Threat Engineer - Splunk, Detection, Monitoring, SOC,Phantom, Azure Sentinel
Remote - London, England, United Kingdom
Threat Engineer - Splunk, Detection, Monitoring, SOC, SIEM, Phantom, Azure Sentinel
ADARMA are looking to engage a contract Threat Engineer with Splunk experience to work on a large programme with an enterprise banking partner. The role will be based remotely for the foreseeable but there may be a requirement to attend either a London or Edinburgh-based office in the future.
Please note you would be expected to engage via an FCSA-accredited umbrella company for the duration of this contract.
As a Threat Engineer you will be involved in:
- Developing and implementing use cases derived from threat intelligence sources.
- Assessing efficiency and effectiveness of threat monitoring rules.
- Assessing and resolving issues relating to the SIEM and other monitoring tools.
- Assessing log sources and sensors.
- Generating log source event of interest samples.
- Building, testing and developing the configuration through route to live for log sources and sensors.
- Proficiency in Splunk in an enterprise setting, preferably with associated Splunk certifications.
- Experience converting SOC use cases and threat models into Splunk artefacts for data parsing and detection rules.
- Strong understanding of security monitoring, security technologies and cyber threats.
- Background in security operations.
- Any experience with Splunk Phantom and/or Microsoft Azure Sentinel would be highly desirable.
We are Adarma, one of the largest independent security services companies in the UK. As a business formed and run by veteran senior security leaders, we know security and how to deliver real value in the real world. This is why our clients are successful FTSE 350 organisations from all industry sectors.
See us as your true partner in security. We have the experience, proven track record and industry recognition, to provide best-of-breed services for all our clients. Our team are specialists in Threat Management including SOC design, build & operation. And we always tailor our cybersecurity services to your needs