SIEM & Security Engineer

Grant Thornton UK LLP is part of a global network of independent audit, tax and advisory firms, made up of some 73,000 people in over 150 countries. We're a team of independent thinkers who put quality, inclusion and integrity first. All around the world we bring a different experience to our clients. A better experience. One that delivers the expertise they need in a way that goes beyond. Personal, proactive, and agile. That's Grant Thornton.

NEW GROUND WON’T BREAK ITSELF.

Every day our teams help people in businesses and communities to do what is right and achieve their goals.

The Grant Thornton Cyber Defence Centre are an established MSSP at the forefront of Cyber solutions, working with industry leading technologies. We offer a path for progression and invest in our workforce. Initiative is encouraged and support is always available across the team and wider group. We work collaboratively and cross functionally, boasting a healthy ethos.

We’re happy to talk flexible working and consider reduced hours and job shares, we’ll support you to balance your work and life. Although this role is designated as a home worker, if your located close to a Grant Thornton office and wish to work there during Monday – Friday between normal office working hours, arrangements could be made to accommodate this.

A look into the role

This is an exciting role for an individual who is fanatic about cyber security and loves to get things working. You will work with a cutting-edge NG-SIEM technology and the entire platform portfolio within CrowdStrike. As a SIEM and Security Engineer within our Cyber Defence Centre practice, you will:

• Work with multiple security teams to understand existing processes and procedure to then develop enhancements.
• Development of Security use cases with alignment to MITRE Att&ck.
• Support the SOC team both during investigations, development and tuning.
• Testing use cases in attack emulation with dev/test environments
• Assist in the Development CI/CD for releasing security content.
• Enhance security offerings to benefit the customer, by adopting a threat centric approach specific to customer profiles.
• To contribute towards information security guidance documentation and training
• Approach tasks with flexibility, proactivity and complete work to a high quality
• Confidentiality of information; it will be necessary to comply with requirements related to Data Protection
• Develop and follow a DevOps lifecycle, standardising a route to live or all Security engineering development. 
• Use case and analytic lifecycle management including tuning and driving automation (SOAR)
• Leading / supporting the project lifecycle of SOC technology, from identifying relevant new tech, thru to training and successful implementation.
• Assisting the SOC Operations lead with the delivery of a Managed Detection and Response service to our customers through supporting the operation of the SOC.
• Working with the Cyber Defence team to identify any enhancement and integration opportunities.
• Assist the SOAR team with integration, automations and development.
• Get involved during escalation of security incidents working across multiple teams.

Knowing you’re right for us

Joining us as a SIEM and Security Engineer, the minimum criteria you’ll need is a 2.1 Degree in STEM or Cyber, CompTIA Network + / Security +, other relevant IT certifications, a strong IT background, knowledge in Systems Administration (Windows, Linux, networking) and general infrastructure knowledge. It would be great if you had some of the following skills, but don’t worry if you don’t tick every box, we’ll help you develop along the way.

• Analytical and problem-solving skills to identify and assess risks, threats, patterns and trends
• Teamworking skills in order to collaborate with team members and clients
• Written communication skills, for example to write technical reports
• Time-management and organisational skills to manage a variety of tasks and meet deadlines
• The ability to multi-task and prioritise your workload
• An ability to work under pressure, particularly when dealing with threats and at times of high demand.
• Demonstrable experience of the main responsibilities. Experience of incident handling and investigation.
• Previous Security engineer or similar experience, ideally managing complex asks or requirements to solve security issues.
• SIEM Use Case development.
• Good understanding of the MITRE Att&ck Framework.
• Scripting development (Python/PowerShell)
• SIEM and SOAR configuration and development.
• Analytic and Playbook/documentation and development.
• Incident and Case Management process understanding.
• Experience of using EDR tooling.
• Knowledge of cyber security standards such as ISO27001, NIST, CIS Top 20
• Strong code development background with DevOps practises (CI/CD)
• Red Team/Purple Teaming skills

Knowing we’re right for you

Embracing uniqueness, the culture at Grant Thornton thrives on the contributions of all our people, we never settle for what is easy, we look beyond to deliver the right thing, for everyone.  Building an inclusive culture, where we value difference and respect our colleagues helps our people to perform at the best of their ability and realise their potential.

Our open and accessible culture means you’ll interact with leaders who are interested in you and everything you bring to our firm. The things that set you apart, we value them. That’s why we give you the freedom to bring your whole self to work and pursue your passions inside and outside of work.

Beyond the job 

Life is more than work. The things you do, and the people you’re with outside of work matter, that’s why we’re happy to look at flexible working options for all our roles, and we’ll always do our best to keep your work and life in balance.

The impact you can make here will go far beyond your day job. From secondments, to fundraising for local charities, or investing in entrepreneurs in the developing world, you’ll be giving back to society. It’s that drive to do the right thing that runs through our every move, grounded in our firm’s values – purposefully driven, actively curious and candid but kind.

We’re looking for people who want to contribute, spark fresh ideas and go beyond expectations. People who want to be able to proudly do what’s right, for the firm, our clients, our people and themselves. It’s how it should be.

#LI-ME1