Cyber Threat Investigator
1 week ago
Cyber Threat Investigator - Sentinel
Our client is a pure-play cyber security consulting firm, due to a recent M&A and continued growth they are looking for a technical and driven Cyber Threat Investigator to join the growing team.
You will collaborate closely with the SOC analysts, ensuring clients’ security posture is enhanced. As a Cyber Threat Investigator, you will play a pivotal role within the SOC Team.
As this is a new role, our client will be providing you with the training required to be successful in this role, as a baseline we are looking for candidates who have experience within MS Sentinel, specifically working with LogicApps and automation playbooks and experience developing rules in MS Sentinel. It is also important to have a good understanding of KQL.
You'll lead the charge in planning and managing the development, testing, and implementation of cutting-edge rules and analytics for SIEM and SOAR platforms.
Your day-to-day will be dynamic and collaborative, working closely with SOC Operations Teams to fine-tune existing security use cases and create innovative detection content. You'll be orchestrating each release, overseeing all aspects of design, development, testing, and implementation.
As a Cyber Threat Investigator, you'll become a master at crafting cutting-edge detection and response solutions, leveraging advanced technologies like Lucene, YARA, Sigma and more
Additionally with the right training, you'll be the key driver and main point of contact for the revolutionary zero-trust protection product. This role includes full ownership and management, ensuring its optimal performance, implementing enhancements, handling customer requests, and serving as the primary escalation contact. Naturally our client will provide you with all training whilst on the job
No two days are the same in the SOC, responsibilities include but not limited to:
- Lead the development, testing, and deployment of innovative and updated content across the monitored estate in collaboration with Operations teams.
- Transform playbooks from the Ops teams into effective, deployable solutions.
- Ensure existing detection content remains cutting-edge and relevant.
- Evaluate the impact of new and updated rules and analytics to inform future development.
- Oversee the implementation and maintenance of AppGuard policies.
- Review and approve essential documentation for releases or changes, including design, deployment, configuration, and administration guides.
- Expertise in SIEM/SOAR tools (Microsoft Sentinel and ELK) and other technologies, such as SOAR, Threat Intelligence, and traffic analysis tools, to detect intrusions and recommend enhancements to SOC operations.
- Analyse security data to uncover patterns and trends.
- Research emerging threats and vulnerabilities to stay ahead of the curve.
- Develop and produce Use Case Rules, turning CTI information into actionable Use Cases.
- Maintain an organized and up-to-date Use Case Library.
- Keep comprehensive documentation to support all activities.
Required skills/experience of Cyber Threat Investigator:
- Must be eligible to obtain UK Government Security Clearance
- Commercial experience working with MS Sentinel – automation playbooks - developing rules and experience with LogicApps
- Experience with Microsoft Sentinel and KQL mandatory
- Experience with LogRhythm, ELK stack (Elastic Search, Logstash, Kibana) would be desirable
- Knowledge of Network Security
- Excellent communication and stakeholder management skills
- Ability to manage sensitive and confidential information
Client Key Facts:
- Exceptionally flexible regarding remote and hybrid work arrangements which means more freedom for your personal life.
- Paid on-call if and when required
- Access to industry events, fostering a stimulating technical and social environment.
- Fantastic career progression opportunities.
-
Cyber Threat Investigator
3 hours ago
London, Greater London, United Kingdom 55 Exec Search Full timeCyber Threat InvestigatorWe are seeking a highly skilled Cyber Threat Investigator to join our team at 55 Exec Search. As a Cyber Threat Investigator, you will be responsible for planning and managing the development, testing, and implementation of cutting-edge rules and analytics for SIEM and SOAR platforms.Key Responsibilities:Lead the development,...
-
Cyber Threat Investigator
5 hours ago
London, Greater London, United Kingdom 55 Exec Search Full timeCyber Threat InvestigatorWe are seeking a highly skilled Cyber Threat Investigator to join our team at 55 Exec Search. As a Cyber Threat Investigator, you will be responsible for planning and managing the development, testing, and implementation of cutting-edge rules and analytics for SIEM and SOAR platforms.Key Responsibilities:Lead the development,...
-
Cyber Threat Investigator
4 hours ago
London, Greater London, United Kingdom 55 Exec Search Full timeCyber Threat InvestigatorWe are seeking a highly skilled Cyber Threat Investigator to join our team at 55 Exec Search. As a Cyber Threat Investigator, you will be responsible for planning and managing the development, testing, and implementation of cutting-edge rules and analytics for SIEM and SOAR platforms.Key Responsibilities:Lead the development,...
-
Cyber Threat Investigator
2 hours ago
London, Greater London, United Kingdom 55 Exec Search Full timeCyber Threat InvestigatorWe are seeking a highly skilled Cyber Threat Investigator to join our team at 55 Exec Search. As a Cyber Threat Investigator, you will be responsible for planning and managing the development, testing, and implementation of cutting-edge rules and analytics for SIEM and SOAR platforms.Key Responsibilities:Lead the development,...
-
Cyber Threat Investigator
3 months ago
London, United Kingdom Barclay Simpson Full time**Cyber Threat Investigator**: - London - £65,000 + benefits - Job type: Permanent - Sector: Not-for-Profit, Commerce and Industry - Job reference: 41269 Our client, leader in the technology space, are seeking a hands-on Cyber Threat Intelligence Analyst to join their thriving cyber defence function. This is an excellent opportunity to join a growing...
-
Cyber Threat Investigator
3 hours ago
London, Greater London, United Kingdom 55 Exec Search Full timeUnlock Your Potential as a Cyber Threat InvestigatorOur client, a leading cyber security consulting firm, is seeking a highly skilled Cyber Threat Investigator to join their growing team. As a key member of the SOC Operations Team, you will play a critical role in planning and managing the development, testing, and implementation of cutting-edge rules and...
-
Cyber Threat Investigator
1 hour ago
London, Greater London, United Kingdom 55 Exec Search Full timeUnlock Your Potential as a Cyber Threat InvestigatorOur client, a leading cyber security consulting firm, is seeking a highly skilled Cyber Threat Investigator to join their growing team. As a key member of the SOC Operations Team, you will play a critical role in planning and managing the development, testing, and implementation of cutting-edge rules and...
-
Cyber Threat Investigator
5 days ago
London, United Kingdom 55 Exec Search Full timeCyber Threat Investigator - Sentinel Please read the information in this job post thoroughly to understand exactly what is expected of potential candidates.Our client is a pure-play cyber security consulting firm, due to a recent M&A and continued growth they are looking for a technical and driven Cyber Threat Investigator to join the growing team.You will...
-
Cyber Threat Investigator
7 days ago
London, United Kingdom 55 Exec Search Full timeCyber Threat Investigator - Sentinel Please read the information in this job post thoroughly to understand exactly what is expected of potential candidates.Our client is a pure-play cyber security consulting firm, due to a recent M&A and continued growth they are looking for a technical and driven Cyber Threat Investigator to join the growing team.You will...
-
Cyber Threat Investigator
11 hours ago
london, United Kingdom 55 Exec Search Full timeJob DescriptionCyber Threat Investigator - Sentinel Our client is a pure-play cyber security consulting firm, due to a recent M&A and continued growth they are looking for a technical and driven Cyber Threat Investigator to join the growing team.You will collaborate closely with the SOC analysts, ensuring clients’ security posture is enhanced. As a Cyber...
-
Cyber Threat Investigator
4 days ago
London, Greater London, United Kingdom 55 Exec Search Full timeAbout the RoleWe are seeking a highly skilled Cyber Threat Investigator to join our team at 55 Exec Search. As a Cyber Threat Investigator, you will play a pivotal role in enhancing our clients' security posture by collaborating closely with our SOC analysts.Key ResponsibilitiesDevelop and implement cutting-edge rules and analytics for SIEM and SOAR...
-
Cyber Threat Investigator
4 days ago
London, Greater London, United Kingdom 55 Exec Search Full timeAbout the RoleWe are seeking a highly skilled Cyber Threat Investigator to join our team at 55 Exec Search. As a Cyber Threat Investigator, you will play a pivotal role in enhancing our clients' security posture by collaborating closely with our SOC analysts.Key ResponsibilitiesDevelop and implement cutting-edge rules and analytics for SIEM and SOAR...
-
Cyber Threat Investigator
5 days ago
London, Greater London, United Kingdom 55 Exec Search Full timeAbout the RoleWe are seeking a highly skilled Cyber Threat Investigator to join our team at 55 Exec Search. As a key member of our SOC team, you will play a pivotal role in enhancing our clients' security posture.Your primary responsibility will be to collaborate closely with our SOC analysts to develop and implement cutting-edge rules and analytics for SIEM...
-
Cyber Threat Investigator
5 days ago
London, Greater London, United Kingdom 55 Exec Search Full timeAbout the RoleWe are seeking a highly skilled Cyber Threat Investigator to join our team at 55 Exec Search. As a key member of our SOC team, you will play a pivotal role in enhancing our clients' security posture.Your primary responsibility will be to collaborate closely with our SOC analysts to develop and implement cutting-edge rules and analytics for SIEM...
-
Cyber Threat Investigator
5 hours ago
London, Greater London, United Kingdom 55 Exec Search Full timeJob Title: Cyber Threat InvestigatorJob Summary:We are seeking a highly skilled Cyber Threat Investigator to join our team. As a Cyber Threat Investigator, you will play a pivotal role in enhancing our clients' security posture by collaborating closely with our SOC analysts. You will be responsible for leading the development, testing, and implementation of...
-
Cyber Threat Investigator
3 hours ago
London, Greater London, United Kingdom 55 Exec Search Full timeJob Title: Cyber Threat InvestigatorJob Summary:We are seeking a highly skilled Cyber Threat Investigator to join our team. As a Cyber Threat Investigator, you will play a pivotal role in enhancing our clients' security posture by collaborating closely with our SOC analysts. You will be responsible for leading the development, testing, and implementation of...
-
Cyber Threat Investigator
1 week ago
London, United Kingdom 55 Exec Search Full timeCyber Threat Investigator - Sentinel Our client is a pure-play cyber security consulting firm, due to a recent M&A and continued growth they are looking for a technical and driven Cyber Threat Investigator to join the growing team.You will collaborate closely with the SOC analysts, ensuring clients’ security posture is enhanced. As a Cyber Threat...
-
Cyber Threat Investigator
1 week ago
London,, UK, United Kingdom 55 Exec Search Full timeCyber Threat Investigator - Sentinel Our client is a pure-play cyber security consulting firm, due to a recent M&A and continued growth they are looking for a technical and driven Cyber Threat Investigator to join the growing team.You will collaborate closely with the SOC analysts, ensuring clients’ security posture is enhanced. As a Cyber Threat...
-
Cyber Threat Investigator
2 days ago
London Area, United Kingdom 55 Exec Search Full timeCyber Threat Investigator - Sentinel Our client is a pure-play cyber security consulting firm, due to a recent M&A and continued growth they are looking for a technical and driven Cyber Threat Investigator to join the growing team.You will collaborate closely with the SOC analysts, ensuring clients’ security posture is enhanced. As a Cyber Threat...
-
Cyber Threat Investigator
4 hours ago
London Area, United Kingdom 55 Exec Search Full timeCyber Threat Investigator - Sentinel Our client is a pure-play cyber security consulting firm, due to a recent M&A and continued growth they are looking for a technical and driven Cyber Threat Investigator to join the growing team. You will collaborate closely with the SOC analysts, ensuring clients’ security posture is enhanced. As a Cyber Threat...
