Security Design Expert

Role
Lead the design, deployment and tuning of enterprise-grade SIEM platforms (e.g. Splunk, Azure Sentinel etc.)
Collaborate with stakeholders to define logging requirements, use cases, detection rules and dashboards
Oversee integration of data sources from cloud, on-prem, endpoint, network and application layers
Create and maintain detection rules, correlation logic and alerts tailored to specific threat scenarios
Provide technical leadership and mentorship to team members
Work closely with SOC teams to align SIEM capabilities with business objectives
Conduct SIEM health checks, performance tuning and capacity planning

Skills
Expertise in SIEM design, deployment and optimisation
Hands-on expertise with one or more major SIEM platforms (e.g. Splunk, Sentinel etc.)
Deep understanding of log ingestion, parsing, normalisation and enrichment
Strong grasp of MITRE ATT&CK framework, threat detection and alert logic
Solid scripting/automation skills (e.g., Python, PowerShell, Bash)
Experience with cloud logging and monitoring (AWS CloudTrail, Azure Monitor, GCP etc.)
Experience with threat modelling, cloud security or Identity and Access Management is desirable