Lead SIEM Engineer

Hybrid: Hemel Hempstead (1-2 days a week on site)

Clearance: Willing and able to get DV clearance

Senior SOC SIEM Content Engineer to join a large expanding SOC team supporting some of the most high‑profile defence clients out there. The Senior SIEM Engineer will play a key role in the business building and tuning SIEM content, covering rules, dashboards and reports. If you're strong technically, know your way around SIEMs and want to use your skills to the full across multiple customers and projects, this SIEM Engineer role could be the move you've been looking for.

• Building, tuning and looking after SIEM content such as rules, dashboards, and reports, making sure threats don't get missed.
• Keeping an eye on the data, spotting issues early and helping us respond quickly.
• Working side by side with Analysts, Architects, PMs and Engineers to make sure the SIEM content hits the mark.
• Bringing the latest threat intel, vulnerabilities and attack methods into our set‑up.
• Helping to shape and maintain security standards and procedures.

• Solid hands‑on experience with SIEM tools like Splunk, Sentinel or QRadar.
• A good grip on security best practices and standards (ISO 27001/27002, PCI DSS).
• Familiarity with frameworks such as NIST, ISO and CIS.
• Comfortable scripting in Python, PowerShell and regex.
• The ability to work across multiple projects and still keep the detail sharp.

This is a SIEM Content Engineer role where you'll actually see the difference your work makes. A hybrid set‑up gives you a mix of home and on‑site time, and you'll be part of a team that's genuinely expanding, not replacing.

If you are interested please apply ASAP. The People Network is an employment agency and will respond to all applicants within three‑five working days. If you do not hear within these timescales please feel free to get in touch.