Overview
The Senior Security Analyst – SIEM Engineering – is part of the Cyber Security Operations Centre (CSOC) within the Cyber Security Operations Unit and supports NHS England’s cyber resilience by deploying data feeds into the SIEM system, maintaining the SIEM environment, and building detection capabilities.
Responsibilities
* Deploy feeds from data sources into the NHS England SIEM tool and ensure compliance with data modelling for both new and updated services.
* Maintain the SIEM data feed infrastructure to guarantee timely delivery of security logs with full data fidelity.
* Manage the technical relationship with services and customers during deployment and updates of data feeds.
* Work closely with Cyber Monitoring teams to manage the SIEM environment, build detection capability and improve automation of security monitoring.
* Manage and develop the SIEM configuration and its interfacing with other SOC tooling.
* Identify and deliver continuous improvements to enrich, refine and optimise SIEM capabilities.
* Investigate, troubleshoot and resolve service incidents.
* Collaborate and conduct knowledge transfer with architects, engineers and subject matter experts.
* Implement organisational standards for design, development, testing, deployment, maintenance and documentation.
* Provide clear and accurate SIEM status reporting for both technical and non‑technical stakeholders.
* Mentor and coach junior staff within the Cyber Security Operations Centre.
Qualifications
* Minimum Security Clearance level required for all NHS England Cyber Security personnel; SC clearance with 5 years continuous UK residency (or 3 years continuous UK residency with overseas checks for the previous two years) is mandatory.
* Demonstrated experience in SIEM engineering, data feed deployment, and security monitoring automation (qualifications or equivalent experience).
#J-18808-Ljbffr