We are looking for an experienced SIEM Administrator to join our client. The role of the SIEM Administrator will be to work closely with the security team to develop and deliver solutions to gain visibility of security events within their environment. Build new or develop existing event correlation, reporting and remediation capabilities based on advanced monitoring use cases, external threat intelligence, and known traffic patterns. Regularly review Audit Logs to recognise both normal and abnormal activity. This a global business with over 6000 staff working in 100+ countries.
Skills and Experience required include;
Experience and good understanding of Microsoft technologies including: Azure Active Directory, Windows Server, and M365
An in depth knowledge of the Microsoft Sentinel SIEM solution and configuration best practice and use
Use of advanced security assessment tools
Basic understanding of firewall and intrusion detection system administration
Basic understanding of TCP/IP
SIEM administration, log investigation, analysis and reporting
Required Knowledge, Skills, and Abilities
• Experience and good understanding of Microsoft technologies including: Azure Active Directory, Windows Server, and M365 • An in depth knowledge of the Microsoft Sentinel SIEM solution and configuration best practice and use • Use of advanced security assessment tools • Basic understanding of firewall and intrusion detection system administration • Basic understanding of TCP/IP • SIEM administration, log investigation, analysis and reporting