Lead SOC SIEM Engineer
Hybrid: Hemel Hempstead (1–2 days per week onsite)
Security Clearance: Willing and eligible to obtain DV
We’re looking for a Lead SOC SIEM Engineer to join a large, fast-growing Security Operations Centre supporting some of the UK’s most high-profile defence and national security clients.
This is a hands-on, senior role where you’ll take ownership of SIEM content engineering — designing, building, tuning, and evolving detection capability across multiple secure environments. If you know SIEMs inside out and want your work to directly influence real-world cyber defence, this role gives you the platform to do exactly that.
What you’ll be doing:
Leading the design, build, and tuning of SIEM content including detection rules, dashboards, and reporting
Ensuring high-quality data ingestion, visibility, and coverage so genuine threats aren’t missed
Collaborating closely with SOC Analysts, Security Architects, Engineers, and Programme teams
Translating threat intelligence, vulnerabilities, and adversary techniques into effective detections
Supporting incident response by improving alert fidelity and reducing noise
Helping define and maintain SOC standards, detection strategy, and engineering best practice
What you’ll bring:
Strong hands-on experience with SIEM platforms such as Splunk, Microsoft Sentinel, or QRadar
Deep understanding of detection engineering and security monitoring best practices
Knowledge of industry standards and frameworks (ISO 27001/27002, NIST, CIS, PCI DSS)
Scripting capability in Python, PowerShell, and regex
Ability to operate across multiple customers and projects without losing technical depth
Willingness and eligibility to obtain DV clearance
This is a SIEM engineering role where you’ll see the tangible impact of your work — improving detection capability for defence-critical systems. You’ll benefit from a genuine hybrid setup and join a SOC that’s scaling by design, not backfilling.
If you are interested please apply ASAP. The People Network is an employment agency and will respond to all applicants within three - five working days. If you do not hear within these timescales please feel free to get in touch