AddressOur client a global MSSP are seeking a Senior Security Engineer to join their successful Securiry Engineering team. Working with enterprise level customers as a Sentinel SME this role offers a real mix of BAU support alongside complex and challenging project work.
With substantional training budget for engineers to obtain certifications to support them with their role this is a great opportunity to get into a Consultant or Architect role. This role is also fully remote however applicants must be UK based.
What will you be doing as a Senior Security Engineer
• Manage, monitor and maintain our Sentinel and Defender offering, creating and tuning alerts where necessary.
• Investigate log ingestion rates and track them.
• Provide recommendations to our customers on the difference between operational and security logging.
• Ensure each customer's operational health is maintained and respond to all platform requests within agreed SLAs.
• Creation of Sentinel workbooks and Logic Apps
• Lead the implementation of any required upgrades to the technology stack.
• Lead the development of solutions to improve detections and operational capability through the proficient use of KQL.
• Lead integrations between Sentinel and other security technologies
• Maintain an awareness of the latest Defensive Monitoring technologies and trends
• Maintain an up-to-date understanding of current threats and trends in Cyber Crime and apply this information as part of your daily duties when creating custom queries and altering the SOC Monitor infrastructure.
• Assist both Infrastructure Support and Network Operations in a wide range of duties ranging from security best practice recommendations through to analysing suspicious activity on infrastructure devices.
What experience do you need?
- Demonstrable SIEM, EDR, and EPP skills and technical familiarity of Microsoft Azure solutions.
- Demonstrable experience of working in a complex, high-performing service management enterprise environment.
- Microsoft certifications such as:
- SC-200
- AZ-500
- Demonstrable experience with writing complex queries in KQL
- Demonstrable experience creating Playbooks (Logic App), documentation, and deployment.
- Demonstrable experience with Sentinel log analysis and content creation
- An understanding of Python and RegEx
- Good understanding of IT infrastructure including Windows and Linux applications as well as network and other security vendor products.
- Experience of analysing complex data, making sensible recommendations, and presenting to management teams as part of continuous service improvement.
- Understanding of attack vectors, with the ability to differentiate between normal and abnormal activity, providing recommendations on countermeasures and remediation activities.
- Experience in a customer-facing role; communicating to different levels of stakeholders.
- Experience with network detection technologies such as Corelight
- Experience with deception technology
- Experience with Sentinel Function Apps
What will you get in return?
- Basic salary of up to £75,000 per annum
- Remote working
- Profressional certifications paid for
- Ongoing profressional development
- Competitive pension
- Private health care
If you match the above click apply now with an up to date version of your CV.
