SIEM Solutions Architect

As a SIEM Solutions Architect you will work with our Cyber Defence, IT professionals and 3rd Party Suppliers to augment and improve our security monitoring and threat hunting capabilities to improve our agility and responsiveness in incident management., Flexible working means you can work from home (if you wish) and we'll provide a suite of IT equipment to ensure that you can work remotely comfortably and effectively. Location for this role is flexible with travel as and when required to meet business stakeholders or colleagues at our office in Hove. At EDF, everyone's welcome. We strive to create an inclusive and diverse environment where everyone has a voice and where you feel confident being yourself. We're committed to equality, diversity and inclusion. We'd like our future workforce to have an equal gender balance, represent a broad mix of people from minority ethnic backgrounds, LGBTQ+, those with a disability and supporting social mobility. We're a disability confident employer and we'll do all we can to help with your application, making adjustments as you need. We'll value the difference you bring and offer opportunities for you to thrive and succeed. What you'll be doing You will be in a high performing and engaging team focused on maintaining Cyber Security and Resilience in the Customers business and will report to the Head of Cyber Defence and Customers Business Information Security Officer. The SIEM Solutions Architect will:

• Define the cloud security monitoring framework and architecture, ensuring it meets the business goals on security and resilience to optimal effect.
• Deliver log collection across hybrid estate including firewalls, IDS, endpoints, servers, applications, IaaS, PaaS and SaaS.
• Collaborate, to develop, implement and test SIEM rules and alerting
• Document and implement cloud security monitoring and transition to managed security monitoring operations/SOC.
Who you are It's not just the technical competencies that are important to be successful in this role, the way you carry it out and the behaviours you demonstrate are equally important. This includes


• Passionate about Cyber Defence and motivated to deliver innovative solutions and share expertise to identify anomalous behaviour, deliver timely incident response and threat hunting solutions.
• At least 6 years' experience of working SIEM engineering with SOC services.
• Proven expertise on different log sources, API integration and building custom SIEM parsers.
• Hands on experience in deployment of SIEM tools to monitor SaaS, IaaS and PaaS assets.
• Competent in designing, administering, troubleshooting. optimising SIEM and other monitoring platforms tools i.e Microsoft Sentinel, AWS GuardDuty, AWS CloudTrail.
• Experience of security governance of a large organisation and control implementation of security and regulatory frameworks i.e. ISO27001, Network and Information Systems Regulation, PCI-DSS, Cyber Essentials, Smart Energy Code or Retail Energy Code.
• Excellent stakeholder management and communication skills.
• Holder of a professional qualification CCSP, CISSP, Microsoft Certified Azure Engineer, AWS Certified Security Specialty (SCS-C02).
• The ability to obtain SC clearance is required for this role.
  
  Alongside a salary of circa £75,000 (depending on experience), potential to earn 5% bonus, 28 days holiday plus bank holidays and a market-leading pension scheme, we offer a range of flexible benefits to support our people across all aspects of their lives.
Your rewards package includes a choice of benefits, such as electric vehicle leasing, enhanced parental leave, health insurance, discounts and employee pricing.