This role is Inside IR35.
Clearance: DV
Contract Length: 03/07/2026 – 31/03/2028 (368 days)
Location: Corsham, Wiltshire or Cosham, Portsmouth - 5 days onsite.
Essential
* Experience in forensics, malware analysis, threat intelligence.
* Experience using Python, Perl, PowerShell, BASH or an equivalent language.
* Experience with network forensics and associated toolsets and analysis techniques.
* ISO 27001:2022 security and risk controls.
* MITRE ATT&CK adversarial framework.
* ITILv3/v4 Foundation.
Key Capabilities/Knowledge
* Strong hands-on experience in the implementation, maintenance and configuration of a variety of SIEM and SOAR platforms, including:
o Trend
o Tripwire
o Tanium
o Clearswift
o Elastic
o SolarWinds
* Ability to understand, modify and create threat detection rules within SIEM.
* Ability to correlate data from multiple data sources to create a more accurate picture of cyberthreats and vulnerabilities, managing and engineering dashboards.
* Knowledge and experience with the Windows and Linux operating systems.
* Ability to reverse engineer malware and then creating IOCs and rules for the SIEM.
* Understanding of log collection and aggregation techniques, Elasticsearch, Logstash, Kibana (ELK), syslog-NG, Windows Event Forwarding etc.
* Able to tune correlation rules and outcomes via SIEM and SOAR platforms.
* Strong background in Analysis of attacker Tactics, Techniques and Procedures (TTPs) and Indicators of Compromise (IoCs).
* Understanding of intrusion detection systems, web application firewalls, and IP reputation systems.
* Technical understanding of current cybersecurity threats and trends.
Desirable
* CompTIA A+.
* CompTIA Security+.
* CompTIA CySA+.
* CompTIA PenTest+.
* MCSE.
* SANS 504 - Incident Handling.
* SANS 511 (Continuous Monitoring).
#J-18808-Ljbffr