At G-Research we take a data-driven approach to security. Our goal is to have an industry leading security information and event management (SIEM) platform which enables fast incident response as well as high quality security research.
The platform provides capabilities for profiling of principal behaviour to correlate with other data to assess risk of insider attack. They are responsible for capture of data for forensic analysis of breach attempts and for evidence in prosecutions. Specifically the Security Data Engineering team works closely with our SOC and Security Data Science teams to ensure that we are able to gather, process and alert on security relevant data and then undertake effective investigative and response activities to minimise the risk to the organisation.
As a data engineer you will be responsible for the data pipeline of security events, productising research ideas, as well as extending investigative capabilities of the team. Our monitoring and collection platform is based on open source Hadoop technology, and designed to support a move to an anomaly driven approach to monitoring.
The following would be advantageous but not necessary: