SIEM & SOAR Detection Engineer
Bridewell is a fast-growing cyber security company that is currently looking for a Security content development engineer (SIEM/SOAR) within our Security Operations Centre to join the team. Bridewell have a strong track record of delivering leading security operations services with excellent customer service. Bridewell have an exciting and varied portfolio of clients across Critical National Infrastructure, Financial Services, Manufacturing, Oil & Gas, Government, Aviation and more. We assist our clients by providing a full range of security services across Cyber Security, Managed Security Services, Penetration Testing and Data Privacy
Our vision is to be a globally recognised cyber services company, that clients want to work with, and people want to work for.
Due to the continued growth of Bridewell and the demand for our SOC services, we are looking for a highly experienced Content Development Engineer to help mature our content delivery methodology, improve customer threat detection and to drive automation.
This role will look to see the successful candidate manage the technical delivery of new Content within our SIEM and SOAR products to drive detection engineering, rapid incident response and automation of Bridewell and Client Security Products. You’ll be working alongside a pre-established team to help mature the function and streamline the SOC capabilities offered out to our customers.
This role is unique in its function and is designed to highly integrated with all other Bridewell SOC functions to promote cross team collaboration, thought leadership and continue to demonstrate expertise to our clients.
- Design and create complex threat hunts tailored to environmental and technology based threats.
- Create new detections based on customers threat landscape, technology stack and threat intelligence.
- Drive high quality automation focused on decreasing incident dwell time.
- Design and drive content development strategies and internal projects focused on innovating the service offering.
- Provide technical oversight of Content Quality Assurance, signing off and peer reviewing other content developers work.
- Must have at least 5 Years working with Cyber Security.
- Must have one of the following active certifications: SANS GIAC, GCIA, GCIH, GRID.
- Must have demonstrable experience with customer and stakeholder management.
- Must have demonstrable experience working in a DevOps Environment .
- Strong experience within Microsoft Security stack.
- Have a working experience of Python, YAML and JSON .
- Azure Devops Experience as a Developer.
- Understanding of Atomic Threat Coverage and the RE&CT Framework.
Bridewell will provide a great career opportunity with continual development as well as the following;
- Competitive Salary
- 25 days holiday
- Flexible Working (around core office hours)
- Company Pension
- Employee Shareholder Scheme
- Dedicated training budget
- Home Office equipment (for remote working employees)
- Cycle to Work Scheme
- Private Healthcare (incl. Gym discounts)
- Vision Care
- Birthday off (After 1 year)