Enable job alerts via email!
Sentinel SecOps Engineer – Sentinel, KQL, EDR, SOC Tooling
InfraView Ltd
London
Hybrid
GBP 125,000 - 150,000
Full time
Job summary
A leading Microsoft Security Solution Provider is looking for a Sentinel SecOps Engineer in London to support their financial services client. This hybrid role requires exceptional KQL skills and experience with SOC tooling. You will be responsible for building analytical rules and improving the SIEM infrastructure.
Qualifications
- Strong working knowledge of KQL is essential.
- Experience in a managed security provider or MSSP environment.
- Exposure to financial services is beneficial.
Responsibilities
- Build and support analytical rules within log sources.
- Collaborate with the team on incident response phases.
- Handle various SOC tooling related tasks.
Skills
Tools
Job description
Jobs Search
Type All
Job Area All
London - Hybrid (3 days in the office)
£450 - £500 p/day Outside IR35
Sentinel SecOps Engineer – Sentinel, KQL, EDR, SOC Tooling – London (3 days onsite) - £450 - £500 p/day Outside IR35
I am working with an exceptional Microsoft Security Solution Provider, and they have an urgent requirement for a Sentinel SecOps Engineer to join their onsite team at one of their longest standing Financial Services clients in the Bank area of London.
They have recently rolled out Sentinel as the SIEM including for Endpoint and they currently have many log sources going into it – Forcepoint, Citrix and Fortinet being some of them. You will need to build all the analytical rules within the log sources and help to support the entire estate.
It is essential that you have exceptional KQL skills, not just be able to follow code, but create it from scratch and spot errors and changes in code as and when you review it. They need someone who is hungry to find the next issue and solve it or create something new to improve. Any EDR experience would be beneficial, preferably Windows-based.
You will be expected on site 3 days a week; working hours are 9-5.30/6, with the remainder of the week working from home. This arrangement may reduce to 2 days later in the contract, but this is not guaranteed.
Required:
- Exposure working with a previous managed security provider or within an MSSP environment
- Strong working knowledge of KQL (essential)
- Experience using SOC tooling (SIEM and EDR solutions) (essential)
- Previous experience working within financial services
- Experience using ITSM tools
- Knowledge of the phases in incident response and Cyber Kill Chain
- Good blue/purple/red team experience
Please hit the button to Apply and/or call Will Martin at 020 3950 9977 at InfraView for further info.
If this role is not for you, please register with us, letting us know your preferences, and we will be in touch when the right role becomes available.
Sentinel SecOps Engineer – Sentinel, KQL, EDR, SOC Tooling – London (3 days onsite) - £450 - £500 p/day Outside IR35
The Cloud & IT Infrastructure space is constantly shifting. Get the latest job opportunities from top IT Solutions Providers delivered to your inbox by registering with InfraView.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
Follow us
