Description
Lead SOC Engineer - Public Sector - Edinburgh - Inside IR35
Day Rate - up to £750
Duration - 6 months
Harvey Nash's Client are hiring a Lead SOC Engineer you will work with SOC project to finalise delivery of strategic security monitoring platform, IBM QRadar.
You will have extensive knowledge of the IBM QRadar and Resilient platform, supporting the SOC project and the BAU IT Security team in delivering a robust security monitoring capability.
Key responsibilities include:
- Integrating existing security tooling into QRadar as appropriate - SEPM, SCEP, Illumio, CyberArk etc
- Tuning offenses to ensure appropriate prioritisation and visibility
- Defining playbooks to support the most critical alerts
- Defining appropriate security dashboards with supporting documentation
- Work with the appropriate IT team to remove false-positives/network noise
- Developing incident response plans and working with customers to contain identified threats
- Work with the IT Security team and Infrastructure team to deliver automated actions through IBM Resilient where appropriate
- Lead on the integration of an automated incident response tool such as Splunk On-Call, OpsGenie etc
- Ensure the threat intelligence feed is integrated into the appropriate offenses with sufficient prioritisation
- Define and implement threat hunting processes, utilising the tools available
- Integrate Azure Sentinel alerts
- Integrate 3rd party SIEM alerts such as from AlertLogic
- Define, produce and document regular MI reports
- Develop the skills of the IT Security Team
Skills & Experience Required
- Experience of multiple Information Security and Cyber technical domains within a corporate environment
- In depth hands-on experience of IBM QRadar and Resilient
- Working knowledge of Best Practice Security Standards and Principles eg ISO/IEC 27001, NCSC Security Cloud Principles, NIST etc
- Previous experience coaching and providing feedback
- Professional Security Qualification - eg CISSP, IBM Certified Deployment Professional - IBM QRadar SIEM, IBM Certified SOC Analyst - IBM QRadar SIEM etc
- Exposure to Azure cloud security monitoring including tooling, log collection and log analysis.
Please note that a BPSS Clearance is required for this role.