Siem Engineer

**Join Police Digital Service as SIEM Engineer**

**About Police Digital Service**

To protect people from harm in our rapidly changing world, police services must not only keep up with technology and business changes but develop capabilities and ways of working that will enable them to adapt to and deal with the complexity of modern criminality.

Police Digital Service strives to be the go-to partner for technology developments and programmes across UK policing. Our team provides technical advice and delivers services to help policing and law enforcement organisations across the UK prioritise andfocus on technology efforts.

Our vision is to support UK policing to keep people safe, get more from technology investments and make better use of public money, and we’re always on the lookout for great talent to help us achieve this.

The National Management Centre (NMC) is part of Police Digital Services and provides visibility and control of information risks for policing. It supports the 24x7x365 nature of police operations, providing a threat detection and response capability fordigital services before, during and after cyber-attacks, enabling stakeholders to understand and proactively manage risk across the technology estate at both the national and force level.

**Key Responsibilities**
- Configuration and maintenance of the NMC central Microsoft Azure, Lighthouse and Sentinel platform
- Maintenance, deployment, and development of detection rules and other SIEM content
- Tuning of deployed rules in collaboration with other NMC services
- Creation of custom automation solutions using both low-code and traditional development approaches.
- Providing support to forces for the configuration of Sentinel and log sources
- Testing and implementing new Sentinel connectors
- Working with the PDS design team and wider NMC operational teams to test and implement new tools and technologies.
- Maintaining central configuration software
- Leveraging Microsoft support for technical assistance and information regarding roadmap features

**What you need to succeed in the role**

**Essential**
- Experience of supporting SIEM implementation in the context of a Security Operations Centre
- Experience of log source configuration and parsing, as part of a SIEM implementation, including experience of data normalisation using RegEx
- Experience and relevant certification in cloud services design and administration
- Practical experience in the testing, implementation, and support of software systems
- Experience working with APIs
- Practical experience in software development and scripting, specifically PowerShell and Python.
- Initiative and the ability to produce quality work without close supervision
- Attention to detail and genuine passion for maintaining high quality software configuration
- Broad cyber security awareness and practical experience
- Non-police personnel vetting and Security Check (SC Clearance) will be required as part of the role and must be maintained during tenure. Will be required to sign Official Secrets Act
- Will require a full, valid driving license and use of a vehicle to undertake business travel where appropriate. This must be maintained in a roadworthy condition and insured for business purposes. Mileage rates in accordance with HMRC will be reimbursed

**Desirable**
- Microsoft Azure / Sentinel experience and certification
- Experience with configuring and supporting vulnerability management software
- ISTM tool integration experience
- Previous public sector experience
- Experience with Microsoft Power Apps / Power Automate and Azure Logic Apps
- Experience working with code repositories and CI/CD

**Why Join us?**
- Balance is important and we want you to take time off to recharge - so we offer 28 days’ annual leave plus bank holidays, rising to 30 days after 5 years of service
- We care about your well-being - we have an employee assistance programme that offers not just welfare benefits and counselling at the end of a telephone line but also discounts
- We want to help you plan for the future - so we offer an excellent pension scheme and life assurance cover
- We want you to be able to put your mind at rest regarding your health - offering remote GP, mental health and physiotherapy appointments via video consultation

You can find out more here:
Benefits - Police Digital Service (pds.police.uk)

**Working Arrangements**

This is a hybrid role, working from the NMC in Skelmersdale 3 days a week.