SOC SME (Security Operations Centre Expert)
8708
Posted: 07/10/2025
- Per Day Competitive
- United Kingdom
- Software & Infrastructure
- Contract
- SOC SME
- 6 Month Contract - Umbrella/PAYE
- 3 Days onsite Coventry, 2 days remote
- Role: 10+ years of experience in Cyber security Designing & implementation on Network Security, SIEM, SOAR & Threat Intelligence.
- Key Responsibilities:
- Build custom workbooks and dashboards to visualize OT security posture, threat trends, and SOC performance metrics.
- Execution of the use cases on SIEM, SOAR & Threat Intelligence
- Threat Intelligence Integration Integrate threat intelligence feeds into Sentinel to enhance detection capabilities and contextualize alerts within the OT landscape. Incident Response Automation Design and implement playbooks using Logic Apps to automate incident response workflows for common OT security events.
- Custom Analytics & Detection Rules Develop, and fine-tune KQL-based analytics rules tailored to OT threat scenarios, ensuring high-fidelity alerts and minimal false positives.
- Log Source Integration Configure and onboard diverse log sources including Nozomi Networks, firewalls, EDR (e.g., Defender for Endpoint), VMDR (e.g., Qualys), and other OT/IT systems into Sentinel.
- Lead Sentinel Deployment for OT SOC Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response.
Greg Horne
Director, IT Recruitment