Description
Cybersecurity Architect/SME - SC Cleared
Whitehall Resources currently require an experienced Cybersecurity Architect/SME to work with a key client.
Job Description:
Our client is running a new phase of work where they want to build and run trials of alternative and complementary SIEM technologies including Splunk, Microsoft Azure Sentinel, and AWS Security Hub.
The order of priority is: Splunk, Azure Sentinel and AWS Security Hub. We specifically need someone who has used one or more of those SIEM technologies in a hands-on role and in the context of:
1. Configuration/setup;
2. Log source integration/normalisation;
3. Use-case development (linking vulnerabilities and/or attack behaviours to audit/log event requirements);
4. Correlation and alerting logic development;
5. Analysis and alert/incident investigation (nice to have);
6. Threat hunting (nice to have).
All of our opportunities require that applicants are eligible to work in the specified country/location, unless otherwise stated in the job description.