Siem Administrator

SIEM Administrator - Not remote

Our client based in Northwest Leeds is a global organisation specialising in Consultancy services has an excellent opportunity for someone with a strong understanding of cyber security risks and experience of working in a fast-paced environment to join their Information Security Team.

As SIEM Administrator you'll be working closely with the security team to develop and deliver solutions to gain visibility of security events within our environment. Build new or develop existing event correlation, reporting and remediation capabilities based on advanced monitoring use cases, external threat intelligence, and known traffic patterns. Regularly review Audit Logs to recognise both normal and abnormal activity.

Key Duties and Responsibilities:

- Take a proactive role in identifying security risks, mitigations, and opportunities to strengthen Turner & Townsend's resilience to cyber-attacks and security incidents
- Assist with security incident management and response activities
- Maintain and tune the Microsoft Sentinel SIEM solution to recognise and differentiate between both normal and unusual system activity
- Investigate unusual behaviour highlighted by SIEM, reporting potential threats or malicious activity and support security incident response efforts as required
- General day-to-day support on managing and responding to security alerts from systems and end users
- Perform daily, weekly, and monthly security checks, reconciliation and compliance checks and investigate exceptions
- Support the wider IT team to provide and share technical knowledge and security best practices
- Develop dashboards and reports for monitoring of real-time log data, that clearly report on and highlight critical events
- Awareness of current threat indicators

Technical Requirements:

- Experience and good understanding of Microsoft technologies including: Azure Active Directory, Windows Server, and M365
- Hands on working experience of the Microsoft Sentinel SIEM solution
- Ability to use security systems to correlate and respond to security alerts and events
- Two years of hands-on working experience in a similar role

Detailed knowledge of:

- SIEM administration, log investigation, analysis, and reporting
- Common exploitation tools, tactics, and procedures
- Persistent attacks, detection methods and how malicious software persists on compromised systems
- Security incident response procedures and best practices

NOT REMOTE ROLE IS SITE BASED LEEDS

Salary 40,000-50,000

Office based LS18 Monday
- Friday

Headway Recruitment is acting as an Employment Agency in relation to this vacancy. Headway Recruitment are an equal opportunities employer and we are committed to a policy of diversity, equality and inclusion.