Demo
Careers
SIEM Engineer – Splunk
Talion is looking for an experienced SIEM Engineer with a Splunk focus to join our enthusiastic and experienced Operations and Security team. If you have a passion for combatting cyber threats by developing cutting edge security solutions and providing a world class customer experience through the perpetual improvement of platforms and services, apply below.
Location: 
Leeds
Department: 
Date Posted: 
30th June 2021
Deadline: 
30th September 2021

Reporting line

SIEM Engineering

Who is Talion?

At Talion, we’re changing the way organisations interact with their Managed Security Service Provider.  Born out of BAE Systems, our service is built on first-hand knowledge of military engineering and defence-grade security, together with an in-depth understanding of the threat landscape facing the commercial world today.

When it comes to cyber security, we believe every organisation deserves full visibility and complete control over how threats are monitored, how decisions are made, and how their business is protected. That’s why we prioritise transparency and collaboration across our service lines, implementing security programs that give businesses the control and freedom to pursue ambitions and realise goals, safe in the knowledge that we’ve got their back, 24 hours a day, 7 days a week.

Role Description

Talion is looking for an experienced SIEM Engineer with a Splunk focus to join our enthusiastic and experienced Operations and Security team. We are looking for someone who has a passion for combatting cyber threats by developing cutting edge security solutions and providing a world class customer experience through the perpetual improvement of our platforms and services. You will have a technical and ideally content and engineering development background in Splunk and awareness of cyber threats to assist our Security Analysts and thus protect our clients.

This role will enable the individual to be at the cutting edge of the development of our SIEM based services, learning new skills and gaining certifications that are recognised and respected across the industry.

The appointee will report into the Head of SIEM Engineering and work closely alongside our SIEM Engineering & Content Development Teams. This role is key in delivering the future products and services that Talion will be offering and is an excellent opportunity to specialise and progress in the field.

We are looking for an individual who wants that next challenge in their career.  We want someone with enthusiasm and able to challenge senior management with ideas and a strategic vision.

You should possess a unique blend of technical and operational security awareness and have a strong desire to innovate and a be able to assist in creating strategies to deliver on the vision that we have for Talion. The role will be key in delivering extra content and efficiencies into our SIEM platform, so a close working relationship with our in-house Analyst and Content team will be key.

Specific Accountabilities and Responsibilities

  • Create and maintain SIEM Platforms with a particular focus on the Splunk technologies and processes
  • Security & Operational content development in SIEM
  • Suggesting, driving and implementing technical improvements to the platform
  • Liaise with our solution provider on a regular basis to assist with system improvements and updates
  • Create documentation and process designs relevant to the SIEM platform and projects
  • Implement future integrations to support services
  • Assist with training on the SIEM platforms and internal demonstrations of its capabilities
  • Onboarding / Transitioning of new customers
  • Identify improvement and automation opportunities within our security solutions and services to drive out cost and improve services wherever possible
  • Assist the Leadership team in the development of partnerships with vendors
  • Have material input and influence into the design and delivery of future service and product roadmaps

Qualifications and Requirements

Essential

  • Extensive experience of a SIEM platforms focusing on Splunk (3 years minimum)
    • Architecture (Enterprise & Cloud)
    • Implementation
    • Content Development
    • Best Practice
    • Log Source onboarding
  • Experience in trouble-shooting complex systems
  • Experience with working in a Managed Security Service Provider (MSSP) service environment
  • Strong desire to learn new techniques and technologies
  • The ability to be self-sufficient in problem solving
  • Must possess strong analytical, problem solving and documentation skills
  • Ability to work under pressure, and to prioritize tasks accordingly
  • Must demonstrate strong oral and written communication skills, with the ability to communicate technical topics to management and non-technical audiences
  • Comprehensive understanding of the fundamentals of cyber security
  • Must be able to collaborate effectively with other teams

Desirable Experience

  • Using other SIEM platforms (ArcSight & Sentinel)
  • SOAR Platforms
  • Automation to help drive efficiencies into our services
  • An education background in Cyber Security
  • Experience of working within a Security Operations Centre
  • Technical certifications with security or network products
  • Writing / Developing custom scripts
  • Toolset integration (Servicenow, Solarwinds, Azure)
 
Apply for this position


    Other vacancies