< Back to search

top 3 scores:
88%

Location flexibility

81%

Autonomy

80%

Hours flexibility

Apply now

Job Description

TUI Group is the world’s number one integrated tourism business. Information Security is a global team within TUI technology responsible for maintaining and continuously improving security across TUI. We are a multi-disciplinary team of experts across Governance, Risk and Compliance (GRC), Architecture, Engineering and Delivery providing services across the UK, Ireland, Sweden, Norway, Denmark, Finland, Spain, Germany, Belgium and The Netherlands.

We never stop looking ahead, seeking new ways to delight our customers and grow our business. We recognise the power of digital and the massive contribution this brings to creating a truly unique and differentiated customer experience.

We are seeking a skilled SIEM Engineer to join our global Cyber Security team. In this unique role, you will be responsible for implementing and maintaining our Security Information and Event Management (SIEM) systems while also managing the knowledge assets related to our security operations. Your efforts will ensure that TUI's security monitoring capabilities are robust and that critical knowledge is effectively captured, organized, and shared across the team.

  • Now taking applications until 20-01-2025

ABOUT OUR OFFER

  • Personal benefits: Attractive remuneration, bonus opportunity, exclusive travel perks & discounts, extensive health & wellbeing support, and more.
  • Flexible working: Work is something you do, not somewhere you go. We encourage a healthy work-life balance and offer hybrid or remote working models.
  • A career to shape: Opportunities to upskill, reskill and grow your career. Access the TUI Tech Learning Hub to level-up and reach your ambitions.
  • Expand your horizons: Participate in our tech communities and collaborate on global projects and teams.
  • Community: Get involved with incredible local charity and sustainability initiatives like the TUI Care Foundation and the Sustainable Tech Community.

ABOUT THE JOB

System Deployment & Maintenance:

  • Install, configure, and maintain SIEM platforms (e.g., Splunk) to support security monitoring and incident response activities.
  • Ensure the SIEM infrastructure is optimized for performance, scalability, and reliability.

Data Onboarding & Integration:

  • Onboard new log sources by configuring data inputs, parsing rules, and field extractions.
  • Ensure seamless integration of various data sources, including servers, applications, and network devices.

Content Development:

  • Develop and maintain dashboards, alerts, and correlation searches to enhance threat detection capabilities.
  • Customize SIEM content to address specific security use cases and compliance requirements.

Troubleshooting & Support:

  • Monitor SIEM system health and performance, resolving issues promptly to minimize downtime.
  • Provide technical support to the Security Operations Centre (SOC) and other stakeholders.

Documentation & Repository Management:

  • Develop and maintain comprehensive documentation, including playbooks, standard operating procedures (SOPs), and configuration guides.
  • Organize and manage the knowledge repository to ensure information is easily accessible and up-to-date.

Training & Development:

  • Conduct training sessions and workshops to educate team members on SIEM functionalities and security best practices.
  • Foster a culture of continuous learning and knowledge sharing within the security team.

Content Curation:

  • Regularly update knowledge assets to reflect changes in the threat landscape, technology updates, and process improvements.
  • Collaborate with team members to capture tacit knowledge and convert it into explicit documentation.

Threat Detection:

  • Assist in monitoring security events to identify potential threats and vulnerabilities.
  • Fine-tune detection rules to improve accuracy and reduce false positives.

Incident Response Assistance:

  • Support the SOC during security incidents by providing timely access to relevant SIEM data and insights.
  • Update knowledge assets post-incident to capture lessons learned and improve future response efforts.

Regulatory Compliance:

  • Ensure SIEM operations and documentation comply with relevant regulations and industry standards such as GDPR, PCI DSS, and ISO 27001.

Audit Preparation:

  • Provide necessary documentation and evidence to support internal and external audits.
  • Implement audit recommendations to enhance security controls and processes.

ABOUT YOU

Education & Experience:

  • Bachelor's degree in Computer Science or equivalent experience, Information Security, or a related field.
  • Proven experience in SIEM engineering and/or security operations.
  • Experience in knowledge management or technical documentation is a plus.

Technical Expertise:

  • Proficiency with SIEM platforms, particularly Splunk Enterprise and Splunk Enterprise Security.
  • Strong understanding of log management, data parsing, and event correlation.
  • Familiarity with security frameworks and protocols (e.g., TCP/IP, SSL/TLS, LDAP).
  • Basic scripting skills (e.g., Python, PowerShell) for automation and data manipulation.

Knowledge Management Skills:

  • Experience in creating and managing technical documentation and knowledge repositories.
  • Ability to translate complex technical concepts into clear, concise documentation.
  • Proficiency with documentation tools and content management systems.

Stakeholder Management Skills:

  • Excellent interpersonal skills to engage effectively with technical and non-technical stakeholders.
  • Experience in maintaining backlogs and developing implementation roadmaps.
  • Strong organizational skills to manage multiple projects and priorities.

Analytical & Problem-Solving Skills:

  • Ability to analyse security logs and data to identify patterns and anomalies.
  • Strong troubleshooting skills to resolve system issues and optimize performance.

Communication & Collaboration:

  • Good verbal and written communication skills.
  • Ability to conduct training sessions and facilitate knowledge sharing.
  • Collaborative mindset to work effectively within cross-functional teams.

Certifications:

  • Relevant certifications such as Splunk Certified Power User, Splunk Certified Admin, or ITIL Foundation are desirable.
  • Security certifications like CompTIA Security+, SSCP, or equivalent are a plus.

From a workplace to a place to belong. At TUI we embrace diversity, equity, and inclusion, encouraging everyone to come as you are, because together, our potential is limitless.


We are committed to supporting candidates with disabilities and impairments so if you require any support, please do let us know.

TUI Group is the world’s number one integrated tourism business. Information Security is a global team within TUI technology responsible for maintaining and continuously improving security across TUI. We are a multi-disciplinary team of experts across Governance, Risk and Compliance (GRC), Architecture, Engineering and Delivery providing services across the UK, Ireland, Sweden, Norway, Denmark, Finland, Spain, Germany, Belgium and The Netherlands.

We never stop looking ahead, seeking new ways to delight our customers and grow our business. We recognise the power of digital and the massive contribution this brings to creating a truly unique and differentiated customer experience.

We are seeking a skilled SIEM Engineer to join our global Cyber Security team. In this unique role, you will be responsible for implementing and maintaining our Security Information and Event Management (SIEM) systems while also managing the knowledge assets related to our security operations. Your efforts will ensure that TUI's security monitoring capabilities are robust and that critical knowledge is effectively captured, organized, and shared across the team.

  • Now taking applications until 20-01-2025

ABOUT OUR OFFER

  • Personal benefits: Attractive remuneration, bonus opportunity, exclusive travel perks & discounts, extensive health & wellbeing support, and more.
  • Flexible working: Work is something you do, not somewhere you go. We encourage a healthy work-life balance and offer hybrid or remote working models.
  • A career to shape: Opportunities to upskill, reskill and grow your career. Access the TUI Tech Learning Hub to level-up and reach your ambitions.
  • Expand your horizons: Participate in our tech communities and collaborate on global projects and teams.
  • Community: Get involved with incredible local charity and sustainability initiatives like the TUI Care Foundation and the Sustainable Tech Community.

ABOUT THE JOB

System Deployment & Maintenance:

  • Install, configure, and maintain SIEM platforms (e.g., Splunk) to support security monitoring and incident response activities.
  • Ensure the SIEM infrastructure is optimized for performance, scalability, and reliability.

Data Onboarding & Integration:

  • Onboard new log sources by configuring data inputs, parsing rules, and field extractions.
  • Ensure seamless integration of various data sources, including servers, applications, and network devices.

Content Development:

  • Develop and maintain dashboards, alerts, and correlation searches to enhance threat detection capabilities.
  • Customize SIEM content to address specific security use cases and compliance requirements.

Troubleshooting & Support:

  • Monitor SIEM system health and performance, resolving issues promptly to minimize downtime.
  • Provide technical support to the Security Operations Centre (SOC) and other stakeholders.

Documentation & Repository Management:

  • Develop and maintain comprehensive documentation, including playbooks, standard operating procedures (SOPs), and configuration guides.
  • Organize and manage the knowledge repository to ensure information is easily accessible and up-to-date.

Training & Development:

  • Conduct training sessions and workshops to educate team members on SIEM functionalities and security best practices.
  • Foster a culture of continuous learning and knowledge sharing within the security team.

Content Curation:

  • Regularly update knowledge assets to reflect changes in the threat landscape, technology updates, and process improvements.
  • Collaborate with team members to capture tacit knowledge and convert it into explicit documentation.

Threat Detection:

  • Assist in monitoring security events to identify potential threats and vulnerabilities.
  • Fine-tune detection rules to improve accuracy and reduce false positives.

Incident Response Assistance:

  • Support the SOC during security incidents by providing timely access to relevant SIEM data and insights.
  • Update knowledge assets post-incident to capture lessons learned and improve future response efforts.

Regulatory Compliance:

  • Ensure SIEM operations and documentation comply with relevant regulations and industry standards such as GDPR, PCI DSS, and ISO 27001.

Audit Preparation:

  • Provide necessary documentation and evidence to support internal and external audits.
  • Implement audit recommendations to enhance security controls and processes.

ABOUT YOU

Education & Experience:

  • Bachelor's degree in Computer Science or equivalent experience, Information Security, or a related field.
  • Proven experience in SIEM engineering and/or security operations.
  • Experience in knowledge management or technical documentation is a plus.

Technical Expertise:

  • Proficiency with SIEM platforms, particularly Splunk Enterprise and Splunk Enterprise Security.
  • Strong understanding of log management, data parsing, and event correlation.
  • Familiarity with security frameworks and protocols (e.g., TCP/IP, SSL/TLS, LDAP).
  • Basic scripting skills (e.g., Python, PowerShell) for automation and data manipulation.

Knowledge Management Skills:

  • Experience in creating and managing technical documentation and knowledge repositories.
  • Ability to translate complex technical concepts into clear, concise documentation.
  • Proficiency with documentation tools and content management systems.

Stakeholder Management Skills:

  • Excellent interpersonal skills to engage effectively with technical and non-technical stakeholders.
  • Experience in maintaining backlogs and developing implementation roadmaps.
  • Strong organizational skills to manage multiple projects and priorities.

Analytical & Problem-Solving Skills:

  • Ability to analyse security logs and data to identify patterns and anomalies.
  • Strong troubleshooting skills to resolve system issues and optimize performance.

Communication & Collaboration:

  • Good verbal and written communication skills.
  • Ability to conduct training sessions and facilitate knowledge sharing.
  • Collaborative mindset to work effectively within cross-functional teams.

Certifications:

  • Relevant certifications such as Splunk Certified Power User, Splunk Certified Admin, or ITIL Foundation are desirable.
  • Security certifications like CompTIA Security+, SSCP, or equivalent are a plus.

From a workplace to a place to belong. At TUI we embrace diversity, equity, and inclusion, encouraging everyone to come as you are, because together, our potential is limitless.


We are committed to supporting candidates with disabilities and impairments so if you require any support, please do let us know.

Company benefits

Travel credit – All benefits vary by location and job role, we'd be happy to chat to you about this in more detail
Work from anywhere scheme – TUI WORKWIDE means colleagues can work from abroad for up to 30 working days a year
Employee discounts
Flexible working week
Bank holiday swaps
Time off in-lieu
Religious celebration leave
Buy or sell annual leave
Health insurance
Gym membership
Open to part time work for some roles
Mental health platform access
Enhanced maternity leave
Shared parental leave
Pregnancy loss leave
Enhanced paternity leave
Compassionate leave
Cinema discounts
Travel insurance
Cycle to work scheme
In office catering
Annual pay rises
Annual bonus
Life assurance
Salary sacrifice
In office workout classes
Teambuilding days
Employee assistance programme
Charity donation scheme
Enhanced sick pay
Share options
Faith rooms
Volunteer days
Lunch and learns
Hackathons
L&D budget
Sabbaticals
Personal development days
Mental health days
Travel loan
Enhanced pension match/contribution

We asked employees of TUI Group what it's like to work there, and this is what they told us.

Location flexibility
88%
Employees are very happy with their working location freedom
Hours flexibility
80%
Employees are largely happy with the flexibility in the hours they work
Benefits
76%
Employees are largely happy with the benefits their company offers
Work-life balance
72%
Employees feel that they can switch off quite easily from work
Role modelling
76%
Employees feel that most people work flexibly
Autonomy
81%
Employees feel they have complete autonomy over getting their work done

Additional employee ratings
(these do not contribute to the FlexScore®)

Diversity
70%
Employees feel that the diversity is good and there are continued efforts to improve it
Inclusion
75%
Employees feel that the culture supports equity and inclusivity well
Culture
80%
Employees enjoy the working environment
Mission
75%
Employees feel quite excited about the company mission
Salary
52%
Employees feel that their salary is fair and in line with the market average

Working at TUI Group

Company employees

60,000 globally

Gender diversity (male:female)

80:20

Currently Hiring Countries

Albania

Aruba

Australia

Austria

Belgium

Bosnia and Herzegovina

Bulgaria

Caribbean Netherlands

China

Costa Rica

Croatia

Curaçao

Cyprus

Denmark

Dominican Republic

France

Germany

Greece

Hong Kong

Ireland

Italy

Mexico

Netherlands

Portugal

Spain

Sweden

Switzerland

Thailand

Tunisia

Türkiye

United Kingdom

United States

Office Locations

Awards & Achievements

Most flexible companies

Most flexible companies

Flexa100 2024