Job Description
SIEM Specialist – Defence & National Security
Hybrid | Hemel Hempstead or Farnborough – 1–2 days onsite
DV Clearance Required: Must be eligible
We’re looking for a SIEM Specialist / SIEM Engineer to take full ownership of SIEM design, content, and capability within a high-assurance UK defence environment. In this role, you’ll influence how threats are detected, alerts are managed, and SOC operations scale across nationally critical programmes. This is a hands-on, technically challenging role where your expertise directly shapes both tooling and strategy.
As a SIEM Engineer your day to day will:
* Own SIEM engineering end-to-end: architecture, performance, content, and continuous improvement
* Design, tune, and maintain SIEM rules, alerts, dashboards, and reports that SOC teams rely on
* Serve as the technical escalation point for SIEM across multiple secure programmes
* Translate threat intelligence and attacker techniques (TTPs) into actionable, effective detections
* Work with Threat Hunters, SOC leadership, and Security Architects to define detection strategy
* Mentor engineers and enforce best practice, raising the technical standard across the SOC
Your SIEM skills should include:
* Hands-on SIEM experience in Splunk, Microsoft Sentinel, or QRadar
* Deep understanding of attacker behaviour and how to detect it in a real SOC environment
* Strong scripting and automation skills (Python, PowerShell, Regex) for tuning, enrichment, and noise reduction
* Experience operating in secure, high-pressure defence programmes with senior stakeholders
* Confident challenging weak detections, poor data quality, and outdated processes
Take this opportunity to have a voice around SIEM capability at the cutting edge, protecting UK defence technology against state-of-the-art threats while shaping the future of the SOC.