About this role
<p> </p> <p><b>Location(s): UK, Europe & Africa : UK : Guildford || UK, Europe & Africa : UK : Frimley </b></p> <p> </p> <p>BAE Systems Digital Intelligence is home to 4,500 digital, cyber and intelligence experts. We work collaboratively across 10 countries to collect, connect and understand complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital advantage in the most demanding environments.</p> <p style="line-height:11.75pt;margin:0.0cm 0.0cm 8.0pt;font-size:11.0pt;font-family:Aptos, sans-serif"><strong><span style="font-family:Calibri, sans-serif;color:black">Job Title: Security Consultant - SIEM Engineer</span></strong></p> <p style="line-height:11.75pt;margin:0.0cm 0.0cm 8.0pt;font-size:11.0pt;font-family:Aptos, sans-serif"> </p> <p style="line-height:11.75pt;background-color:white;margin:0.0cm 0.0cm 8.0pt;font-size:11.0pt;font-family:Aptos, sans-serif"><strong><span style="font-family:Calibri, sans-serif;color:black">Location: Guildford, Frimley</span></strong><span style="font-family:Calibri, sans-serif;color:black"> - We offer a range of hybrid and flexible working arrangements – please speak to your recruiter about the options for this particular role</span></p> <p style="line-height:11.75pt;background-color:white;margin:0.0cm 0.0cm 8.0pt;font-size:11.0pt;font-family:Aptos, sans-serif"><strong><u><span style="font-family:Calibri, sans-serif;color:black"> </span></u></strong></p> <p style="line-height:11.75pt;background-color:white;margin:0.0cm 0.0cm 8.0pt;font-size:11.0pt;font-family:Aptos, sans-serif"><strong><u><span style="font-family:Calibri, sans-serif;color:black">Who we are </span></u></strong></p> <p style="line-height:11.75pt;background-color:white;margin:0.0cm 0.0cm 8.0pt;font-size:11.0pt;font-family:Aptos, sans-serif"><strong><u><span style="font-family:Calibri, sans-serif;color:black"> </span></u></strong></p> <p style="margin:0.0cm;background-color:white;font-size:12.0pt;font-family:'Times New Roman', serif"><span style="font-size:11.0pt;font-family:Calibri, sans-serif;color:black">Join BAE Systems and you’ll be part of something bigger. As a valued member of our global colleague network, you’ll bring your unique skills and perspectives to help pioneer progress and protect what matters most. You’ll be trusted to play your part in delivering the advanced, technology-led defence, aerospace and security solutions of tomorrow - shaping a safer future, for all of us.</span></p> <p style="margin:0.0cm;background-color:white;font-size:12.0pt;font-family:'Times New Roman', serif"><span style="font-size:11.0pt;font-family:Calibri, sans-serif;color:black"> </span></p> <p style="margin:0.0cm;background-color:white;font-size:12.0pt;font-family:'Times New Roman', serif"><span style="font-size:11.0pt;font-family:Calibri, sans-serif;color:black">From the depths of the ocean, to the far reaches of space - there’s no limit to where a career at BAE Systems could take you</span><span style="font-size:11.0pt;font-family:Calibri, sans-serif;color:#676767">.</span></p> <p style="margin:0.0cm;background-color:white;font-size:12.0pt;font-family:'Times New Roman', serif"> </p> <p style="margin:0.0cm;line-height:normal;background-color:white;font-size:11.0pt;font-family:Aptos, sans-serif"><strong><u><span style="font-family:Calibri, sans-serif;color:black">Role Description </span></u></strong></p> <p style="margin:0.0cm;line-height:normal;background-color:white;font-size:11.0pt;font-family:Aptos, sans-serif"><strong><u><span style="font-family:Calibri, sans-serif;color:black"> </span></u></strong></p> <p style="line-height:11.75pt;background-color:white;margin:0.0cm 0.0cm 8.0pt;font-size:11.0pt;font-family:Aptos, sans-serif"><span style="font-family:Calibri, sans-serif;color:black;background-color:white">BAE Systems have been contracted to undertake the design and build of a dedicated Security Operations Centre (SOC) to support the cyber defence of a major international defence programme. The information, systems and networks to be protected will be a mix of Microsoft Cloud services and on-premises data centres straddling multiple regions and classification levels.</span></p> <p style="line-height:11.75pt;background-color:white;margin:0.0cm 0.0cm 8.0pt;font-size:11.0pt;font-family:Aptos, sans-serif"><span style="font-family:Calibri, sans-serif;color:black;background-color:white">We are looking for a talented and enthusiastic individual with excellent technical and client-facing skills, to act as an SIEM Engineer<strong> </strong>who will support the design, configuration and maintenance of a wide range of security tools. This is mid level role and the individual will be expected to work across a variety of technologies such as Splunk and Sentinel SIEM, Nessus Vulnerability management, Microsoft XDR and other as appropriate.</span></p> <p style="line-height:11.75pt;background-color:white;margin:0.0cm 0.0cm 8.0pt;font-size:11.0pt;font-family:Aptos, sans-serif"><span style="font-family:Calibri, sans-serif;color:black;background-color:white">The role will range from advising on design, deploying and configuring new solutions, assessing existing deployments and client capabilities to make improvements and improve overall maturity. This role is situated within our Defence Business unit and requires a minimum of SC clearance, ideally DV clearance. The position is expected to work from company offices in the UK with some time on client sites in UK and occasional travel to Europe and Asia. </span></p> <ul style="margin-top:0.0cm;margin-bottom:0.0cm" type="disc"> <li style="color:#333333;margin-bottom:0.0cm;line-height:normal;background-color:white;margin-top:0.0cm;margin-right:0.0cm;font-size:11.0pt;font-family:Aptos, sans-serif"><span style="font-family:Calibri, sans-serif">Design, deploy and configuration of SIEM applications (e.g. SPLUNK enterprise, enterprise security, Splunk SOAR and UBA, Microsoft Sentinnel, Elastic, Microsoft XDR and other) including:</span></li> <ul style="margin-top:0.0cm;margin-bottom:0.0cm" type="disc"> <li style="color:#333333;margin-bottom:0.0cm;line-height:normal;background-color:white;margin-top:0.0cm;margin-right:0.0cm;font-size:11.0pt;font-family:Aptos, sans-serif"><span style="font-family:Calibri, sans-serif">Specify infrastructure requirements (RAM, Disk, CPU, Network bandwidth) for SIEM applications</span></li> <li style="color:#333333;margin-bottom:0.0cm;line-height:normal;background-color:white;margin-top:0.0cm;margin-right:0.0cm;font-size:11.0pt;font-family:Aptos, sans-serif"><span style="font-family:Calibri, sans-serif">Integration of SIEM application with identity management solutions.</span></li> <li style="color:#333333;margin-bottom:0.0cm;line-height:normal;background-color:white;margin-top:0.0cm;margin-right:0.0cm;font-size:11.0pt;font-family:Aptos, sans-serif"><span style="font-family:Calibri, sans-serif">Integration of SIEM applications with Vulnerability Management, and Asset and Configuration Management systems to enrich efficacy of the solution.</span></li> <li style="color:#333333;margin-bottom:0.0cm;line-height:normal;background-color:white;margin-top:0.0cm;margin-right:0.0cm;font-size:11.0pt;font-family:Aptos, sans-serif"><span style="font-family:Calibri, sans-serif">Integration of SIEM application with Cyber Threat Intelligence and Case Management solutions.</span></li> <li style="color:#333333;margin-bottom:0.0cm;line-height:normal;background-color:white;margin-top:0.0cm;margin-right:0.0cm;font-size:11.0pt;font-family:Aptos, sans-serif"><span style="font-family:Calibri, sans-serif">Design, implement and manage log collection and onboarding activities to SIEM.</span></li> <li style="color:#333333;margin-bottom:0.0cm;line-height:normal;background-color:white;margin-top:0.0cm;margin-right:0.0cm;font-size:11.0pt;font-family:Aptos, sans-serif"><span style="font-family:Calibri, sans-serif">Identify initial set of use cases & playbooks for detection and automation content and required development, deployment, testing and release.</span></li> <li style="color:#333333;margin-bottom:0.0cm;line-height:normal;background-color:white;margin-top:0.0cm;margin-right:0.0cm;font-size:11.0pt;font-family:Aptos, sans-serif"><span style="font-family:Calibri, sans-serif">Support deployment of SIEM application to both cloud hosting and containers, and OnPrem hosted VM’s and containers</span></li> </ul> <li style="color:#333333;margin-bottom:0.0cm;line-height:normal;background-color:white;margin-top:0.0cm;margin-right:0.0cm;font-size:11.0pt;font-family:Aptos, sans-serif"><span style="font-family:Calibri, sans-serif">Oversee deployment / implementation activities ensuring that entry criteria are met, all planned activities are completed and that rollback plans are initiated where required.</span></li> <li style="color:#333333;margin-bottom:0.0cm;line-height:normal;background-color:white;margin-top:0.0cm;margin-right:0.0cm;font-size:11.0pt;font-family:Aptos, sans-serif"><span style="font-family:Calibri, sans-serif">Review and approve all required documentation as part of a release or change including design, deployment, configuration and administration guides.</span></li> <li style="color:#333333;margin-bottom:0.0cm;line-height:normal;background-color:white;margin-top:0.0cm;margin-right:0.0cm;font-size:11.0pt;font-family:Aptos, sans-serif"><span style="font-family:Calibri, sans-serif">The role is a cyber technical specialist with deep knowledge of the Cyber Monitoring technologies and cyber threat tools, tactics, techniques and procedures.</span></li> <li style="color:#333333;margin-bottom:0.0cm;line-height:normal;background-color:white;margin-top:0.0cm;margin-right:0.0cm;font-size:11.0pt;font-family:Aptos, sans-serif"><span style="font-family:Calibri, sans-serif">Develop test procedures to test solutions meet functional and non-functional requirements</span></li> <li style="color:#333333;margin-bottom:0.0cm;line-height:normal;background-color:white;margin-top:0.0cm;margin-right:0.0cm;font-size:11.0pt;font-family:Aptos, sans-serif"><span style="font-family:Calibri, sans-serif">Generalist Technical SME to support deployment and configuration of various tools including Jira and Cribl</span></li> </ul> <p style="margin:0.0cm;line-height:normal;background-color:white;font-size:11.0pt;font-family:Aptos, sans-serif"> </p> <p style="margin:0.0cm;line-height:normal;background-color:white;font-size:11.0pt;font-family:Aptos, sans-serif"><strong><u><span style="font-family:Calibri, sans-serif;color:black">Core Duties</span></u></strong><u><span style="font-family:Calibri, sans-serif;color:#333333"> </span></u></p> <p style="margin:0.0cm;line-height:normal;background-color:white;font-size:11.0pt;font-family:Aptos, sans-serif"> </p> <p style="margin:0.0cm;line-height:normal;background-color:white;font-size:11.0pt;font-family:Aptos, sans-serif"><span style="font-family:'Times New Roman', serif;color:black"> </span></p> <ul style="margin-top:0.0cm;margin-bottom:0.0cm" type="disc"> <li style="color:#333333;margin-bottom:0.0cm;line-height:normal;background-color:white;margin-top:0.0cm;margin-right:0.0cm;font-size:11.0pt;font-family:Aptos, sans-serif"><span style="font-family:Calibri, sans-serif">Knowledge and experience of design, build, deployment and operation of SIEM/SOAR tools (Splunk and Sentinel at a minimum) and other appropriate tooling e.g. SOAR, Threat Intelligence, traffic analysis tools etc. to identify signs of an intrusion, and advise where new/improved tooling could enhance the SOC operation</span></li> <li style="color:#333333;margin-bottom:0.0cm;line-height:normal;background-color:white;margin-top:0.0cm;margin-right:0.0cm;font-size:11.0pt;font-family:Aptos, sans-serif"><span style="font-family:Calibri, sans-serif">Experience deploying and configuring SIEM applications (e.g. SPLUNK and/ or MS Sentinnel) in a performant manner on cloud and / or OnPrem to support high data rates</span></li> <li style="color:#333333;margin-bottom:0.0cm;line-height:normal;background-color:white;margin-top:0.0cm;margin-right:0.0cm;font-size:11.0pt;font-family:Aptos, sans-serif"><span style="font-family:Calibri, sans-serif">Proven delivery and experience leading conducting onboarding activities onto a SIEM</span></li> <li style="color:#333333;margin-bottom:0.0cm;line-height:normal;background-color:white;margin-top:0.0cm;margin-right:0.0cm;font-size:11.0pt;font-family:Aptos, sans-serif"><span style="font-family:Calibri, sans-serif">Strong knowledge of how Azure and AWS security functions work as security controls as well as detection tools to protect large cloud estates; Produce content and playbooks on Sentinel and Splunk to detect security breaches and recognise the importance of threat led Use Cases.</span></li> <li style="color:#333333;margin-bottom:0.0cm;line-height:normal;background-color:white;margin-top:0.0cm;margin-right:0.0cm;font-size:11.0pt;font-family:Aptos, sans-serif"><span style="font-family:Calibri, sans-serif">Deep knowledge and experience of Enterprise ICT.</span></li> <li style="color:#333333;margin-bottom:0.0cm;line-height:normal;background-color:white;margin-top:0.0cm;margin-right:0.0cm;font-size:11.0pt;font-family:Aptos, sans-serif"><span style="font-family:Calibri, sans-serif">Working with a range of security tooling/technology.</span></li> <li style="color:#333333;margin-bottom:0.0cm;line-height:normal;background-color:white;margin-top:0.0cm;margin-right:0.0cm;font-size:11.0pt;font-family:Aptos, sans-serif"><span style="font-family:Calibri, sans-serif">Strong understanding of security architecture, in particular networking.</span></li> <li style="color:#333333;margin-bottom:0.0cm;line-height:normal;background-color:white;margin-top:0.0cm;margin-right:0.0cm;font-size:11.0pt;font-family:Aptos, sans-serif"><span style="font-family:Calibri, sans-serif">Detailed understanding of threat intelligence and threat actors, TTPs and operationalising threat intelligence.</span></li> <li style="color:#333333;margin-bottom:0.0cm;line-height:normal;background-color:white;margin-top:0.0cm;margin-right:0.0cm;font-size:11.0pt;font-family:Aptos, sans-serif"><span style="font-family:Calibri, sans-serif">Understand TCP/IP component layers to identify normal and abnormal traffic.</span></li> </ul> <p style="margin:0.0cm 0.0cm 0.0cm 18.0pt;line-height:normal;background-color:white;font-size:11.0pt;font-family:Aptos, sans-serif"> </p> <p style="margin:0.0cm;line-height:normal;background-color:white;font-size:11.0pt;font-family:Aptos, sans-serif"><strong><span style="font-family:Calibri, sans-serif;color:black"> </span></strong></p> <p style="margin:0.0cm;line-height:normal;background-color:white;font-size:11.0pt;font-family:Aptos, sans-serif"><strong><u><span style="font-family:Calibri, sans-serif;color:black">The Team</span></u></strong></p> <p style="margin:0.0cm;line-height:normal;background-color:white;font-size:11.0pt;font-family:Aptos, sans-serif"><strong><span style="font-family:Calibri, sans-serif;color:black"> </span></strong></p> <p style="line-height:11.75pt;background-color:white;margin:0.0cm 0.0cm 8.0pt;font-size:11.0pt;font-family:Aptos, sans-serif"><span style="font-family:Calibri, sans-serif;color:black;background-color:white">We work hard and often go the extra mile, but we recognise people’s efforts and that everyone has a life outside of work. We encourage people to speak up if they want to rotate to a new project.</span></p> <p style="line-height:11.75pt;background-color:white;margin:0.0cm 0.0cm 8.0pt;font-size:11.0pt;font-family:Aptos, sans-serif"> </p> <p style="line-height:11.75pt;background-color:white;margin:0.0cm 0.0cm 8.0pt;font-size:11.0pt;font-family:Aptos, sans-serif"><strong><u><span style="font-family:Calibri, sans-serif;color:black;background-color:white">Why BAE Systems</span></u></strong></p> <p style="line-height:11.75pt;background-color:white;margin:0.0cm 0.0cm 8.0pt;font-size:11.0pt;font-family:Aptos, sans-serif"><span style="font-family:Calibri, sans-serif;color:black;background-color:white">This is a place where you’ll be able to make a real difference. You’ll be part of an inclusive culture which values diversity, rewards integrity and merit, and where you’ll be empowered to fulfil your potential. We welcome candidates from all backgrounds and particularly from sections of the community who are currently under-represented within our industry including women, ethnic minorities, people with disabilities and LGBTQ+ individuals</span></p> <p style="line-height:11.75pt;background-color:white;margin:0.0cm 0.0cm 8.0pt;font-size:11.0pt;font-family:Aptos, sans-serif"><span style="font-family:Calibri, sans-serif;color:black;background-color:white">We also want to make sure that our recruitment processes are as inclusive as possible. If you have a disability or health condition (for example dyslexia, autism, an anxiety disorder etc.) that may affect your performance in certain assessment types, please speak to your recruiter about potential reasonable adjustments.</span></p> <p style="line-height:11.75pt;background-color:white;margin:0.0cm 0.0cm 8.0pt;font-size:11.0pt;font-family:Aptos, sans-serif"><span style="font-family:Calibri, sans-serif;color:black;background-color:white">Please be aware that many roles at BAE Systems are subject to both security and export control restrictions. These restrictions such as your nationality, any nationalities which you previously may have held and your place of birth can restrict the roles you are able to perform within the organisation.</span></p> <p style="margin:0.0cm 0.0cm 8.0pt;line-height:107%;font-size:11.0pt;font-family:Aptos, sans-serif"><span style="font-family:Calibri, sans-serif;color:black;background-color:white">All applicants must as a minimum achieve Baseline Personnel Security Standard. Many roles also require higher levels of National Security Vetting where applicants must typically have 5 to 10 years</span></p><p><b>Life at BAE Systems Digital Intelligence </b></p> <p>We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day.</p> <p>By embracing technology, we can interact, collaborate and create together, even when we’re working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance well-being.</p> <p>Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds – the best and brightest minds – can work together to achieve excellence and realise individual and organisational potential.</p>