Salary: £114,400 - 135,200 per year Requirements: We require strong cyber security programme or workstream leadership experience. We require a background in SOC Operations, Security Monitoring, or Detection Engineering. We require hands-on experience delivering SIEM or Microsoft Sentinel programmes. We require a strong understanding of NIST CSF and enterprise security operations. We require experience managing complex delivery environments and multiple stakeholders. We would value experience with Microsoft Sentinel, Splunk, or QRadar. We would value experience in Detection Engineering, SOC Transformation, Security Monitoring, Tooling Integration, and Operational Uplift. Security clearance, or eligibility to obtain clearance, is highly desirable. Responsibilities: We will lead delivery of the Detect workstream across agreed milestones and outcomes. We will drive SOC transformation, detection engineering, and security monitoring activities. We will manage SIEM onboarding, tooling integration, and operational uplift initiatives. We will coordinate stakeholders across security operations, engineering, and programme leadership. We will own RAID management, dependencies, governance, and delivery reporting. We will support implementation planning, use case prioritisation, and escalation management. Technologies: Support Security Splunk More: We are seeking an experienced Detect Workstream Lead to support a major cyber security transformation programme. This is a hands-on delivery leadership role focused on SOC transformation, SIEM integration, detection engineering, and security operations uplift within a complex enterprise environment. The role is contract-based and hybrid, with two days onsite in Gloucester, and offers a competitive day rate. You will work closely with SOC, security engineering, platform, and programme teams, and this opportunity is well suited to candidates from consulting, MSSP, enterprise cyber transformation, or large-scale security operations environments. last updated 20 week of 2026