Cyber Security Engineer (SoC)

at  Methods Business and Digital Technology

Methods Business and Digital Technology Limited
Methods is a £100M+ IT Services Consultancy who has partnered with a range of central government departments and agencies to transform the way the public sector operates in the UK. Established over 30 years ago and UK-based, we apply our skills in transformation, delivery, and collaboration from across the Methods Group, to create end-to-end business and technical solutions that are people-centred, safe, and designed for the future.
Our human touch sets us apart from other consultancies, system integrators and software houses - with people, technology, and data at the heart of who we are, we believe in creating value and sustainability through everything we do for our clients, staff, communities, and the planet.
We support our clients in the success of their projects while working collaboratively to share skill sets and solve problems. At Methods we have fun while working hard; we are not afraid of making mistakes and learning from them.
Predominantly focused on the public-sector, Methods is now building a significant private sector client portfolio.
Methods was acquired by the Alten Group in early 2022.

REQUIREMENTS:

• SIEM Management: Utilize your expertise in Security Information and Event Management (SIEM) systems, especially Elastic, to configure, monitor, and manage security alerts and incidents. Leverage Elastic’s capabilities to analyze and correlate security data for rapid threat detection and response.
• Elastic Stack Proficiency: Demonstrate deep knowledge and hands-on experience with the Elastic Stack (Elasticsearch, Logstash, Kibana) for security data analysis and threat intelligence.
• KQL Query Development: Create advanced Kusto Query Language (KQL) queries to proactively identify potential security threats within Azure environments. Harness the power of data analytics to enhance our security posture and provide real-time threat intelligence.
• Networking Security: Implement and maintain network security controls and protocols to protect against unauthorized access, data breaches, and network anomalies. Collaborate with network teams to ensure the security of critical infrastructure.
• Syslog Management: Configure and maintain syslog servers to collect and analyze logs from various systems and devices. Identify and investigate security incidents leveraging syslog data to enhance threat detection and incident response capabilities.
• Azure Security Expertise: Work closely with Azure security tools and services to enhance cloud security, including Identity and Access Management (IAM), Network Security Groups (NSG), and Azure Firewall. Continuously improve security policies and practices in line with Azure best practices

QUALIFICATIONS:

• Expert knowledge of Azure & Sentinel
• Proven experience as a Cyber Analyst with a focus on Security Operations.
• Strong expertise in using Elastic Stack, including Elasticsearch, Logstash, and Kibana.
• Familiarity with other SIEM tools and security technologies.
• Knowledge of cybersecurity best practices, threat intelligence, and incident response.
• Excellent analytical and problem-solving skills.
• Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or Elastic Certified Engineer (ECE) are a plus.
  This role will require you to have or be willing to go through Security Clearance. As part of the onboarding process candidates will be asked to complete a Baseline Personnel Security Standard; details of the evidence required to apply may be found on the government website Gov.UK. If you are unable to meet this and any associated criteria, then your employment may be delayed, or rejected . Details of this will be discussed with you at interview.

Please refer the Job description for details