We are looking for a talented and enthusiastic individual with excellent technical and client-facing skills, to act as Onboarding Lead for national scale cyber defence solutions down to a small commercial SOC. This ranges from strategic architecture design for national cyber authorities through to small enterprise CERTs/SOCs and Managed Security Services' SOCs. This role is internationally focused thus extensive travel for several weeks or sometimes months will be involved from time to time.
The role will work within a diverse and geographically split team that pride themselves on delivering outstanding solutions and delighting our customers. We strive to ensure that we deliver the most robust solutions within the time cost and performance envelopes provided. The team are trusted and empowered to deliver and self-manage their outputs whilst working collaboratively. The team work on bot UK project and internationally delivering to National Security Clients down through to commercial organisations.
What you'll be doing
- Leading and assisting with onboarding and assessing an organisation’s existing network and operations to determine what Security Use cases will be required tailored to the threats being faced
- Assessing an organisation’s existing network and operation to determine their level of readiness for Onboarding
- Agreeing the scope and requirements of the SOC monitoring provision
- Agreeing the Onboarding plan and managing the Onboarding Project in accordance with the plan
- Designing, deploying and testing the people, process and technology solution to meet the organisation’s monitoring requirements
- Updating and supporting the development of the security use cases based on the risk and threat profile of the organisations
- Configuring the organisation’s existing Security Event Data Sources (SEDS)
- Tuning and adjusting the people, process and technology solution
- Producing security use cases based on the risk and threat profile of the organisations
- Producing SIEM content in line with the Security use cases
- Ensuring that the SIEM solution is optimised for performance and operation
- Managing the onboarding process
- Assisting the service designer in writing the monitoring SLAs
- Working on client sites, in UK and internationally for extended periods.
What we're looking for
- Experience within an operational IT and cyber security environment
- Proven delivery experience leading conducting onboarding activities onto a SIEM, developing security use cases and SIEM Content
- Experience deploying QRadar/Splunk/Phantom
- Proven delivery and experience developing SOAR Content (desirable)
Life at BAE Systems Applied Intelligence
We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day. By embracing technology, we can interact, collaborate and create together, even when we’re working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance wellbeing.
Diversity and inclusion are integral to the success of BAE Systems Applied Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds – the best and brightest minds – can work together to achieve excellence and realise individual and organisational potential.
About BAE Systems Applied Intelligence
We use our intelligence-led insights to help defend Governments, Nations and Societies from cyber-attacks and financial crime. Our customers depend on our evolving capabilities to help them safely grow their organisations. Our unprecedented access to threat intelligence, world-leading analysts and market-leading technology means we can help them to adapt, evolve and stay ahead of the criminals.
Division overview: Government
At BAE Systems Applied Intelligence, we pride ourselves in being a leader in the cyber defence industry, and Government contracts are an area we have many decades of experience in. Our Government business unit houses four of our critical client groups: UK National Security, Global National Security, defence and central government. Government and key infrastructure networks are critical targets to defend as the effects of these networks being breached can be devastating.
As a member of the Government business unit, you will defend the connected world and ensure the protection of nations. We all have a role to play in defending our clients, and this is yours.