Detection Engineer

SIEM Detection Engineer | Cyber Security (SIEM)
Farnborough (Hybrid – 2 days onsite)
Up to £65,000 + Benefits
SC Clearance (or eligible)
 
Build and tune the SIEM detections that stop real-world threats.
We’re working with a leading cyber security organisation supporting defence environments, looking for a SIEM Detection Engineer to develop and optimise SIEM detection capability across enterprise systems.
You’ll be hands-on designing SIEM detection logic, mapping attacker behaviour to MITRE ATT&CK, and improving alert quality within a mature SOC environment.
 
Key responsibilities:

• Build and tune SIEM detections (Splunk / Sentinel)
• Map threats using MITRE ATT&CK
• Reduce false positives through optimisation
• Support SOC and engineering teams
• Improve detection maturity

 
What you’ll need:

• Splunk (SPL) and/or Microsoft Sentinel (KQL)
• Detection engineering / SOC engineering experience
• Understanding of attacker TTPs
• Scripting (Python / PowerShell)
• SC eligible or cleared

 
Strong SIEM  technical role with real impact in a defence-focused environment.