Principal Security Consultant - SIEM

Role

• Lead the design, deployment and tuning of enterprise-grade SIEM platforms (e.g. Splunk, Azure Sentinel etc.)
• Collaborate with stakeholders to define logging requirements, use cases, detection rules and dashboards
• Oversee integration of data sources from cloud, on-prem, endpoint, network and application layers
• Create and maintain detection rules, correlation logic and alerts tailored to specific threat scenarios
• Provide technical leadership and mentorship to team members
• Work closely with SOC teams to align SIEM capabilities with business objectives
• Conduct SIEM health checks, performance tuning and capacity planning

Skills

• Expertise in SIEM design, deployment and optimisation
• Hands-on expertise with one or more major SIEM platforms (e.g. Splunk, Sentinel etc.)
• Deep understanding of log ingestion, parsing, normalisation and enrichment
• Strong grasp of MITRE ATT&CK framework, threat detection and alert logic
• Solid scripting/automation skills (e.g., Python, PowerShell, Bash)
• Experience with cloud logging and monitoring (AWS CloudTrail, Azure Monitor, GCP etc.)
• Experience with threat modelling, cloud security or Identity and Access Management is desirable