National AI Awards 2025Discover AI's trailblazers! Join us to celebrate innovation and nominate industry leaders.

Nominate & Attend

SIEM Principal Engineer

NCC Group
1 year ago
Applications closed

Related Jobs

View all jobs

Principal Cyber Security Consultant - Hybrid

Security Consultant (Security Operations / SOC)

ICT Security Analyst

Security Engineer

Associate SOC Analyst

Security Analyst

The Opportunity

A successful candidate will be responsible for the day-to-day support and operations of several SIEM solutions within our Leeds based SOC. Roles and responsibilities for this role include, but may not be limited to: 

Maintaining the NCC Group SOCs SIEM platforms 

Onboard and manage SIEM event sources and transition through to live SOC Managed Services. 

Assisting in the development of new SOC infrastructure to assist in SIEM and surrounding SOC requirements. 

Providing guidance and support to SOC personnel regarding SIEM operations, concepts, and development. 

Collaborating with our Analytics Development capability to create and deploy new detection mechanisms (both traditional analytics and machine learning techniques). 

Providing SIEM expertise to support Security Analysts during incidents and investigations. 

Collaborating with other teams to help develop and drive improvements/progression. 

A successful candidate would be able to provide security advice to customers to help them develop their security awareness and infrastructure. Working for a Security Partner requires a surrounding knowledge and experience of security awareness, incidents response, and management. 

The Challenge

As a Principal SIEM Engineer, you will be a subject matter expert in SIEM technologies, responsible for designing, implementing, and optimizing SIEM solutions. Your role involves advanced technical contributions and providing guidance to other engineers. Key behaviours and responsibilities include: 

Technical Leadership: Serve as the go-to expert for SIEM architecture, design, and implementation, offering guidance to the engineering team. 

Implementation: Deploy and configure SIEM tools, integrating data sources and creating correlation rules to identify and respond to security incidents. 

Optimization: Continuously refine SIEM configurations, rules, and alerts to enhance threat detection accuracy and reduce false positives. 

Research: Stay informed about emerging threats and vulnerabilities, applying that knowledge to improve the organization's security posture. 

Collaboration: Collaborate with other security and IT teams to ensure seamless integration of SIEM solutions within the broader technology ecosystem. 

Training: Provide training and knowledge sharing sessions to enhance the skills of SIEM engineers and analysts. 

Documentation: Create detailed technical documentation for SIEM solutions, including architecture diagrams and operational procedures. 

Essential Skills

At NCC Group we are passionate about passionate people; someone who wants to join in our mission of making the world safer and more secure, whilst learning new skills and advancing their career forward.

In terms of technical and behavioral capabilities, we are looking for individuals who have experience in the following areas:

Minimum Requirements 

Splunk Enterprise Certified Administrator 

Desirable Requirements 

Splunk Cloud Certified Administrator 

Splunk Cloud Certified Architect

CompTIA Certifications (Security+/ Network+/ Linux+) 

Crest, GIAC or CISSP Certification 

Degree in related field. 

Other relevant certifications. 

Behaviors

Detail-Oriented: Pay close attention to details when configuring and monitoring SIEM tools to ensure accurate threat detection and incident response. 

Proactive: Demonstrate a proactive approach to monitoring and responding to security events, taking the initiative to investigate and escalate as needed. 

Learning Mindset: Exhibit a strong desire to learn and stay current with SIEM technologies, cybersecurity trends, and emerging threats. 

Collaboration: Work well within a team environment, communicating effectively with colleagues from different departments and sharing insights to improve security posture. 

Critical Thinking: Apply logical and analytical thinking to assess security incidents, troubleshoot issues, and make informed decisions. 

Adaptability: Embrace changes in technology and processes, adapting to new challenges and learning quickly in a dynamic security landscape. 

Professionalism: Conduct oneself with professionalism, integrity, and ethical behaviour in all interactions and situation 

Please do not hesitate to apply.

About NCC Group

The NCC Group family has over 2,000 members located all around the world, providing a trusted advisory service to 15,000 customers. Born in the UK, we have now have offices in North America, Canada, Europe, Asia- Pacific and United Arab Emirates.

We are passionate about helping our customers to protect their brand, value and reputation against the ever-evolving threat landscape. We fuel that passion with investment in our people and our business.

National AI Awards 2025

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

By subscribing, you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Jobs

Cyber Security Jobs Employer Hotlist 2025: 50 UK Companies Actively Hiring Right Now

Bookmark this guide—refreshed every quarter—so you always know who’s really expanding their cyber security teams. Ransomware payouts broke records in 2024, the UK’s new Cyber Security Bill imposed mandatory breach disclosure, and the National Cyber Force’s move to Samlesbury has super‑charged the northern skills market. Result? Demand for security architects, SOC analysts, penetration testers, cloud‑security engineers, threat hunters & GRC specialists is at an all‑time high in 2025. Below you’ll find 50 organisations that have posted UK‑based cyber security vacancies or announced head‑count growth during the past eight weeks. They’re organised into five quick‑scan categories. For every employer you’ll see: Main UK hub Example live or recent vacancy Why it’s worth a look (tech stack, culture, mission) Search any company on CyberSecurityJobs.tech to view current ads, or set a free alert so fresh openings land straight in your inbox.

Jobs Careers

Return-to-Work Pathways: Relaunch Your Cyber Security Career with Returnships, Flexible & Hybrid Roles

Re-entering the workforce after a career break can feel especially challenging in a fast-moving field like cyber security. Whether you stepped away for parenting, caregiving or another life chapter, the UK’s cyber security sector now offers a range of return-to-work pathways—from structured returnships to flexible and hybrid roles. These programmes value the transferable skills and resilience you’ve developed during your break, pairing you with mentorship, upskilling opportunities and supportive networks to ease your transition back into cyber security. In this article, tailored for parents and carers, you’ll discover how to: Understand the growing demand for cyber security talent in the UK Translate your organisational, communication and problem-solving skills into cyber security roles Tackle common re-entry challenges with practical solutions Refresh your technical knowledge through targeted learning Access returnship and re-entry programmes specific to cyber security Find roles that accommodate family commitments—whether hybrid, flexible or full-time Balance your career relaunch with caring responsibilities Master applications, interviews and networking in cyber security Draw inspiration from real returner success stories Whether you aim to return as an analyst, penetration tester, security engineer or compliance specialist, this guide will equip you with the steps and resources to reignite your cyber security career.

Jobs

LinkedIn Profile Checklist for Cybersecurity Jobs: 10 Tweaks to Supercharge Recruiter Engagement

In the ever-evolving realm of cybersecurity, having a LinkedIn profile that reflects both your technical prowess and threat-hunting acumen is vital. Organisations are on the lookout for professionals skilled in penetration testing, incident response, security architecture and compliance. With hiring managers scanning dozens of profiles daily, your profile needs to not just rank in searches but convey your expertise in safeguarding digital assets. This step-by-step LinkedIn for cybersecurity jobs checklist offers ten practical tweaks to supercharge recruiter engagement. Whether you’re an aspiring security analyst, a seasoned penetration tester or a chief information security officer aiming for board-level roles, these actionable optimisations will sharpen your LinkedIn presence and position you as a top infosec candidate.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.