Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Join us to enhance cyber security through innovative detection and response strategies.
- Company: Join a leading IT consultancy transforming public sector operations.
- Benefits: Competitive pay, flexible working, and opportunities for professional growth.
- Why this job: Make a real difference in cyber security while working with cutting-edge technologies.
- Qualifications: Experience in cyber security and proficiency in Elastic Stack required.
- Other info: Work in a dynamic environment with a focus on career advancement.
The predicted salary is between 48000 - 72000 ÂŁ per year.
Methods is a £100M+ IT Services Consultancy based in the UK, partnering with central government departments and agencies to transform the way the public sector operates. With more than 30 years of experience, we deliver end‑to‑end business and technical solutions that are people‑centred, safe and designed for the future. Our human‑touch approach distinguishes us from other consultancies and system integrators. We focus on public‑sector work while growing a significant private‑sector client portfolio. Methods was acquired by the Alten Group in early 2022.
Base Pay Range: Base pay will be based on skills and experience. Your recruiter will discuss the range in detail.
Responsibilities & Requirements
- Elastic Stack Expertise: Proven experience with Kibana visualisations, dashboards, queries and alerts. Holds Elastic Certified Analyst certification covering anomaly detection, dashboard tuning and timeline analysis.
- Data Ingestion & Log Pipeline Engineering: Build, manage and optimise complex Logstash pipelines, utilising plugins to handle diverse log formats and enrich security telemetry. Ensure reliable ingestion into Elasticsearch.
- Syslog Configuration: Configure rsyslog and centralised logging for network appliances, firewalls and infrastructure components.
- Linux Proficiency: Administer and troubleshoot Linux systems with command‑line fluency and scripting (Bash, Python) for SIEM operations and log parsing.
- Detection Engineering & Threat Rules: Develop and tune custom detection rules using ESQL, EQL and Lucene syntax aligned with MITRE ATT&CK techniques. Produce investigation guides for SOC analysts.
- SOC Maturity & Policy Development: Contribute to SOC process and policy development, including detection logic lifecycle, alert tuning procedures and SIEM configuration governance.
- Defence Writing & JSP Familiarity: Prepare formal documentation following Defence Writing principles and understanding of Joint Service Publications (JSPs).
- Incident & Case Management: Support the incident response lifecycle—alert review, case triage, evidence handling, escalation and forensic data support.
- Client Engagement & Communication: Convey technical information clearly to internal stakeholders and external clients, collaborate with multidisciplinary teams and represent security operations during client interactions.
Desirable Skills And Experience
- Experience in Defence, Government or Critical National Infrastructure environments.
- Familiarity with security frameworks such as MITRE ATT&CK, NIST CSF or ISO 27001 and mapping TTPs to rule coverage.
- Experience with SOAR or SIEM enrichment tools (TheHive, MISP, Cortex).
- Knowledge of additional log forwarding/processing tools (Elastic Agent, Fluentd).
- Exposure to vulnerability management and threat intelligence platforms (OpenCTI).
Qualifications
- Expert knowledge of Azure & Sentinel.
- Proven experience as a Cyber Analyst focused on Security Operations.
- Strong expertise in Elastic Stack (Elasticsearch, Logstash, Kibana).
- Familiarity with other SIEM tools and security technologies.
- Knowledge of cybersecurity best practices, threat intelligence and incident response.
- Excellent analytical and problem‑solving skills.
- Relevant certifications such as CISSP, CEH or Elastic Certified Engineer (ECE) are a plus.
This role requires a holder of active SC and/or DV clearance. If DV is not held, eligibility for DV is required.
Job Details
- Seniority level: Mid‑Senior level
- Employment type: Contract
- Job function: Information Technology
- Industries: IT Services and IT Consulting
Cyber Security Engineer SoC/SIEM (Contract) in Malvern employer: Methods
Contact Detail:
Methods Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Cyber Security Engineer SoC/SIEM (Contract) in Malvern
✨Network Like a Pro
Get out there and connect with people in the industry! Attend meetups, webinars, or even local tech events. We all know that sometimes it’s not just what you know, but who you know that can help land that dream job.
✨Show Off Your Skills
Don’t just list your skills on your CV; demonstrate them! Create a portfolio showcasing your projects, especially those related to Elastic Stack or SIEM. We love seeing real-world applications of your expertise!
✨Ace the Interview
Prepare for common interview questions, but also be ready for technical challenges. Brush up on your Linux commands and detection engineering techniques. We want to see how you think on your feet!
✨Apply Through Our Website
Make sure to apply directly through our website! It’s the best way to ensure your application gets seen by the right people. Plus, we’re always on the lookout for passionate candidates like you!
We think you need these skills to ace Cyber Security Engineer SoC/SIEM (Contract) in Malvern
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the Cyber Security Engineer role. Highlight your experience with Elastic Stack, Linux proficiency, and any relevant certifications. We want to see how your skills match what we're looking for!
Showcase Your Projects: If you've worked on any projects related to SIEM or threat detection, don’t hold back! Share specific examples that demonstrate your expertise in building log pipelines or developing detection rules. This helps us see your practical experience.
Be Clear and Concise: When writing your application, keep it clear and to the point. Use bullet points where possible to make it easy for us to read through your qualifications and experiences. We appreciate straightforward communication!
Apply Through Our Website: We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it’s super easy to do!
How to prepare for a job interview at Methods
✨Know Your Elastic Stack Inside Out
Make sure you brush up on your knowledge of the Elastic Stack, especially Kibana visualisations and Logstash pipelines. Be ready to discuss specific projects where you've used these tools, as well as any challenges you faced and how you overcame them.
✨Demonstrate Your Linux Skills
Since Linux proficiency is key for this role, prepare to showcase your command-line fluency. You might be asked to troubleshoot a Linux system or write a simple Bash or Python script, so practice these skills beforehand to feel confident.
✨Familiarise Yourself with Detection Engineering
Get comfortable with developing and tuning detection rules using ESQL, EQL, and Lucene syntax. Bring examples of how you've aligned detection logic with MITRE ATT&CK techniques, as this will show your understanding of threat detection in a practical context.
✨Communicate Clearly and Confidently
This role involves client engagement, so practice conveying complex technical information in a clear and concise manner. Think about how you can explain your past experiences and technical concepts to someone without a technical background, as this will demonstrate your communication skills.
