Listing Description

The Role: 

This individual will maintain the ongoing security monitoring and response program at ForgeRock and own the relationship with our SOC team. You will work under the direction of senior security engineers and the CISO to ensure monitoring is in place and alerts are fully investigated.

Responsibilities:

• Maintenance of Splunk Infrastructure, Data source onboarding 


• Designing and Creating Security Alerts


• Designing and Generating Automation Workflows using SOAR tools.


• Liaising with Project Managers and Implementation Specialists, providing recommendations based on security best practices. 


• Security Incident Management and Ad-hoc Security investigations.


• Internal Ticket Triage and Management


• Writing Internal Documentation 


• External SOC coordination


• Join part of 24/7 on call rota


• Quarterly Security Reviews  

Required Skills/Qualifications: 

• Splunk Data Admin or similar


• System administration of GCP and Google Workspace


• Experience in SOAR Tools such as Tines/Splunk SOAR/Greymatter or other.


• Excellent written and verbal communication skills


• Git, Jira, Microsoft Office or similar

Desirable skills

• Understanding of Kubernetes security & best practises, or other containerisation technologies


• Basic cloud forensic understanding


• Interest or knowledge of Threat Intelligence and surrounding subject matter