Cyber Security Engineer - Inside IR35, Security Clear SC

Contract Term: 6 Months

Contracting Authority: Department for Energy Security and Net Zero

Location: Hybrid / London

"Securing our long-term energy supply, bringing down bills and halving inflation".

The Department for Energy Security and Net Zero was created in February 2023 with the goal of securing a safe energy supply as well as ensuring the UK leads the way in achieving Net Zero. We are an innovative and exciting department, looking for the very best to lead the way.

The responsibilities for the Department for Energy Security & Net Zero for 2023 are as follows:

• Delivering security of energy supply
• Ensuring properly functioning energy markets
• Encouraging greater energy efficiency
• Seizing the opportunities of net zero to lead the world in new green industries

We encourage our colleagues to be bold, be collaborative, be inclusive and to be big on learning. If you want to take part in meaningful work that makes an impact in the UK as well as abroad, then look no further than the Department for Energy Security and Net Zero.

Role Description:

The Cyber Security Engineer will play a critical role in safeguarding our organization's digital assets. They will be responsible for enhancing our security posture by reviewing and optimizing existing SEIM (Security Information and Event Management) tool rules, implementing custom detection rules, and proactively countering emerging threats. The ideal candidate will have hands-on experience with Azure Sentinel SIEM, Defender for Endpoint, and Logic App development.

Key Requirements:

SC Clearance is an essential requirement for this role, (as a minimum you must be eligible and willing to undergo these checks)

SEIM Rule Review and Tuning:

o Proficient in reviewing and fine-tuning SEIM tool rules to enhance threat detection accuracy.

o Ability to identify false positives and optimize rule performance.

Azure Sentinel SIEM:

o Hands-on experience with Azure Sentinel SIEM.

o Familiarity with configuring and managing security incidents, alerts, and dashboards.

Defender for Endpoint:

o Strong understanding of Microsoft Defender for Endpoint.

o Ability to configure and manage endpoint security policies, threat detection, and response.

Logic App Development:

o Proficient in developing and maintaining Logic Apps.

o Experience integrating security workflows and automating incident response.

Scripting Language (KQL):

o Proficiency in using KQL (Kusto Query Language) for querying and analyzing security data.

o Ability to create custom queries for threat hunting and investigation.

Automation Playbooks:

o Experience designing and implementing security automation playbooks.

o Familiarity with tools like Azure Logic Apps, Power Automate, or similar.

Custom Detection Rules:

o Skilled in creating custom detection rules tailored to organizational needs.

o Ability to identify anomalous behavior and design effective rules.

Mentoring and Coaching:

o Experience mentoring and coaching colleagues to enhance their security knowledge.

o Passionate about knowledge transfer and fostering a collaborative security culture.

Threat Hunting Leadership:

o Proficient in leading threat hunting exercises across departmental environments.

o Ability to proactively identify and mitigate security risks.

Innovation and Adaptability:

o Demonstrated ability to create new rules and adapt security measures to combat emerging threats.

o Willingness to stay updated with the latest security trends and technologies.