Salary: £35,000 - 60,000 per year Requirements: Experience with log analysis and correlation of large datasets from multiple data sources to identify and investigate attack patterns. Experience of supporting and developing SIEM platforms in the context of a Security Operations Centre. Experience of log source configuration and parsing, including experience of data normalization using RegEx. Practical experience in the creation, testing, implementation, and support of custom tooling to support Security Operations. Experience working with APIs. Practical experience in software development and scripting, preferably PowerShell and Python. Initiative and the ability to produce quality work without close supervision. Good written and verbal communication skills, particularly in relation to technical subjects. Attention to detail and genuine passion for maintaining high-quality software configuration. Broad cyber security awareness and practical experience. Experience working with code repositories and CI/CD. Ability to acquire SC and NPPV3 level clearances. Certifications demonstrating a combination of offensive and defensive knowledge are desirable (e.g., PNPT, OSCP, BTL2, GCFA). Previous public sector experience is a plus. Previous SOC or security engineering experience is a plus. Previous experience monitoring the security of cloud technologies is a plus. Experience with Microsoft Power Apps/Power Automate and Azure Logic Apps is a plus. Responsibilities: Develop, maintain, and deploy SIEM detection rules for complex technical environments. Maintain knowledge of the threat landscape and TTPs employed by threat actors. Ensure detections are relevant and effective by collaborating across wider NMC functions. Create custom solutions using both low-code and traditional development approaches. Optimize log collection to align with detection requirements. Maintain documentation for detection rules to be used by analysts. Scope, test, and implement new SIEM data connectors. Contribute to Continual Service Improvement and innovations with wider NMC teams. Support the creation of automation and analyst playbooks. Technologies: Azure CI/CD Cloud Support PowerShell Python Security REST More: We are Police Digital Service, dedicated to protecting people from harm and supporting UK policing through innovative technology. Our National Management Centre (NMC) plays a crucial role in providing visibility and control of information risks, working 24/7 to ensure proactive threat detection and response. Were committed to employee well-being, offering 28 days of annual leave plus bank holidays (rising to 30 after 5 years), flexible working hours, and a supportive environment for professional growth. We embrace diversity and encourage applications from a broad range of backgrounds, creating a rich and inclusive workplace. Hybrid working arrangements allow you to enjoy both face-to-face collaboration and home working opportunities. last updated 5 week of 2026