SIEM & Security Engineer

More than you expected Grant Thornton UK LLP is partof a global network of independent audit, tax and advisory firms,made up of some 73,000 people in over 150 countries. Were a team ofindependent thinkers who put quality, inclusion and integrityfirst. All around the world we bring a different experience to ourclients. A better experience. One that delivers the expertise theyneed in a way that goes beyond. Personal, proactive, and agile.Thats Grant Thornton. Job Description: NEW GROUND WONT BREAKITSELF. Every day our teams help people in businesses andcommunities to do what is right and achieve their goals. The GrantThornton Cyber Defence Centre are an established MSSP at theforefront of Cyber solutions, working with industry leadingtechnologies. We offer a path for progression and invest in ourworkforce. Initiative is encouraged and support is always availableacross the team and wider group. We work collaboratively and crossfunctionally, boasting a healthy ethos. Were happy to talk flexibleworking and consider reduced hours and job shares, well support youto balance your work and life. Although this role is designated asa home worker, if youre located close to a Grant Thornton officeand wish to work there during Monday - Friday between normal officeworking hours, arrangements could be made to accommodate this. Alook into the role This is an exciting role for an individual whois fanatic about cyber security and loves to get things working.You will work with a cutting-edge NG-SIEM technology and the entireplatform portfolio within CrowdStrike. As a SIEM and SecurityEngineer within our Cyber Defence Centre practice, you will: 1.Work with multiple security teams to understand existing processesand procedure to then develop enhancements. 2. Development ofSecurity use cases with alignment to MITRE Att&ck. 3. Supportthe SOC team both during investigations, development and tuning. 4.Testing use cases in attack emulation with dev/test environments.5. Assist in the Development CI/CD for releasing security content.6. Enhance security offerings to benefit the customer, by adoptinga threat centric approach specific to customer profiles. 7.Contribute towards information security guidance documentation andtraining. 8. Approach tasks with flexibility, proactivity andcomplete work to a high quality. 9. Maintain confidentiality ofinformation; comply with requirements related to Data Protection.10. Develop and follow a DevOps lifecycle, standardising a route tolive for all Security engineering development. 11. Use case andanalytic lifecycle management including tuning and drivingautomation (SOAR). 12. Leading/supporting the project lifecycle ofSOC technology, from identifying relevant new tech, through totraining and successful implementation. 13. Assist the SOCOperations lead with the delivery of a Managed Detection andResponse service to our customers through supporting the operationof the SOC. 14. Work with the Cyber Defence team to identify anyenhancement and integration opportunities. 15. Assist the SOAR teamwith integration, automations and development. 16. Get involvedduring escalation of security incidents working across multipleteams. Knowing youre right for us Joining us as a SIEM and SecurityEngineer, the minimum criteria youll need is a 2.1 Degree in STEMor Cyber, CompTIA Network + / Security +, other relevant ITcertifications, a strong IT background, knowledge in SystemsAdministration (Windows, Linux, networking) and generalinfrastructure knowledge. It would be great if you had some of thefollowing skills, but dont worry if you dont tick every box, wellhelp you develop along the way. 1. Analytical and problem-solvingskills to identify and assess risks, threats, patterns and trends.2. Teamworking skills in order to collaborate with team members andclients. 3. Written communication skills, for example to writetechnical reports. 4. Time-management and organisational skills tomanage a variety of tasks and meet deadlines. 5. The ability tomulti-task and prioritise your workload. 6. An ability to workunder pressure, particularly when dealing with threats and at timesof high demand. 7. Demonstrable experience of the mainresponsibilities. Experience of incident handling andinvestigation. 8. Previous Security engineer or similar experience,ideally managing complex asks or requirements to solve securityissues. 9. SIEM Use Case development. 10. Good understanding of theMITRE Att&ck Framework. 11. Scripting development(Python/PowerShell). 12. SIEM and SOAR configuration anddevelopment. 13. Analytic and Playbook/documentation anddevelopment. 14. Incident and Case Management processunderstanding. 15. Experience of using EDR tooling. 16. Knowledgeof cyber security standards such as ISO27001, NIST, CIS Top 20. 17.Strong code development background with DevOps practices (CI/CD).18. Red Team/Purple Teaming skills. Knowing were right for youEmbracing uniqueness, the culture at Grant Thornton thrives on thecontributions of all our people, we never settle for what is easy,we look beyond to deliver the right thing, for everyone. Buildingan inclusive culture, where we value difference and respect ourcolleagues helps our people to perform at the best of their abilityand realise their potential. Our open and accessible culture meansyoull interact with leaders who are interested in you andeverything you bring to our firm. The things that set you apart, wevalue them. Thats why we give you the freedom to bring your wholeself to work and pursue your passions inside and outside of work.Beyond the job Life is more than work. The things you do, and thepeople youre with outside of work matter, thats why were happy tolook at flexible working options for all our roles, and well alwaysdo our best to keep your work and life in balance. The impact youcan make here will go far beyond your day job. From secondments, tofundraising for local charities, or investing in entrepreneurs inthe developing world, youll be giving back to society. Its thatdrive to do the right thing that runs through our every move,grounded in our firms values - purposefully driven, activelycurious and candid but kind. Were looking for people who want tocontribute, spark fresh ideas and go beyond expectations. Peoplewho want to be able to proudly do whats right, for the firm, ourclients, our people and themselves. Its how it should be. #LI-ME1J-18808-Ljbffr