SIEM Engineer

Siem Engineer 208296

The Cyber Delivery Team is part of the Managed Services function within the Cloud Infrastructure Services (CIS) UK business line. You will interact with a global team of security experts, including Architects, Engineers, Analysts, and Compliance Managers. We encourage engagement across different areas of the business and local communities.

We are seeking a skilled SIEM Engineer with expertise in ElasticSIEM to join our cybersecurity team. The candidate will design, implement, and maintain ElasticSIEM infrastructure to ensure effective security monitoring and incident response.

Embedded with an existing Customer SOC, you will provide engineering support for ElasticSIEM, working alongside Capgemini SOC analysts and the customer SOC team.

This role requires onsite presence 2 days per week in Warwick.

Pre-employment checks include identity verification, nationality or immigration status, employment history for the past 3 years, and a criminal record check (Disclosure and Barring Service).

1. Design and Implementation: Install and maintain ElasticSIEM architecture for performance and scalability.
2. Monitoring and Analysis: Create dashboards and visualizations using Elastic Stack for real-time security event analysis.
3. Data Integration: Integrate data sources into Elasticsearch, ensuring data quality through ETL processes.
4. Incident Response: Investigate and respond to security incidents using ElasticSIEM capabilities.
5. Performance Optimization: Monitor and optimize Elastic Stack clusters for high availability.
6. Security Best Practices: Implement access controls, encryption, and compliance with standards.
7. Documentation: Maintain SOPs and technical reports.

We promote an inclusive environment where everyone can bring their whole self to work. Building a diverse and welcoming environment is part of our daily life at Capgemini.

• Proficiency in Elastic Stack (Elasticsearch, Logstash, Kibana, Beats)
• Strong understanding of cybersecurity principles
• Experience with scripting and automation (Python, Shell)
• Problem-solving, analytical skills, and teamwork abilities
• Experience with other SIEM platforms like Sentinel is a plus
• Knowledge of compliance standards (GDPR, HIPAA)

To be appointed, you must obtain Security Check (SC) clearance, which requires residing in the UK for the last 5 years and meeting other criteria. You may be asked about your nationality and residence during recruitment. Some positions are restricted to UK nationals for security reasons.

Join an accredited Great Place to Work for Wellbeing in 2024. We prioritize employee wellbeing with trained Mental Health Champions and wellbeing apps. Bring your unique skills, inspire your team, and be part of creating a sustainable, inclusive future, impacting UK organizations through technology.

Join us to help clients grow sustainably and inclusively. Work with industry experts, learn continuously, and develop your skills. Use your expertise to help clients innovate and transform their businesses, making a positive impact in the world.

Capgemini is a global leader in business and technology transformation, with over 340,000 employees in more than 50 countries. With a heritage of 55+ years, we help organizations accelerate their digital and sustainable transition, leveraging AI, cloud, data, and industry expertise. In 2024, our global revenue was €22.1 billion.

Learn more at www.capgemini.com