Key Accountabilities:

· Build and deploy innovative technical solutions to advance the security capability of the Cyber Security Operations function.
· Manage and oversee the configuration of various security tools to enable key stakeholders, such as CSOC and Threat Hunting and Detection Engineering (THaDE).
· Collaborate with application administrators across the business to onboard data sources into the SIEM data lake.
· Optimise forensic telemetry collection mechanisms to ensure accurate and efficient parsing and ingestion to the SIEM.
· Build resilient forensic telemetry collection technologies to support 24/7/365 monitoring of NESO and its control systems by CSO.
· Spearhead process improvement and curate, update and develop an internal cyber engineering knowledgebase - bonus if already skilled in Mermaid or Markdown.

About you:

We're forging the path, and we know we can't do it alone. That's why we need visionary minds like yours to join us on this transformative journey. In this case, we're looking for someone who:

o Is passionate about security and building secure infrastructure and secure foundations.
o Is curious. We often deal with bespoke or less common data sources at NESO, and a willingness and enthusiasm to take on the challenge of making sense of these data sources is a must.
o Has strong analytical and problem-solving skills and ability to handle complex and dynamic situations.
o Has a keen awareness of current and emerging cyber threats, trends, and best practices.
o Has proven experience working with SIEM platforms and related tooling. o Has a strong understanding of SIEM concepts and best practices. o Is familiar with SIEM telemetry onboarding processes and techniques.
o Is knowledgeable about various data source formats and protocols (e.g., syslog, JSON, REST API).
o Has experience in troubleshooting and resolving data quality or ingestion issues.
o Has previously worked closely with security tooling such as EDR, Deception Tech, Malware Sandboxes, Vulnerability Management Tooling, etc.
o Is familiar with security incident response and investigation processes.
o Has excellent problem-solving and analytical skills.
o Has strong communication and collaboration abilities.
o May have relevant certifications (e.g. GIAC), but this is not required.


LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds.

Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.