Design, build, and operate a centralised Security Information and Event Management (SIEM) platform to aggregate and analyse security logs across infrastructure, networks, and applications.
Own security log analysis, vulnerability management and incident investigation: establish baselines, create alerting rules for critical security events, and drive rapid incident investigation through log correlation.
Perform security hardening on systems and applications: define hardening standards, implement configurations, and audit compliance.
Investigate security incidents through log analysis and become the on-call responder when something breaks or looks suspicious.
Collaborate closely with Information Security Management to ensure compliance with security policies, regulations (Cyber Essentials, DEF STAN 05-138, ISO 27001, Grundschutz++), and customer requirements.
Build and maintain comprehensive documentation of SIEM architecture, hardening standards, incident response procedures, and security controls for auditors and team.

3+ years hands-on SIEM deployment & log analysis (preferably ELK Stack, Opensearch, Wazuh, Microsoft Defender); production incident investigation experience.
Deep knowledge of Linux & Windows system hardening; hands-on experience with CIS Benchmarks, STIGs, or similar frameworks.
Strong scripting for security automation, log parsing, and alerting rule development.
Experience working in compliance-driven environments.
Ability to design security controls that balance operational friction with security posture.
Security-minded by default: you think in access control, threat detection, and audit-ability.
High autonomy and good judgement. You can investigate incidents end-to-end and escalate appropriately.
Practical operator, not a perfectionist. You prioritise getting secure systems in place and improving iteratively.

A mission-driven environment with direct impact on Europe's defence capability and sovereign security.
Ownership and autonomy: you own SIEM deployment, hardening standards, and incident response. No micromanagement, just clear objectives and accountability for outcomes.
Daily collaboration with top experts across engineering, operations, and defence leadership.
A fast-paced environment where good ideas are implemented quickly, and your security work directly improves company resilience.
A culture that values clarity, integrity, and excellence, and supports people who take initiative and push boundaries responsibly.
Competitive compensation and real share options aligned to responsibility and impact, not tenure or hierarchy.

IT Security Expert

Key skills