Siem Engineer 208296
About the role you're considering
The Cyber Delivery Team is part of the Managed Services function within the Cloud Infrastructure Services (CIS) UK business line. You will interact with a global team of security experts, including Architects, Engineers, Analysts, and Compliance Managers. We encourage engagement across different areas of the business and local communities.
We are seeking a skilled SIEM Engineer with expertise in ElasticSIEM to join our cybersecurity team. The candidate will design, implement, and maintain ElasticSIEM infrastructure to ensure effective security monitoring and incident response.
Embedded with an existing Customer SOC, you will provide engineering support for ElasticSIEM, working alongside Capgemini SOC analysts and the customer SOC team.
This role requires onsite presence 2 days per week in Warwick.
Pre-employment checks include identity verification, nationality or immigration status, employment history for the past 3 years, and a criminal record check (Disclosure and Barring Service).
Your role
1. Design and Implementation: Install and maintain ElasticSIEM architecture for performance and scalability.
2. Monitoring and Analysis: Create dashboards and visualizations using Elastic Stack for real-time security event analysis.
3. Data Integration: Integrate data sources into Elasticsearch, ensuring data quality through ETL processes.
4. Incident Response: Investigate and respond to security incidents using ElasticSIEM capabilities.
5. Performance Optimization: Monitor and optimize Elastic Stack clusters for high availability.
6. Security Best Practices: Implement access controls, encryption, and compliance with standards.
7. Documentation: Maintain SOPs and technical reports.
We promote an inclusive environment where everyone can bring their whole self to work. Building a diverse and welcoming environment is part of our daily life at Capgemini.
Your skills and experience
* Proficiency in Elastic Stack (Elasticsearch, Logstash, Kibana, Beats)
* Strong understanding of cybersecurity principles
* Experience with scripting and automation (Python, Shell)
* Problem-solving, analytical skills, and teamwork abilities
* Experience with other SIEM platforms like Sentinel is a plus
* Knowledge of compliance standards (GDPR, HIPAA)
Your security clearance
To be appointed, you must obtain Security Check (SC) clearance, which requires residing in the UK for the last 5 years and meeting other criteria. You may be asked about your nationality and residence during recruitment. Some positions are restricted to UK nationals for security reasons.
What does ‘Get The Future You Want’ mean for you?
Join an accredited Great Place to Work for Wellbeing in 2024. We prioritize employee wellbeing with trained Mental Health Champions and wellbeing apps. Bring your unique skills, inspire your team, and be part of creating a sustainable, inclusive future, impacting UK organizations through technology.
Why consider Capgemini
Join us to help clients grow sustainably and inclusively. Work with industry experts, learn continuously, and develop your skills. Use your expertise to help clients innovate and transform their businesses, making a positive impact in the world.
About Capgemini
Capgemini is a global leader in business and technology transformation, with over 340,000 employees in more than 50 countries. With a heritage of 55+ years, we help organizations accelerate their digital and sustainable transition, leveraging AI, cloud, data, and industry expertise. In 2024, our global revenue was €22.1 billion.
Learn more at www.capgemini.com
#J-18808-Ljbffr