About the company
- A well established MSSP growing their team sizes
- In scale up mode and uplifting capability
- Hybrid set up, collaborative culture
About the role
This is a newly created in a managed SOC team, predominantly this role will be focused on uplift of SIEM alerts and implementation of their SOAR platform. To be successful in this role, you will need prior experience with optimising SIEM correlation rules, detection logic uplift, onboarding new customers and ideally exposure to a SOAR platform. This is a somewhat unique role as you can work broader technically covering incident response and threat intelligence work outside of engineering work if that is of interest.
Culture / Benefits
- Scale up MSSP environment
- Opportunity to uplift your technical skills broadly
- Current hours are 8am to 6pm with shifts split between those hours
- No 24/7 requirement in this SOC currently
Duties
- Security engineering across a variety of systems
- SIEM correlation rule uplift
- Onboarding new customers onto SIEM and other platforms
- SOAR implementation and fine tuning
Skills and experience
- To be successful in this role, you will need to have experience as a Security Engineer
- Strong skills with a SIEM platform - could be Splunk, Elastic, Sumo or others
- Broad technical exposure across security products and platforms
- Ability to assist in Incident Response of Threat Intelligence as required
- Excellent Communication skills - written and verbal
- Industry certifications are highly regarded