SIEM Consultant

What we’re looking for

We are seeking a client-focused SIEM Consultant with a strong foundation in SIEM technologies, cybersecurity best practices, and threat detection strategies. In this role, you will work closely with clients to understand their security needs, provide guidance on SIEM architecture, and design tailored solutions across platforms, including Splunk and other leading SIEM tools.

You’ll participate in hands-on configuration and optimisation as needed but with a primary focus on advising clients, developing design strategies, and ensuring their security objectives are met.

This position is ideal for someone with experience in SIEM or SOC environments who is comfortable in a consultative, client-facing role.

Knowledge of cloud security, response frameworks, and industry compliance standards will be key to success in helping clients implement robust, scalable SIEM solutions.

Key Responsibilities:

Client Engagement & Solution Design:

Collaborate with clients to identify their unique security requirements, conducting discovery sessions to understand their environment, business objectives, and compliance needs.

Develop and present tailored SIEM architecture and design strategies, ensuring alignment with client goals and industry best practices.

Recommend the best-fit SIEM platform (e.g., Splunk, Elastic SIEM, IBM QRadar, ArcSight) based on client requirements, budget, and existing security infrastructure.

SIEM Implementation & Configuration:

Lead the design and configuration of SIEM solutions, ensuring integration with client systems and optimizing for effective threat detection and real-time monitoring.

Perform hands-on configuration and tuning of SIEM components, setting up alerting, custom dashboards, and data ingestion as needed to support client-specific use cases.

Support clients in deploying SIEM in hybrid environments, including on-premises, cloud, and multi-cloud platforms, integrating cloud-native security tools for enhanced visibility.

Threat Detection & Response Strategy:
Design and implement threat detection rules, logic, and response workflows that align with the client’s risk profile and operational needs.

Guide clients in developing and improving their incident response processes, including playbook creation and alignment with security frameworks like NIST and ISO 27001.

Regularly review and optimise SIEM configurations to reduce false positives, improve detection accuracy, and adapt to evolving threat landscapes.

Advisory & Compliance:
Advise clients on aligning SIEM deployments with security frameworks and compliance requirements, including GDPR, HIPAA, and PCI DSS.

Provide guidance on data strategies for security monitoring, such as data persistence and streaming for long-term analysis and real-time detection.

Assist clients in implementing data retention policies and optimising data flow within SIEM for both compliance and operational efficiency.

Continuous Improvement & Optimisation:
Conduct periodic health checks and assessments of client SIEM environments to identify areas for improvement, ensuring optimal performance and alignment with security goals.

Educate clients on emerging threats, new SIEM functionalities, and best practices to maintain a proactive approach to security monitoring.

Collaborate with internal teams to share insights and identify opportunities to enhance service offerings and improve overall client satisfaction.

• Experience

  3-4 years of experience in SIEM consulting, SOC, or security operations roles with a focus on threat detection and response.

  Strong understanding of threat detection methodologies, security frameworks (e.g., NIST, ISO 27001), and compliance requirements.

  Experience with SIEM design and architecture, data ingestion, log management, and custom dashboard creation.

  Familiarity with cloud-native security solutions and knowledge of security practices in hybrid cloud environments.

  Background in client-facing roles or consulting, with the ability to communicate complex technical concepts clearly and effectively to clients.

   

• Technical Expertise

  Hands-on experience with at least one major SIEM platform (e.g. Splunk, Elastic SIEM, IBM QRadar) and familiarity with cloud security tools such as AWS GuardDuty, Azure Security Center, or Google Cloud Security.

  Background in client-facing roles or consulting, with the ability to communicate complex technical concepts clearly and effectively to clients

  Relevant cybersecurity certifications, such as CISSP, GIAC (e.g., GCIA, GCIH), or Splunk certification (e.g., Splunk Core Certified Power User), are highly desirable.

• Other Skills

  Excellent interpersonal and communication skills, with the ability to build strong client relationships and explain technical solutions in a non-technical manner.

  Strong organizational skills and the ability to work independently on projects while collaborating effectively with internal teams.

  Proactive and client-focused, with a solution-oriented approach to problem-solving and a commitment to meeting client expectations.

• Personal Attributes

  Passionate about data ! and cybersecurity, driven to stay current with emerging threats, technologies, and best practices.

  Adaptable and able to operate in a fast-paced, client-centered environment, responding to changing project needs.

  Detail-oriented, with a focus on delivering high-quality work and exceeding client expectations.

• Flexiblility

  Flexibility and adaptability, ability to travel some of the time.

• Package

  Start Date: Flexible 

  Location: Bristol, 2/3 days office based

  Salary: Extremely Market Competitive for the right candidate

  Plus, an excellent benefits package and tailored professional development.