SIEM Content Development Specialist

2 months ago


Brentford, Greater London, United Kingdom Vodafone Full time

Job Summary

Vodafone is seeking a highly skilled Cyber Security Analyst to join our team as a SIEM Content Developer. As a key member of our Cyber Security Operations team, you will be responsible for developing and refining rules and logic within our SIEM/EDR/ELK infrastructure to improve Cyber Security Operations efficiency and effectiveness.

Key Responsibilities

  • Content Development
    • Develop SIEM/EDR/ELK content to address attack vectors using current industry best practices
    • Analyse threats/adversaries/attack tools to develop indicator/behavioural based detections that alert and/or prevent malicious activity
    • Evaluate and make use of multiple data sources to build content across multiple SIEM/EDR/ELK platforms
    • Utilise SIEM/EDR/ELK to facilitate metrics collection, analysis and reporting
    • Create and maintain analytics documentation
  • Security Analysis
    • Take part in and may drive security event analysis activities to address current Cyber threats
  • Threat Response
    • May require engagement and possibly driving the analysis from blue team perspective to identify possible threat group activity
  • Security Reporting and Advisories
    • Take part in and may drive the delivery of cyber security reports and advisories to all key stakeholders
  • Residual Risk Assessment
    • Take part in and may drive the delivery of 'operational and technical' lessons learnt post incident analysis and reporting

Requirements

  • Minimum of 1-3 years' experience in SIEM content (rule logic and code) development role
  • Minimum of 1 years of SOC analyst experience (Level2 or above) required
  • 5 years IT experience
  • In depth and extensive hands-on experience in security event analysis, create and refine SIEM/EDR rules and deliver efficiency within the SIEM and all other technologies used within the team
  • Deep knowledge of IPv4/IPv6, TCP networking protocols
  • Deep knowledge of Windows/Linux operating systems
  • Good working knowledge of security technologies such as SIEM (ArcSight, Sentinel, QRadar, LogRhythm, Splunk), EDR (Microsoft Defender, FireEye, Tanium), IDS/IPS, firewalls, proxies, web application firewalls, anti-virus, etc.
  • Understanding of Window Security Event logs and Syslog
  • Excellent familiarity with endpoint/perimeter security attack vectors and detection (blue/purple teaming)
  • Familiarity with standard security frameworks such as MITRE, cyber kill chain and APT campaign strategies
  • Good knowledge of cloud platforms such as Azure, O365, Google cloud, AWS, Oracle
  • Good working knowledge of regular expression development
  • Scripting and programming experience is highly desirable
  • Kusto or SQL knowledge, including rule/query optimisation
  • Proven ability to prioritise workload, meet deadlines and utilise time effectively
  • Good interpersonal and communication skills, works effectively as a team player and the ability to communicate technical information to a non-technical audience

Must have technical / professional qualifications:

  • Bachelor's degree or higher in Cyber Security/Information Technology or related field
  • One or more cyber security certifications such as GCIA, GCIH, GCFA, GNFA, CEH, ECSA preferred


  • Brentford, Greater London, United Kingdom Vodafone Full time

    Job Title: SIEM Content Development SpecialistJoin Vodafone as a SIEM Content Development Specialist and contribute to the development of rules and logic within the Vodafone SIEM/EDR/ELK infrastructure to improve Cyber Security Operations efficiency and effectiveness.Key Responsibilities:Develop SIEM/EDR/ELK content to address attack vectors using current...


  • Brentford, Greater London, United Kingdom Vodafone Full time

    Job Title: SIEM Content Development SpecialistJoin Vodafone as a SIEM Content Development Specialist and contribute to the development of rules and logic within the Vodafone SIEM/EDR/ELK infrastructure to improve Cyber Security Operations efficiency and effectiveness.Key Responsibilities:Develop SIEM/EDR/ELK content to address attack vectors using current...


  • Brentford, Greater London, United Kingdom Vodafone Full time

    Job Title: SIEM Content Development SpecialistJoin Vodafone's Cyber Security Operations team as a SIEM Content Development Specialist and play a key role in driving the creation and refinement of rules and logic within our SIEM/EDR/ELK infrastructure.Key Responsibilities:Develop SIEM/EDR/ELK content to address attack vectors using current industry best...


  • Brentford, Greater London, United Kingdom Vodafone Full time

    Job Title: SIEM Content Development SpecialistJoin Vodafone's Cyber Security Operations team as a SIEM Content Development Specialist and play a key role in driving the creation and refinement of rules and logic within our SIEM/EDR/ELK infrastructure.Key Responsibilities:Develop SIEM/EDR/ELK content to address attack vectors using current industry best...


  • Brentford, Greater London, United Kingdom Vodafone Full time

    Job Title: SIEM Content Development SpecialistJoin Vodafone's Cyber Security team as a SIEM Content Development Specialist and play a key role in driving the creation and refinement of rules and logic within our SIEM/EDR/ELK infrastructure.Key Responsibilities:Develop SIEM/EDR/ELK content to address attack vectors using current industry best practicesAnalyse...


  • Brentford, Greater London, United Kingdom Vodafone Full time

    Job Title: SIEM Content Development SpecialistJoin Vodafone's Cyber Security team as a SIEM Content Development Specialist and play a key role in driving the creation and refinement of rules and logic within our SIEM/EDR/ELK infrastructure.Key Responsibilities:Develop SIEM/EDR/ELK content to address attack vectors using current industry best practicesAnalyse...


  • Brentford, Greater London, United Kingdom Vodafone Full time

    Job Title: SIEM Content Development SpecialistJoin Vodafone's Cyber Security team as a SIEM Content Development Specialist and play a key role in driving the creation and refinement of rules and logic within the Vodafone SIEM/EDR/ELK infrastructure to improve Cyber Security Operations efficiency and effectiveness.Key Responsibilities:Develop SIEM/EDR/ELK...


  • Brentford, Greater London, United Kingdom Vodafone Full time

    Job Title: SIEM Content Development SpecialistJoin Vodafone's Cyber Security team as a SIEM Content Development Specialist and play a key role in driving the creation and refinement of rules and logic within the Vodafone SIEM/EDR/ELK infrastructure to improve Cyber Security Operations efficiency and effectiveness.Key Responsibilities:Develop SIEM/EDR/ELK...


  • Brentford, Greater London, United Kingdom Vodafone Full time

    Job Title: SIEM Content Development SpecialistJoin Vodafone's Cyber Security team as a SIEM Content Development Specialist and play a key role in driving the creation and refinement of rules and logic within the Vodafone SIEM/EDR/ELK infrastructure to improve Cyber Security Operations efficiency and effectiveness.Key Responsibilities:Develop SIEM/EDR/ELK...


  • Brentford, Greater London, United Kingdom Vodafone Full time

    Job Title: SIEM Content Development SpecialistJoin Vodafone's Cyber Security team as a SIEM Content Development Specialist and play a key role in driving the creation and refinement of rules and logic within the Vodafone SIEM/EDR/ELK infrastructure to improve Cyber Security Operations efficiency and effectiveness.Key Responsibilities:Develop SIEM/EDR/ELK...


  • Brentford, Greater London, United Kingdom Vodafone Full time

    Job Title: SIEM Content Development SpecialistJoin Vodafone as a SIEM Content Development Specialist and contribute to the development of rules and logic within the Vodafone SIEM/EDR/ELK infrastructure to improve Cyber Security Operations efficiency and effectiveness.Key Responsibilities:Develop SIEM/EDR/ELK content to address attack vectors using current...


  • Brentford, Greater London, United Kingdom Vodafone Full time

    Job Title: SIEM Content Development SpecialistJoin Vodafone's Cyber Security team as a SIEM Content Development Specialist and play a key role in driving the creation and refinement of rules and logic within our SIEM/EDR/ELK infrastructure.Key Responsibilities:Develop SIEM/EDR/ELK content to address attack vectors using current industry best practicesAnalyse...


  • Brentford, Greater London, United Kingdom Vodafone Full time

    Job Title: SIEM Content Development SpecialistJoin Vodafone's Cyber Security team as a SIEM Content Development Specialist and play a key role in driving the creation and refinement of rules and logic within our SIEM/EDR/ELK infrastructure.Key Responsibilities:Develop SIEM/EDR/ELK content to address attack vectors using current industry best practicesAnalyse...

  • SIEM Content Developer

    2 months ago


    Brentford, Greater London, United Kingdom Vodafone Full time

    About the Role As a SIEM Content Development Specialist, you will play a vital role in enhancing Vodafone's cybersecurity posture by developing and refining rules within our sophisticated SIEM/EDR/ELK infrastructure. Your expertise will directly contribute to improving the efficiency and effectiveness of our Cyber Security Operations team. What You'll...

  • SIEM Content Developer

    2 months ago


    Brentford, Greater London, United Kingdom Vodafone Full time

    About the Role As a SIEM Content Development Specialist, you will play a vital role in enhancing Vodafone's cybersecurity posture by developing and refining rules within our sophisticated SIEM/EDR/ELK infrastructure. Your expertise will directly contribute to improving the efficiency and effectiveness of our Cyber Security Operations team. What You'll...


  • Brentford, Greater London, United Kingdom Vodafone Full time

    Role OverviewVodafone is seeking a highly skilled Cyber Security Operations Expert to join our team. As a SIEM Content Development Specialist, you will play a critical role in driving the creation and refinement of rules and logic within our SIEM/EDR/ELK infrastructure to improve Cyber Security Operations efficiency and effectiveness.Key...


  • Brentford, Greater London, United Kingdom Vodafone Full time

    Job Title: Telco SIEM Content Development SpecialistRole Purpose:We are seeking a skilled Telecoms SIEM Content Developer to join our team and play a pivotal role in enhancing the security of our telecoms infrastructure. This role involves creating, managing, and maintaining SIEM content specific to telecoms devices and networks to detect and respond to...


  • Brentford, Greater London, United Kingdom Vodafone Full time

    Job Title: Telco SIEM Content Development SpecialistRole Purpose:We are seeking a skilled Telecoms SIEM Content Developer to join our team and play a pivotal role in enhancing the security of our telecoms infrastructure. This role involves creating, managing, and maintaining SIEM content specific to telecoms devices and networks to detect and respond to...


  • Brentford, Greater London, United Kingdom Vodafone Full time

    Job Purpose:We are seeking a skilled Telecoms SIEM Content Developer to join our team and play a pivotal role in enhancing the security of our telecoms infrastructure. This role involves creating, managing, and maintaining SIEM content specific to telecoms devices and networks to detect and respond to security threats effectively.Key Responsibilities:Create,...


  • Brentford, Greater London, United Kingdom Vodafone Full time

    Job SummaryVodafone is seeking a highly skilled Cyber Security Operations Specialist to join our team. As a SIEM Content Development Specialist, you will play a critical role in driving the creation and refinement of rules and logic within our SIEM/EDR/ELK infrastructure to improve Cyber Security Operations efficiency and effectiveness.Key...