< Back to search

top 3 scores:
88%

Location flexibility

81%

Autonomy

80%

Hours flexibility

Apply now

Job Description

TUI Group is the world’s number one integrated tourism business. Information Security is a global team within TUI technology responsible for maintaining and continuously improving security across TUI. We are a multi-disciplinary team of experts across Governance, Risk and Compliance (GRC), Architecture, Engineering and Delivery providing services across the UK, Ireland, Sweden, Norway, Denmark, Finland, Spain, Germany, Belgium and The Netherlands.

We never stop looking ahead, seeking new ways to delight our customers and grow our business. We recognise the power of digital and the massive contribution this brings to creating a truly unique and differentiated customer experience.

We are seeking an experienced SIEM Architect to join our global Cyber Security team that provides services to the whole of TUI Group. In this pivotal role, you will design, implement, and manage our Security Information and Event Management (SIEM) systems to protect TUI's digital assets. You will collaborate with cross-functional teams to enhance our security posture and ensure compliance with industry standards.

  • Now taking applications until 20-01-2025

ABOUT OUR OFFER

  • Personal benefits: Attractive remuneration, bonus opportunity, exclusive travel perks & discounts, extensive health & wellbeing support, and more.
  • Flexible working: Work is something you do, not somewhere you go. We encourage a healthy work-life balance and offer hybrid or remote working models.
  • A career to shape: Opportunities to upskill, reskill and grow your career. Access the TUI Tech Learning Hub to level-up and reach your ambitions.
  • Expand your horizons: Participate in our tech communities and collaborate on global projects and teams.
  • Community: Get involved with incredible local charity and sustainability initiatives like the TUI Care Foundation and the Sustainable Tech Community.

ABOUT THE JOB

Stakeholder Engagement & Roadmap Development:

  • Engage with key stakeholders to understand business needs, security requirements, and priorities.
  • Develop and maintain a SIEM roadmap aligned with organizational goals and emerging threats.
  • Prioritize and manage a backlog of SIEM enhancements, features, and fixes based on stakeholder input.
  • Communicate updates, progress, and changes to stakeholders and senior leadership.
  • Facilitate regular meetings with stakeholders to gather feedback and adjust plans accordingly.

SIEM Architecture & Design:

  • Develop and maintain the overall SIEM architecture to meet business and security requirements.
  • Design scalable solutions for data collection, processing, and storage within the SIEM platform.
  • Establish standards and best practices for SIEM deployment and configuration.
  • Document architectural plans, roadmaps, configurations, and procedures.

SIEM Engineering & Implementation:

  • Install, configure, and maintain SIEM platforms (e.g., Splunk) and associated components.
  • Integrate various log sources, including servers, applications, and network devices, into the SIEM.
  • Develop custom scripts and automation tools to streamline SIEM operations.
  • Optimize SIEM performance through tuning and scaling.

Content Development & Management:

  • Create and manage correlation searches, alerts, and dashboards to detect security threats.
  • Develop use cases and implement monitoring strategies for threat detection and compliance.
  • Regularly update SIEM content to adapt to emerging threats and business changes.

Monitoring & Incident Response Support:

  • Collaborate with the Security Operations Centre (SOC) to analyse security events.
  • Assist in incident response activities by providing relevant SIEM data and insights.
  • Fine-tune detection rules to reduce false positives and enhance threat visibility.

Maintenance & Troubleshooting:

  • Perform regular system health checks and ensure high availability of SIEM services.
  • Troubleshoot and resolve issues related to data ingestion, parsing, and correlation.
  • Apply patches and updates to maintain system security and compliance.

Collaboration & Training:

  • Work closely with IT, DevOps, and other security teams to align on security objectives.
  • Provide training and mentorship to team members on SIEM functionalities and best practices.
  • Participate in cross-functional projects to enhance overall security posture.

Compliance & Reporting:

  • Ensure SIEM operations comply with regulatory requirements and internal policies.
  • Generate compliance reports for standards such as GDPR, PCI DSS, and ISO 27001.
  • Support audit activities by providing necessary documentation and evidence.

ABOUT YOU

Education & Experience:

  • Bachelor’s degree in Computer Science or equivalent experience, Information Security, or a related field.
  • Proven experience in SIEM architecture and engineering roles.

Technical Expertise:

  • Proficiency with SIEM platforms, especially Splunk Enterprise and Splunk Enterprise Security.
  • Strong knowledge of log management, event correlation, and security analytics.
  • Experience with data onboarding, including parsing, normalizing, and mapping data sources.
  • Familiarity with network protocols, operating systems, and security technologies.
  • Proficiency in scripting languages such as Python, PowerShell, or Bash.

Security Knowledge:

  • Understanding of cybersecurity principles, threat landscapes, and attack vectors.
  • Knowledge of security frameworks and compliance standards (e.g., NIST, ISO 27001, GDPR).
  • Experience in developing and implementing security use cases and playbooks.

Analytical & Problem-Solving Skills:

  • Ability to analyse complex datasets to identify patterns, anomalies, and security incidents.
  • Strong troubleshooting skills to resolve technical issues promptly.

Communication & Collaboration:

  • Excellent verbal and written communication skills.
  • Ability to convey complex technical concepts to non-technical stakeholders.
  • Experience working in cross-functional teams and global environments.

Certifications:

  • Relevant certifications such as Splunk Certified Architect, Splunk Certified Engineer, CISSP, or CISM are highly desirable.

From a workplace to a place to belong. At TUI we embrace diversity, equity, and inclusion, encouraging everyone to come as you are, because together, our potential is limitless.


We are committed to supporting candidates with disabilities and impairments so if you require any support, please do let us know.

Company benefits

Travel credit – All benefits vary by location and job role, we'd be happy to chat to you about this in more detail
Work from anywhere scheme – TUI WORKWIDE means colleagues can work from abroad for up to 30 working days a year
Employee discounts
Flexible working week
Bank holiday swaps
Time off in-lieu
Religious celebration leave
Buy or sell annual leave
Health insurance
Gym membership
Open to part time work for some roles
Mental health platform access
Enhanced maternity leave
Shared parental leave
Pregnancy loss leave
Enhanced paternity leave
Compassionate leave
Cinema discounts
Travel insurance
Cycle to work scheme
In office catering
Annual pay rises
Annual bonus
Life assurance
Salary sacrifice
In office workout classes
Teambuilding days
Employee assistance programme
Charity donation scheme
Enhanced sick pay
Share options
Faith rooms
Volunteer days
Lunch and learns
Hackathons
L&D budget
Sabbaticals
Personal development days
Mental health days
Travel loan
Enhanced pension match/contribution

We asked employees of TUI Group what it's like to work there, and this is what they told us.

Location flexibility
88%
Employees are very happy with their working location freedom
Hours flexibility
80%
Employees are largely happy with the flexibility in the hours they work
Benefits
76%
Employees are largely happy with the benefits their company offers
Work-life balance
72%
Employees feel that they can switch off quite easily from work
Role modelling
76%
Employees feel that most people work flexibly
Autonomy
81%
Employees feel they have complete autonomy over getting their work done

Additional employee ratings
(these do not contribute to the FlexScore®)

Diversity
70%
Employees feel that the diversity is good and there are continued efforts to improve it
Inclusion
75%
Employees feel that the culture supports equity and inclusivity well
Culture
80%
Employees enjoy the working environment
Mission
75%
Employees feel quite excited about the company mission
Salary
52%
Employees feel that their salary is fair and in line with the market average

Working at TUI Group

Company employees

60,000 globally

Gender diversity (male:female)

80:20

Currently Hiring Countries

Aruba

Australia

Austria

Belgium

Bulgaria

Caribbean Netherlands

China

Costa Rica

Croatia

Curaçao

Cyprus

Denmark

Dominican Republic

Finland

France

Germany

Greece

Hong Kong

Ireland

Italy

Malta

Mexico

Morocco

Netherlands

Norway

Poland

Portugal

Spain

Sweden

Switzerland

Thailand

Tunisia

Türkiye

United Kingdom

Office Locations

Awards & Achievements

Most flexible companies

Most flexible companies

Flexa100 2024