Build the detections that stop threats in their tracks.
Were looking for a Senior SOC Engineer (Detection) to join our growing Cyber Security team. This is a hands-on engineering role where youll design and deliver high-quality detections across Microsoft Sentinel and Splunk, helping protect critical systems and clients in real time.
If you thrive on turning threat intelligence into actionable detection logicand enjoy working at the heart of a live SOCthis is your opportunity to make a real impact.
This role is Hybrid: 2 days in the Farnborough office, 3 days from home.
You do need to be eligible for SC Clearance.
What youll be doing:
* Develop, test and deploy detection content across Microsoft Sentinel and Splunk SIEM.
* Write and optimise detection logic using KQL and SPL.
* Turn monitoring requirements and use cases into effective, actionable detections.
* Tune alerts to reduce false positives and improve SOC efficiency.
* Validate detections against telemetry and ensure accuracy.
* Support onboarding of log sources across cloud, infrastructure, identity and network.
* Collaborate with SOC, Threat Intelligence and Security Architecture teams.
* Investigate detection issues and improve performance and reliability.
* Drive continuous improvement using automation, scripting and best practice.
* Ensure detections are clearly documented and operationally usable.
What youll bring:
* Experience in SOC engineering, detection engineering or SIEM engineering.
* Strong hands-on experience with Microsoft Sentinel and Splunk.
* Solid knowledge of KQL and SPL.
* Experience building, testing and maintaining detection rules.
* Good understanding of SIEM lifecycle management and security telemetry.
* Knowledge of cloud environments and IT infrastructure.
* Familiarity with frameworks such as MITRE ATT&CK.
* Ability to analyse threats and translate them into detection capability.
Nice to have:
* Experience with SOAR (Logic Apps / Splunk SOAR).
* Detection-as-code or CI/CD pipeline experience.
* Scripting in PowerShell, Python or similar.
* Experience with Git-based workflows.
* Relevant certifications (Microsoft, Splunk, Cyber Security).
Employment Type: Permanent
Candidates should take the time to read all the elements of this job advert carefully Please make your application promptly.
Location: Hybrid: 2 days Farnborough Office. 3 days home.
Security Clearance Level: Eligible for SC Clearance.
Internal Recruiter: Jane
Salary: To £80K
Benefits: 25 days annual leave with the choice to buy additional days,4 x life Insurance, matched contributory pension to 6%, 3% flex benefit, single private medical cover, £5400.00 car allowance.
Loved reading about this job and want to know more about us?
Sopra Sterias Aerospace, Defence and Security business designs, develops and deploys digital solutions to Central Government clients. The work we do makes a real difference to the clients goal of National Security, and we operate in a unique and privileged environment.
We are given time for professional development activities, and we coach and mentor our colleagues, sharing knowledge and learning from each other. xsngvjr We foster a culture in which employees feel valued and supported and have pride in their work for the customer, delivering outstanding rates of customer satisfaction in the UKs most complex safety- and security-critical markets.