Be at the heart of actionFly remote-controlled drones into enemy territory to gather vital information.

Apply Now

SIEM Engineer

NCC Group
1 year ago
Applications closed

Related Jobs

View all jobs

Cloud Engineer

SIEM Engineer

NCC Group is a leading partner in the Security Industry. It helps 1000’s clients to develop, maintain, progress and secure their Cyber Security through the use of Vulnerability/Penetration Testing, Audits and 24/7 monitoring, amongst others.

NCC Group provide a range of managed and hosted services delivered from our UK based Security Operations Centre SOC which operates 24/7, 365 days a year. Our team of over 30 accredited security experts are available 24/7, dealing daily with over 250 million log events and providing support for over 5,000 network devices.

This team are specialists in SIEM integration and content creation, with our services backed up by our own mature methodology for onboarding, developing and designing use cases for many of the UK’s largest companies. This has been tried and tested across dozens of major deployments and hundreds of use cases and is uniquely tailored to each client whilst providing the methodology to ensure that development and implementation are completed to a very high standard.

We operate a single point of contact for all Managed Service Security Requirements and work directly with clients to build, develop and design solutions for individual security requirements. Our team of experts provide proactive monitoring and response to help quickly evaluate and investigate security incidents as they occur and supporting day-to-day availability and change requests to help supplement your network security architecture.

Primary Responsibilities

A successful candidate will be responsible for the day-to-day support and operations of several SIEM solutions within our Leeds based SOC. Roles and responsibilities for this role include, but may not be limited to:

Maintaining the NCC Group SOCs SIEM and EDR platforms. Onboard and manage SIEM event sources and transition through to live SOC Managed Services. Assisting in the development of new SOC infrastructure to assist in SIEM and surrounding SOC requirements. Providing guidance and support to SOC personnel regarding SIEM operations, concepts, and development. Collaborating with our Analytics Development capability to create and deploy new detection mechanisms (both traditional analytics and machine learning techniques). Providing SIEM expertise to support Security Analysts during incidents and investigations. Collaborating with other teams to help develop and drive improvements/progression

A successful candidate would be able to provide security advice to customers to help them develop their security awareness and infrastructure. Working for a Security Partner requires a surrounding knowledge and experience of security awareness, incidents, response and management.

Skills and Development

Having competency in most of the below skills is required and the ability to use these at a higher level is desirable:

Experience using common SIEM technology stacks including but not limited to:SplunkLogRhythmSentinel Experience with EDR software including but not limited toCarbon BlackDefender for Endpoint Experience configuring, maintaining, and troubleshooting both Windows and Linux operating systems. Familiarity with incident response procedures. (This could be a from a wide pool of skills, such as investigating security alerts, incident response, security audits, configuration reviews, industry best practices, etc.) Experience configuring Network Security Devices such as but not limited to Cisco, Fortinet, CheckPoint, Suricata, Snort, Palo Alto. A fundamental understanding of logging types and collection methods such as Windows Event Log and various Syslog protocols. Basic Development/ scripting skills (such as PowerShell, Python, Bash and any associated skills, such as Regex)

Certification

The following certifications are desirable, but not a requirement. A level of knowledge/experience within the below practices is also desirable. Successful candidates that do not possess these certifications may be tasked with working towards them at the beginning of their employment:

Splunk Certified Administrator Splunk Certified Power User LogRhythm Certified Support Engineer LogRhythm Certified Deployment Engineer Microsoft Azure Fundamentals Microsoft Security Operations Analyst CompTIA Certifications (Security+/ Network+/ Linux+) Crest, GIAC or CISSP Certification Degree in related field. Other relevant certifications.

Other Information

This role is based at the NCC Group office in Leeds, United Kingdom. This role will involve an out-of-hour’s element (post training).

About NCC Group

We are passionate about helping our customers to protect their brand, value and reputation against the ever-evolving threat landscape. We fuel that passion with investment – in our people, our business and we want to invite talented people to join us in our vision to be the leading cyber security advisor.

The NCC Group family has 2,500 members located around the world providing a trusted advisory service to 15,000 customers. Our heart is in our space. 

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

By subscribing, you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Jobs

How to Write an AI CV that Beats ATS (UK examples)

Writing an AI CV for the UK market is about clarity, credibility, and alignment. Recruiters spend seconds scanning the top third of your CV, while Applicant Tracking Systems (ATS) check for relevant skills & recent impact. Your goal is to make both happy without gimmicks: plain structure, sharp evidence, and links that prove you can ship to production. This guide shows you exactly how to do that. You’ll get a clean CV anatomy, a phrase bank for measurable bullets, GitHub & portfolio tips, and three copy-ready UK examples (junior, mid, research). Paste the structure, replace the details, and tailor to each job ad.

Jobs

AI Recruitment Trends 2025 (UK): What Job Seekers Must Know About Today’s Hiring Process

Summary: UK AI hiring has shifted from titles & puzzle rounds to skills, portfolios, evals, safety, governance & measurable business impact. This guide explains what’s changed, what to expect in interviews, and how to prepare—especially for LLM application, MLOps/platform, data science, AI product & safety roles. Who this is for: AI/ML engineers, LLM engineers, data scientists, MLOps/platform engineers, AI product managers, applied researchers & safety/governance specialists targeting roles in the UK.

Jobs

Why AI Careers in the UK Are Becoming More Multidisciplinary

Artificial intelligence is no longer a single-discipline pursuit. In the UK, employers increasingly want talent that can code and communicate, model and manage risk, experiment and empathise. That shift is reshaping job descriptions, training pathways & career progression. AI is touching regulated sectors, sensitive user journeys & public services — so the work now sits at the crossroads of computer science, law, ethics, psychology, linguistics & design. This isn’t a buzzword-driven change. It’s happening because real systems are deployed in the wild where people have rights, needs, habits & constraints. As models move from lab demos to products that diagnose, advise, detect fraud, personalise education or generate media, teams must align performance with accountability, safety & usability. The UK’s maturing AI ecosystem — from startups to FTSE 100s, consultancies, the public sector & universities — is responding by hiring multidisciplinary teams who can anticipate social impact as confidently as they ship features. Below, we unpack the forces behind this change, spotlight five disciplines now fused with AI roles, show what it means for UK job-seekers & employers, and map practical steps to future-proof your CV.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.