SIEM Engineer

Harvey Nash is delighted to be working with our public sector client on the search for an experienced SIEM Engineer. This contract offers the chance to support a high-profile programme that underpins critical services and strengthens security resilience across a complex environment.

• Proven SIEM Expertise: Look for hands-on experience with leading SIEM platforms (e.g., Splunk, Azure Sentinel, or Elastic SIEM), including log ingestion, correlation rule creation, alert tuning, and incident response workflows.
• AWS Security Integration: Ensure they have practical knowledge of AWS services relevant to SIEM, such as CloudTrail, GuardDuty, Security Hub, CloudWatch, and VPC Flow Logs, and can integrate these with your SIEM solution.
• Threat Detection & Response Skills: Assess their ability to design and implement detection use cases, threat hunting queries, and automated response playbooks tailored to your environment.
• Compliance & Governance Awareness: They should understand regulatory and compliance requirements (e.g., ISO 27001, GDPR, CRF, CAF) and how to align SIEM configurations and reporting to meet audit and governance needs.
• Scripting & Automation Proficiency: Look for skills in scripting languages (e.g., Python, PowerShell) and infrastructure-as-code tools (e.g., Terraform, CloudFormation, GIT).

Please note this role is Inside IR35 and requires 2 days per week in the Glasgow office. To apply, please send your CV using the link.