At a Glance
- Tasks: Hunt for cyber threats and analyse adversary behaviours in a hands-on role.
- Company: Join a leading cyber defence team in Wokingham, Berkshire.
- Benefits: Competitive salary, excellent benefits, and ongoing training opportunities.
- Other info: Ideal for SOC analysts looking to advance in a dynamic environment.
- Why this job: Make a real impact in proactive threat detection and enhance your skills.
- Qualifications: Five years of experience in cyber threat detection and strong SIEM platform knowledge.
The predicted salary is between 65000 - 90000 £ per year.
Salary: £65,000 - 90,000 per year
Requirements:
- Around five years of hands-on experience in threat hunting, cyber threat detection, SOC, blue team, or cyber defence environments.
- Strong hands-on experience with SIEM platforms, including Microsoft Sentinel (KQL), Splunk (SPL), and Elastic Security/Kibana (KQL, ESQL).
- Practical knowledge of MITRE ATT&CK, attacker techniques, and adversary tradecraft.
- Experience working with indicators of compromise and threat intelligence feeds.
- Solid experience across the security event lifecycle, including detection, investigation, and incident management.
- Hands-on experience with EDR/XDR technologies such as Microsoft Defender, CrowdStrike, SentinelOne, or Carbon Black.
- Strong knowledge of networking fundamentals, including TCP/IP, DNS, HTTP/S, firewalls, VPNs, and proxy technologies.
- Experience analysing telemetry from Windows, Linux, identity, endpoint, and network sources.
- Strong analytical skills and the ability to communicate findings, impact, and risk clearly.
- Prefer SANS/GIAC certifications such as GCIH, GCIA, GCED, GCTI, GMON, GDAT, or GCAT.
- Value OSCP or equivalent offensive security qualifications.
- Value Crest certifications such as CPIA, CRIA, CCTIA, or CCBTP.
- Value Microsoft SC-200 or related detection and response certifications.
- Welcome other recognised cyber security or threat intelligence credentials.
- Ideally prefer candidates who are SC Cleared or eligible for SC.
Responsibilities:
- Conduct proactive threat hunting across log, endpoint, and network telemetry to identify suspicious, stealthy, or previously unknown threats.
- Develop and execute hunt hypotheses aligned to MITRE ATT&CK TTPs, adversary behaviours, and emerging threat intelligence.
- Write, refine, and optimise SIEM queries using KQL, SPL, Elastic/ESQL, and Kibana Query Language.
- Perform IOC analysis, enrichment, and validation using internal and external threat intelligence sources.
- Lead investigations from initial detection through scoping, root cause analysis, and impact assessment.
- Support incident management and incident response activities, including containment, remediation, escalation, and lessons learned.
- Collaborate closely with SOC teams, incident responders, red teams, and purple teams to validate detections and improve defensive coverage.
- Contribute to detection logic improvements, use-case development, and continuous enhancement of hunting methodologies.
- Produce clear investigation write-ups, timelines, and recommendations for both technical and non-technical stakeholders.
- Take a hands-on role within an advanced cyber defence function focused on proactive threat detection and adversary behaviour analysis.
Technologies:
- HTTP
- Support
- Kibana
- Linux
- Network Security
- Splunk
- TCP/IP
- Windows
More:
We are hiring a Cyber Threat Detection Analyst / SIEM Analyst to join our advanced cyber defence function in Wokingham, Berkshire, with the role based on-site. This is a hands-on position focused on proactive threat hunting, adversary behaviour analysis, and high-fidelity threat detection across enterprise environments. We offer a competitive salary dependent on experience, along with excellent benefits and training. The role is well suited to experienced SOC analysts who want to move into a more hunting-led environment and deepen their expertise in detection engineering, incident response, and collaboration with red and purple team activities. Ideally, we are looking for candidates who are SC Cleared or eligible for SC.
SIEM Analyst (Cyber Threat Detection) employer: Sivara GmbH
Join our dynamic team in Wokingham, Berkshire, where we prioritise a culture of collaboration and continuous learning. As a SIEM Analyst, you'll benefit from competitive salaries, comprehensive training opportunities, and the chance to work alongside industry experts in a cutting-edge cyber defence environment. We are committed to fostering employee growth and providing a supportive atmosphere that values innovation and proactive threat detection.
StudySmarter Expert Advice🤫
We think this is how you could land SIEM Analyst (Cyber Threat Detection)
✨Get Involved in the Cybersecurity Community
Diving into the cybersecurity community is key for landing that full-time gig. Join forums like Reddit's r/cybersecurity or attend local meetups to connect with industry veterans and other job seekers. Networking is everything in this field—don’t just be a passive lurker!
✨Show Off Your Skills with Capture the Flag Competitions
Participate in Capture the Flag (CTF) competitions; these are not just a fun way to boost your skills but also a chance to showcase your talent to potential employers. Many companies, including Sivara GmbH, love seeing candidates who actively engage in these challenges.
✨Tailor Your Online Presence
Make sure your LinkedIn and any professional profiles reflect your cybersecurity expertise. Share your projects, whether they’re personal or from a previous role, to catch the eye of hiring managers. This is how they’ll find your passion and commitment to the field!
✨Apply Directly Through Sivara GmbH
Don’t forget to head straight to our website and check out any openings for cybersecurity roles at Sivara GmbH. Applying directly can sometimes give you an edge, especially if you can mention that you've been following our work or engaging in the community.
We think you need these skills to ace SIEM Analyst (Cyber Threat Detection)
Some tips for your application 🫡
Show off your technical skills:In cybersecurity, it's crucial to highlight your technical prowess. Make sure your CV showcases specific skills like network security, penetration testing, or threat analysis. If you have relevant certifications (like CEH or CISSP), pop those on the front page to grab attention!
Tailor your portfolio for the role:Even for a full-time role, a portfolio can set you apart. If you've worked on any cybersecurity projects—be it CTF challenges, security assessments, or research papers—include these in your application. This demonstrates not just your skills, but also your hands-on experience!
Use real-world examples:When writing your cover letter, don’t just stick to your qualifications. Share real-world examples of how you’ve tackled security issues or vulnerabilities. This gives the hiring team at Sivara GmbH insight into your practical problem-solving abilities and makes your application memorable.
Demonstrate your passion for cybersecurity:Cybersecurity is an ever-evolving field, so show us that you’re always learning! Mention any recent courses, webinars, or industry events you’ve attended. This not only exhibits your enthusiasm but also signals to Sivara GmbH that you’re committed to staying ahead in the game.
How to prepare for a job interview at Sivara GmbH
✨Sharpen Your Technical Skills
For a role in cybersecurity, it’s essential to be up-to-date with the latest tools and techniques. Brush up on your knowledge of firewalls, intrusion detection systems, and vulnerability assessment tools. Be ready to discuss specific scenarios where you’ve applied these skills, as hands-on experience can really set us apart in interviews.
✨Prepare for Scenario-Based Questions
Expect the interviewers at Sivara GmbH to throw in some hypothetical situations to see how you’d handle them. Think about common security breaches or incidents and be prepared to explain how you would respond. This not only shows your problem-solving skills but also your understanding of real-world cybersecurity challenges.
✨Highlight Your Certifications
Certifications like CompTIA Security+, CISSP, or CEH can give you a significant edge in a full-time role in cybersecurity. Make sure to mention these during your interview and be prepared to discuss what you learned through those certifications and how they relate to the position at Sivara GmbH.
✨Show Your Passion for Cybersecurity
Since you’re going for a full-time gig, showing genuine enthusiasm for the field can make all the difference. Share any personal projects, blogs, or communities you’re part of that relate to cybersecurity. This not only showcases your passion but also your commitment to staying engaged in this ever-evolving field.
