SIEM Engineer (InfoSec)
THG aims to be the World’s leading Online Health & Beauty Destination. We are currently the UK’s leading multi-website online retailer with rapidly growing global operations and a unique proprietary technology platform. With over 16 million customers worldwide and 400 million visits to our sites annually, we understand the importance of reliable technology and a data-driven expertise.
Our software is the core of our business and enables the company to continue to grow and thrive. The Group’s industry leading and proprietary technology platform powers its own consumer sites plus global media partners and brand owners, including: Unilever, Nintendo and the Daily Mail Group. We develop all of our own applications in-house with our Development Delivery Teams. In order to enable our Delivery Teams to continue to achieve, we are always looking for bright and intellectual people who are happy to push boundaries and really challenge the status quo.
Led by world-class technologists with a diverse range of backgrounds ranging from Silicon Valley tech giants (Google, Amazon) through to Hedge funds and Algorithmic Trading Firms. You will be surrounded by highly intellectual and passionate colleagues, all with the common goal to help us grow this business globally, fast.
Information Security is crucial to our business and at the heart of our information security function is the SOC. You will be part of a diverse and riven team tasked with protecting, monitoring and responding to security incidents.
- Integrating our in-house SIEM platform into new areas of the business and network design
- Identification and on-boarding of new log sources to increase monitoring activity across the organisations
- Development of use-cases and alerting procedures.
- Liaising with key stakeholders across servers/virtualisation/networks/EUC to understand infrastructure and
- Pruning of rules to increase MTTD whilst reducing false positives and negatives
- Understanding of vulnerability management using industry tools
- Execute key project activities including planning and executing changes, documentation, handover and training/knowledge transfer.
- Experience with IBM Qradar or equivalent SIEM product across design, deployment and troubleshooting.
- SIEM log sources on boarding experience.
- A solid understanding of use-case development
- Knowledge of firewalls/VPN configurations/Network and User Behaviour Analysis
- Prior experience working as a support engineer in a networking and/or security role.
- Candidates for the role should be self-motivated, logical thinking problem solver who is flexible and adaptive to a very busy work environment
- You’ll need to be organised and have a deep technical understanding of security technologies
- have an inquisitive nature but with a positive attitude and be eager to learn.
- No required certifications if there is demonstrable experience in the required areas.
- A keen interest in developing and emerging security trends
- Solid experience in at least one area of IT
- Knowledge of key security considerations and technologies such as firewalls, web proxy, DLP, Antivirus etc.