SIEM Engineer

SIEM Engineer
Clearance: Active DV required

A great opportunity to work for a top company that provides security systems for the defence and national intelligence sectors as a Splunk-focused SIEM Engineer with expertise in Splunk and Elastic Technology or ELK Stack.

 

DUE TO THE NATURE OF THE WORK YOPU MUST HAVE ACTIVE DV CLEARANCE IN THE UK.


ThE SIEM Engineer will develop, deploy, and participate in the continuous enhancement of security monitoring solutions using Splunk and Elastic technologies.


This is a hands-on technical position with Splunk and Elastic Security to make sure the clients are secured and monitored. You will collaborate directly with engineering and security teams to evaluate risk, create efficient controls, and promote security by design.

 

The SIEM Engineer role will involve:

• Leading and optimising Elastic Security and Splunk (Enterprise & ES) platforms
• Designing and managing SIEM data pipelines (ingestion, enrichment, ECS/CIM)
• Building and tuning MITRE ATT&CK-aligned detections with low noise
• Owning the SIEM content lifecycle end to end
• Automating SIEM workflows using CI/CD, SOAR and IaC
• Ensuring platform resilience, performance and scalability

 

If your SIEM journey includes the following this could be the role for you:

• Strong hands-on experience with Elastic and Splunk ES
• Deep knowledge of detection engineering and data pipelines
• Advanced SPL, KQL or EQL skills
• Experience running SIEM platforms at scale (HA, DR, performance)
• A proactive, problem-solving mindset
• ACTIVE DV CLEARANCE

 

Full-time, on-site role in Hemel Hempstead with potential out-of-hours rota.

 

If you are interested please apply ASAP. The People Network is an employment agency and will respond to all applicants within three - five working days. If you do not hear within these timescales please feel free to get in touch.