
* SOC Maturity & Policy Development: Contribute to the development of SOC processes and policies, including detection logic lifecycle, alert tuning procedures, and SIEM configuration governance. Play a key role in maturing the operational use of SIEM tooling and automation within the SOC environment
* Defence Writing & JSP Familiarity: Prepare formal documentation in line with Defence Writing principles, with an understanding of Joint Service Publications (JSPs), particularly in areas related to cybersecurity governance, incident response, and monitoring operations
* Incident & Case Management: Support the incident response lifecycle through alert review, case triage, evidence handling, escalation, and forensic data support. Ensure cases are documented comprehensively and aligned with operational SOPs and client expectations
* Client Engagement & Communication: Communicate technical information clearly and confidently to both internal stakeholders and external clients. Collaborate with multidisciplinary teams, report findings effectively, and represent security operations during client interactions and project reviews
Desirable Skills And Experience
* Prior experience in Defence, Government, or Critical National Infrastructure environments
* Familiarity with security frameworks such as MITRE ATT&CK, NIST CSF, or ISO 27001 including how to map TTP's to Rule coverage.
* Experience with SOAR or SIEM enrichment tools (e.g., TheHive, MISP, Cortex)
* Knowledge of additional log forwarding/processing tools (e.g. Elastic Agent, Fluentd)
* Exposure to vulnerability management and threat intelligence platforms such as OpenCTI
Qualifications:
* Expert knowledge of Azure & Sentinel
* Proven experience as a Cyber Analyst with a focus on Security Operations
* Strong expertise in using Elastic Stack, including Elasticsearch, Logstash, and Kibana
* Familiarity with other SIEM tools and security technologies
* Knowledge of cybersecurity best practices, threat intelligence, and incident response
* Excellent analytical and problem-solving skills
* Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or Elastic Certified Engineer (ECE) are a plus
This role will require you to hold active SC and/or DV - If DV isn't held, then you will have to be eligible for DV.
Seniority level
* Seniority level
Mid-Senior level
Employment type
* Employment type
Contract
Job function
* Job function
Information Technology
* Industries
IT Services and IT Consulting
Referrals increase your chances of interviewing at Methods by 2x
Sign in to set job alerts for “Cyber Security Engineer” roles.
Cyber Security Engineer SoC/SIEM (Contract)
Cyber Security Engineer SoC/SIEM (Contract)
Embedded Cybersecurity Specialist (m/h/d)
More, England, United Kingdom 1 month ago
Hatfield, England, United Kingdom 1 week ago
Lead / Senior Information Security Analyst
Hereford, England, United Kingdom 4 days ago
Cybersecurity Consultant / Concierge Security Engineer 2
Newcastle, England, United Kingdom 1 week ago
Cyber Security Trainee Placement Programme
Worcester, England, United Kingdom 6 days ago
Cyber Security Trainee Placement Programme
Kington, England, United Kingdom 1 day ago
Senior Cybersecurity Consultant 3 / Concierge Security Engineer 3
Newcastle, England, United Kingdom 1 week ago
Cleobury North, England, United Kingdom 6 months ago
Newcastle, England, United Kingdom 6 days ago
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr