Lead SIEM EngineerHybrid – Hemel Hempstead or Farnborough (1–2 days on site) DV Clearance – must be eligibleThis is not a “keep the lights on” SIEM role.If you’re the person everyone turns to when detections fail, noise is out of control, or the SIEM needs fixing properly, this role was built for you.We’re hiring a Lead SIEM Engineer to take full ownership of SIEM capability within a high-assurance UK defence environment. You’ll define how the platform is engineered, how threats are detected, and how the SOC operates at scale. This is a senior, visible role with real authority not a passenger seat.If you want influence, autonomy, and technically demanding work that actually matters, read on.What you will own:End-to-end control of SIEM engineering architecture, content, performance and continuous improvement.Designing and tuning high-fidelity detection logic: rules, alerts, dashboards and reports that SOC teams trust.Acting as the final technical escalation point for SIEM across multiple secure programmes.Driving detection strategy alongside Threat Hunters, SOC Leadership and Security Architects.Introducing new threat intelligence, attack techniques and ideas — and turning them into real detections.Setting the standard: mentoring engineers, enforcing best practice, and raising the technical bar.What we expect from you:Proven leadership in SIEM engineering using Splunk, Microsoft Sentinel or QRadar.Deep understanding of how attackers operate and how SIEM should actually detect them not just map to frameworks.Strong hands-on scripting capability (Python, PowerShell, Regex) to automate, enrich and reduce noise.Confidence operating in secure, high-pressure defence environments with senior stakeholders.The mindset to challenge poor detections, bad data and “we’ve always done it this way”.Why this role stands out:Real ownership you design it, you build it, you improve it.High-impact work protecting nationally critical systems.A SOC that values engineering excellence over box-ticking.Clear scope to influence strategy, tooling and future direction.A role that moves you from senior engineer to technical leader.If you’re done being constrained, under-utilised, or ignored this is your opportunity to take the lead and leave your mark.