At a Glance
- Tasks: Design and implement security monitoring for a cutting-edge Google Distributed Cloud platform.
- Company: Join a dynamic consultancy focused on secure digital platforms for critical national infrastructure.
- Benefits: Competitive pay rate of £500 per day, hybrid work model, and impactful projects.
- Other info: Work in a mission-critical environment with opportunities for professional growth.
- Why this job: Shape security architecture and protect vital public-sector services from day one.
- Qualifications: Experience in SIEM solutions, cloud environments, and strong communication skills required.
The predicted salary is between 130000 - 130000 € per year.
Hybrid – London – 3 days per week on site in Central London
Contract | Outside IR35
SC Clearance Required / DV Eligible
UK Citizenship Required
Pay rate: £500 per day
6 Months
Joining a small but busy consultancy who are engaged on a key Government Secure programme, designing and delivering secure-by-default digital platforms for a high-assurance environment on critical national infrastructure. They are currently building a new secure cloud platform based on Google Distributed Cloud (GDC) and are looking for an experienced Security Engineer (SIEM) to lead the design and implementation of its security monitoring and observability capabilities.
This is an opportunity to build a SIEM capability from the ground up, influence security architecture decisions, and directly support SOC operations protecting critical public-sector services.
The Opportunity
As a Security Engineer (SIEM), you will take ownership of the security monitoring and observability stack across a highly secure GDC environment. You will design and implement SIEM integrations, onboard and normalise telemetry sources, develop detection capabilities, and help shape the overall monitoring strategy for the platform. Working closely with security architects, cloud engineers, SOC teams and external partners, you will help deliver actionable security insight across cloud, Kubernetes, and hybrid infrastructure environments.
What You’ll Be Doing
- SIEM Architecture & Design
- Design end-to-end SIEM architecture for a secure Google Distributed Cloud (GDC) platform
- Define logging, telemetry and event collection standards across infrastructure, Kubernetes, and application layers
- Determine data routing and monitoring strategies between local and on-prem SIEM environments
- SIEM Implementation & Integration
- Deploy and configure Elastic SIEM within Kubernetes-based environments
- Implement secure log forwarding across encrypted and network-restricted environments
- Integrate cloud audit logs, workload telemetry, Kubernetes logs, and security tooling into Elastic and existing SOC tooling
- Detection Engineering & SOC Enablement
- Develop detections-as-code capabilities using CI/CD and version-controlled pipelines
- Create and tune alerts, dashboards, and detection rules for SOC operations
- Align detection logic with threat intelligence and operational playbooks
- Observability & Operational Support
- Support platform monitoring, troubleshooting, and security visibility across complex environments
- Enable platform and application teams with secure self-service diagnostics capabilities
- Documentation & Compliance
- Produce operational guidance, integration documentation, and SOC runbooks
- Support assurance activities and ensure alignment with UK Government security requirements
What We’re Looking For
Essential Skills & Experience
- Strong experience as a Security Engineer, SIEM Engineer or Detection Engineer
- Hands-on experience designing and operating SIEM solutions in cloud or hybrid environments
- Strong knowledge of Elastic SIEM / Elastic Stack, including:
- Ingest pipelines
- Detection rules and alerting
- Dashboards and visualisations
- Experience working within Kubernetes environments
- Understanding of secure log forwarding, encrypted telemetry, and restricted network architectures
- Experience collaborating with SOC teams and translating security requirements into technical implementations
Cloud & Platform Knowledge
- Experience with Google Cloud Platform (GCP) and/or Google Distributed Cloud (GDC)
- Knowledge of cloud-native telemetry, audit logging, and identity monitoring
- Experience deploying and managing tooling via CI/CD pipelines
Ways of Working
- Comfortable operating within regulated, high-assurance environments
- Strong communication and documentation skills
- Able to work independently and take ownership of complex security integrations
Desirable Experience
- Experience with Elastic Cloud on Kubernetes (ECK)
- Detections-as-code implementation experience
- Knowledge of threat frameworks and SOC workflows
- Familiarity with UK Government security standards and assurance processes
Clearance Requirements
This role requires active SC Clearance. Candidates must also be willing to undergo Developed Vetting (DV). Due to client security restrictions, applicants must hold UK Citizenship.
Why Join:
You’ll be joining a team delivering genuinely mission-critical secure platforms within some of the UK’s most demanding environments. This role offers:
- The opportunity to shape security architecture from day one
- Exposure to cutting-edge secure cloud technologies
- Direct collaboration with senior security and platform engineering teams
- Meaningful work supporting national-scale secure services
Security Engineer (SIEM) - Google Distributed Cloud (GDC) in London employer: identifi Global Resources
Join a dynamic consultancy at the forefront of delivering secure digital platforms for critical national infrastructure in London. As a Security Engineer (SIEM), you will have the unique opportunity to shape security architecture and influence key decisions while working alongside experienced professionals in a collaborative environment. With a focus on employee growth, cutting-edge technology, and meaningful contributions to national security, this role offers an exceptional work culture and the chance to make a real impact.
StudySmarter Expert Advice🤫
We think this is how you could land Security Engineer (SIEM) - Google Distributed Cloud (GDC) in London
✨Tip Number 1
Network like a pro! Get out there and connect with folks in the industry. Attend meetups, webinars, or even just grab a coffee with someone who’s already in the field. You never know when a casual chat might lead to your next big opportunity.
✨Tip Number 2
Show off your skills! Create a portfolio or GitHub repository showcasing your projects, especially those related to SIEM and security engineering. This gives potential employers a tangible look at what you can do and sets you apart from the crowd.
✨Tip Number 3
Prepare for interviews by practising common questions and scenarios specific to security engineering. Think about how you’d tackle real-world problems they might throw at you. Confidence and preparation can make all the difference!
✨Tip Number 4
Don’t forget to apply through our website! We’ve got loads of opportunities that might be perfect for you. Plus, it’s a great way to ensure your application gets seen by the right people. Let’s get you that dream job!
We think you need these skills to ace Security Engineer (SIEM) - Google Distributed Cloud (GDC) in London
Some tips for your application 🫡
Tailor Your CV:Make sure your CV is tailored to the Security Engineer (SIEM) role. Highlight your experience with SIEM solutions, especially in cloud or hybrid environments, and don’t forget to mention any relevant projects you've worked on that align with the job description.
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you’re passionate about security engineering and how your skills can contribute to building a secure Google Distributed Cloud platform. Be specific about your experience with Elastic SIEM and detection engineering.
Showcase Your Technical Skills:In your application, make sure to showcase your technical skills clearly. Mention your hands-on experience with Elastic Stack, Kubernetes, and any relevant CI/CD tools. This will help us see how you can hit the ground running in this role.
Apply Through Our Website:We encourage you to apply through our website for a smoother application process. It helps us keep track of your application and ensures you get all the updates directly from us. Plus, it’s super easy!
How to prepare for a job interview at identifi Global Resources
✨Know Your SIEM Inside Out
Make sure you have a solid understanding of SIEM architecture and design, especially with Elastic SIEM. Be ready to discuss your hands-on experience and how you've implemented SIEM solutions in cloud or hybrid environments.
✨Showcase Your Collaboration Skills
This role involves working closely with SOC teams and security architects. Prepare examples of how you've successfully collaborated in the past, translating security requirements into technical implementations.
✨Demonstrate Your Problem-Solving Abilities
Be prepared to discuss specific challenges you've faced in security monitoring and observability. Highlight how you approached these issues and the outcomes, particularly in high-assurance environments.
✨Familiarise Yourself with Government Standards
Since this role involves working on government secure programmes, brush up on UK Government security standards and assurance processes. Showing that you understand these requirements will set you apart from other candidates.
