Future Tech Jobs Future Tech Jobs

Senior SIEM Content Developer

CV-Library
Newbury, Berkshire
13 months ago
Applications closed

Related Jobs

View all jobs

Sr. Program Manager, Engineering - Supporting GDI & Onum , Madrid)

CrowdStrike Spain
Β£50,000 – Β£70,000 pa Hybrid

Platform Professional Services Sr. Consultant , GBR)

CrowdStrike United Kingdom
Β£40,000 – Β£70,000 pa Remote

Senior Security Engineer

Bridewell Cardiff, United Kingdom
Hybrid

Senior Cyber Security Engineer

Morgan Law London, United Kingdom
Β£500 pd

Senior Security Engineering Consultant - Fully

Ex-Mil Recruitment Ltd Basingstoke, Hampshire, United Kingdom
Β£90,000 – Β£100,000 pa Remote Clearance Required

Senior Cyber Security Engineer

Fox Morris Group Ltd Hackney Central, London, United Kingdom
Β£400 – Β£600 pd
Posted
16 Apr 2025 (13 months ago)
Share
Save job
Create job alert

Senior SIEM Content Developer - Detection Engineering | Cyber Security

Location: Newbury - Remote Working - Outside IR35

Team: Cyber Defence Ops

Experience Level: Mid-Senior

The Role

We're on the hunt for a Senior SIEM Content Developer who lives and breathes detection logic. If you enjoy diving deep into attacker behaviors, writing detection rules that actually catch things (not just flag every login attempt), and helping drive threat visibility across modern tech stacks - this might be for you! You'll be part of a global cyber defence team building and refining detections across SIEM, EDR, and ELK stacks, and collaborating with security analysts, threat hunters, and incident responders to stop threats faster and smarter.

πŸ”§ What You'll Be Doing

Writing & tuning detection rules across SIEM/EDR/ELK to surface real attacker behaviors (not noise)
Analyzing TTPs, threat intel, and real-world incidents to build behavior-based detections (beyond IOC chasing)
Rapid-prototyping searches mid-incident to surface lateral movement, C2, or privilege escalation attempts
Creating and maintaining detection logic documentation + MITRE ATT&CK coverage mapping
Supporting blue team investigations with deep log analysis and quick-turnaround queries
Working with multiple data sources: firewalls, EDR, proxy, VPN, NetFlow, etc.

🧩 You'll Fit If You Have

1-3 years writing SIEM/EDR detection content
1+ year in a SOC environment (Tier 2+ preferred)
Strong grasp of detection engineering and attacker methodology
Solid experience with ELK, Splunk, or similar SIEM platforms
Comfort pivoting through logs under pressure and building fast, accurate queries
Experience with threat modeling and mapping detections to MITRE ATT&CK
Bonus: You've worked with version control for detection rules, or done some detection-as-code

βœ… Nice-to-Haves

Certs like GCIA, GCIH, CEH, GNFA, GCFA
Familiarity with frameworks like Sigma or KQL
A side interest in threat hunting or malware behavior

πŸ“ˆ What You'll Impact

How quickly we detect and respond to real threats
The signal-to-noise ratio of our security stack
Our ability to spot emerging TTPs and adapt quickly

πŸ’¬ Why Join?

Work with a smart, collaborative cyber team that values creativity and curiosity
Make real contributions to global security operations
Flexible hybrid setup, no micromanaging - just impact
Opportunity to own detection content and make your mark in a high-impact spaceECS Recruitment Group Ltd is acting as an Employment Business in relation to this vacancy

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Products

Where to Advertise Cyber Security Jobs in the UK (2026 Guide)

Advertising cyber security jobs in the UK requires a different approach to most technical hiring. The candidate pool is small, heavily vetted and in high demand across government, financial services, critical national infrastructure and the private sector simultaneously. Many of the strongest candidates hold active security clearances, are not actively job-searching through general platforms, and move primarily through specialist networks and trusted referrals. General job boards reach a broad audience but lack the specificity that security professionals expect. Specialist platforms, government-affiliated channels and cleared candidate networks each serve a different part of the market. This guide, published by CybersecurityJobs.tech, covers where to advertise cyber security roles in the UK in 2026, how the main platforms compare, what employers should expect to pay, and what the data says about hiring across different role types.

Jobs

Cyber Security Jobs UK 2026: What to Expect Over the Next 3 Years

Cyber security is one of the few sectors where demand for talent has never once dipped. Every major technological shift of the past decade β€” cloud migration, remote working, AI adoption, the proliferation of connected devices β€” has expanded the attack surface that security professionals are expected to defend. And every expansion of that attack surface has generated more jobs. But the cyber security jobs market of 2026 is not simply a larger version of what it was three years ago. It is a structurally different market. The threats have evolved, the technologies used to combat them have changed, the regulatory environment has tightened considerably, and the roles being created reflect all of that. A job seeker who understands only the cyber security landscape of 2023 is already working with an outdated map. The candidates who will thrive over the next three years are those who understand where the sector is heading β€” which specialisms are attracting the most investment, which technologies are reshaping defensive and offensive security practice, and how the definition of a cyber security professional is broadening well beyond the traditional image of a network defender in a SOC. This article breaks down what the UK cyber security jobs market is likely to look like through to 2028 β€” covering the titles emerging right now, the technologies driving employer demand, the skills that will matter most, and how to position your career ahead of the curve.

Jobs

Penetration Tester Jobs in the UK: What Employers Actually Want in 2026

The demand for skilled professionals in cyber security has never been higher, and penetration testers sit at the very heart of this rapidly evolving industry. As organisations across the UK continue to digitise their operations, protect sensitive data, and defend against increasingly sophisticated threats, the need for ethical hackers has grown dramatically. If you are considering a career in this fieldβ€”or looking to advance within itβ€”it is essential to understand what employers are really looking for in 2026. This guide breaks down the current expectations, required skills, certifications, and practical experience that can help you stand out in a competitive job market.

πŸͺ Basic, anonymous analytics (aggregate counts only, never shared) are always on. Accept to also enable third-party tools β€” Google Analytics, Microsoft Clarity, Mixpanel, Leadfeeder β€” which help us match you with relevant Cyber Security roles. We never sell your data or use it for cross-site advertising. See our Cookie Policy.