Back to search
Job Title: SIEM Engineer
Location: Wokingham/Hybrid (3 days per week on site)
Duration: 3 months from the start
Rate: 430 per day inside ir35
SC security clearance is required for this role
We are looking for a highly skilled Security Engineer to support the deployment, configuration, and management of modern SIEM and EDR platforms. This role is ideal for someone with strong hands-on technical security expertise and a passion for threat detection, analysis, and automation.
Key Responsibilities:
- Syslog experience and/or strong Linux skills
SIEM Deployment & Management
- Configure, deploy, and maintain SIEM platforms such as Microsoft Sentinel or Elastic SIEM.
- Build and optimise log ingestion pipelines.
EDR Deployment & Management
- Manage and maintain tools including Tanium, Trellix, FireEye, Microsoft Defender, or Elastic EDR.
Threat Detection & Analysis
- Monitor security logs and alerts.
- Investigate anomalies, understand attack patterns, and provide actionable recommendations.
Syslog Management
- Configure and maintain Syslog servers.
- Manage Syslog feeds and ensure reliable log forwarding.
Log Ingestion for Sentinel
- Deploy out-of-the-box integrations.
- Develop custom connectors and ingestion methods for diverse log sources.
Collaboration
- Work closely with IT, SOC, and wider security teams to strengthen the organisation's cybersecurity posture.
Required Skills & Qualifications
- Strong background in security engineering, SIEM/EDR tooling, and network security.
- Certifications such as CISSP, CEH, GIAC, AZ-500, SC-100, or relevant vendor-specific credentials.
- Scripting proficiency in Python, PowerShell, KQL (Kusto Query Language), or Kibana Query Language.
- Strong analytical mindset with the ability to process large datasets, detect threats, and identify misconfigurations.
- Excellent written and verbal communication skills for documenting findings and engaging stakeholders.
If you are interested in this role please feel free to submit your CV
Many thanks,
