Lead SOC SIEM Engineer Hybrid: Hemel Hempstead (1–2 days per week onsite) Security Clearance: Willing and eligible to obtain DVWe’re looking for a Lead SOC SIEM Engineer to join a large, fast-growing Security Operations Centre supporting some of the UK’s most high-profile defence and national security clients.
This is a hands-on, senior role where you’ll take ownership of SIEM content engineering — designing, building, tuning, and evolving detection capability across multiple secure environments. If you know SIEMs inside out and want your work to directly influence real-world cyber defence, this role gives you the platform to do exactly that.
What you’ll be doing:- Leading the design, build, and tuning of SIEM content including detection rules, dashboards, and reporting
- Ensuring high-quality data ingestion, visibility, and coverage so genuine threats aren’t missed
- Collaborating closely with SOC Analysts, Security Architects, Engineers, and Programme teams
- Translating threat intelligence, vulnerabilities, and adversary techniques into effective detections
- Supporting incident response by improving alert fidelity and reducing noise
- Helping define and maintain SOC standards, detection strategy, and engineering best practice
What you’ll bring:- Strong hands-on experience with SIEM platforms such as Splunk, Microsoft Sentinel, or QRadar
- Deep understanding of detection engineering and security monitoring best practices
- Knowledge of industry standards and frameworks (ISO 27001/27002, NIST, CIS, PCI DSS)
- Scripting capability in Python, PowerShell, and regex
- Ability to operate across multiple customers and projects without losing technical depth
- Willingness and eligibility to obtain DV clearance
This is a SIEM engineering role where you’ll see the tangible impact of your work — improving detection capability for defence-critical systems. You’ll benefit from a genuine hybrid setup and join a SOC that’s scaling by design, not backfilling.
If you are interested please apply ASAP. The People Network is an employment agency and will respond to all applicants within three - five working days. If you do not hear within these timescales please feel free to get in touch.