Build the detections that stop threats in their tracks.
We’re looking for a Senior SOC Engineer (Detection) to join our growing Cyber Security team. This is a hands‑on engineering role where you’ll design and deliver high‑quality detections across Microsoft Sentinel and Splunk to protect critical systems and clients in real time.
If you thrive on turning threat intelligence into actionable detection logic—and enjoy working at the heart of a live SOC—this is your opportunity to make a real impact.
This role is Hybrid: 2 days Farnborough office, 3 days home.
Responsibilities
- Develop, test, and deploy detection content across Microsoft Sentinel and Splunk SIEM.
- Write and optimise detection logic using KQL and SPL.
- Turn monitoring requirements and use cases into effective, actionable detections.
- Tune alerts to reduce false positives and improve SOC efficiency.
- Validate detections against telemetry and ensure accuracy.
- Support onboarding of log sources across cloud, infrastructure, identity and network.
- Collaborate with SOC, Threat Intelligence and Security Architecture teams.
- Investigate detection issues and improve performance and reliability.
- Drive continuous improvement using automation, scripting and best practice.
- Ensure detections are clearly documented and operationally usable.
Qualifications
- Experience in SOC engineering, detection engineering or SIEM engineering.
- Strong hands‑on experience with Microsoft Sentinel and Splunk.
- Solid knowledge of KQL and SPL.
- Experience building, testing and maintaining detection rules.
- Good understanding of SIEM lifecycle management and security telemetry.
- Knowledge of cloud environments and IT infrastructure.
- Familiarity with frameworks such as MITRE ATT&CK.
- Ability to analyse threats and translate them into detection capability.
Nice to Have
- Experience with SOAR (Logic Apps / Splunk SOAR).
- Detection-as-code or CI/CD pipeline experience.
- Scripting in PowerShell, Python or similar.
- Experience with Git-based workflows.
- Relevant certifications (Microsoft, Splunk, Cyber Security).
Employment Details
- Employment Type: Permanent
- Location: Hybrid (2 days Farnborough Office, 3 days home)
- Security Clearance Level: Eligible for SC Clearance
- Internal Recruiter: Jane
- Salary: Up to £80K
Benefits
- 25 days annual leave with the choice to buy additional days
- 4× life insurance
- Matched contributory pension to 6%
- 3% flex benefit
- Single private medical cover
- £5,400 annual allowance (approx.)
Equality & Diversity
We welcome applications from people with diverse backgrounds and identities. We are committed to equality of opportunity for all and do not discriminate on the basis of race, religion, colour, gender, age, disability, sexual orientation or marital status.
If you require any adjustments to the recruitment process, please let us know when completing your application.
