CrawlJobs Logo
Fynity Logo Fynity · IT - Software Development

Lead SIEM Engineer

United Kingdom, Hemel Hempstead 70000.00 - 75000.00 GBP / Year · Job Posted December 08, 2025
Apply Position
Job Link Share

Job Description

Lead SOC SIEM Engineer. Senior SOC SIEM Content Engineer to join and large expanding SOC team supporting some of the most high-profile defence clients out there. The Senior SIEM Engineer will play a key role in the business building and tuning SIEM content, covering rules, dashboards and reports.

Job Responsibility

  • Building, tuning and looking after SIEM content such as rules, dashboards, and reports, making sure threats don’t get missed
  • Keeping an eye on the data, spotting issues early and helping us respond quickly
  • Working side by side with Analysts, Architects, PMs and Engineers to make sure the SIEM content hits the mark
  • Bringing the latest threat intel, vulnerabilities and attack methods into our set-up
  • Helping to shape and maintain security standards and procedures

Requirements

  • Solid hands-on experience with SIEM tools like Splunk, Sentinel or QRadar
  • A good grip on security best practices and standards (ISO 27001/27002, PCI DSS)
  • Familiarity with frameworks such as NIST, ISO and CIS
  • Comfortable scripting in Python, PowerShell and regex
  • The ability to work across multiple projects and still keep the detail sharp
  • Willing and able to get DV clearance
Fynity - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Lead SIEM Engineer

8 matching positions

Lead SIEM Engineer

Are you ready to take the lead in shaping one of the most advanced SIEM environm...
Location
Location
United Kingdom , Farnborough
Salary
Salary:
70000.00 - 75000.00 GBP / Year
thepeoplenetwork.co.uk Logo
Fynity
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong hands-on experience leading SIEM engineering projects using platforms such as Splunk, Sentinel or QRadar
  • A deep understanding of cybersecurity frameworks and best practice (NIST, ISO, CIS, PCI DSS)
  • Scripting ability in Python, PowerShell and Regex for tuning and automation
  • Excellent communication skills and the ability to collaborate across teams and projects
  • DV Clearance must be eligible and willing to obtain
Job Responsibility
Job Responsibility
  • Leading the design, development and tuning of SIEM content – rules, dashboards, alerts and reports that spot threats fast
  • Acting as the technical authority on SIEM engineering, ensuring the platform runs efficiently and delivers real value
  • Working with SOC Analysts, Threat Hunters and Architects to enhance SIEM use cases and boost detection accuracy
  • Bringing new ideas and threat intelligence to evolve the SIEM strategy and stay ahead of emerging risks
  • Mentoring junior engineers, setting standards, and helping shape the future of SIEM operations
  • Fulltime
Read More
Arrow Right

Cybersecurity Engineer / Team Lead

The Senior Cybersecurity Engineer / Team Lead provides technical leadership and ...
Location
Location
United States , Arlington
Salary
Salary:
103275.00 - 239062.00 USD / Year
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Masters Degree, One-and-one-half (1.5) years of additional experience can substitute for one (1) year of a typical degree program
  • Minimum 10 years' experience performing the cybersecurity and team lead tasks/responsibilities listed above
  • Ability to obtain and maintain a public trust clearance
Job Responsibility
Job Responsibility
  • Lead full lifecycle NIST RMF activities, including categorization, control implementation, security assessment, POA&M management, and ATO sustainment
  • Ensure compliance with federal security standards such as FISMA, HIPAA, and agency-specific security policies
  • Coordinate with assessment and authorization stakeholders to maintain documentation, respond to findings, and support audits and system reviews
  • Oversee enterprise vulnerability scanning operations using tools such as Nessus and agency-approved scanners
  • Review scan results, validate findings, determine criticality, and coordinate remediation with system owners and operations teams
  • Develop and maintain processes for continuous monitoring, risk scoring, and reporting to leadership
  • Integrate threat intelligence platforms to identify emerging risks and drive proactive mitigation strategies
  • Support security audits, penetration tests, and secure configuration enforcement
  • Lead coordination with internal security teams, IT operations, legal/compliance, and government stakeholders to ensure proper handling, documentation, and reporting
  • Use enterprise security tools (e.g., SIEM platforms, endpoint protection, IDS/IPS) to monitor events and support investigations
What we offer
What we offer
  • medical insurance
  • dental insurance
  • vision insurance
  • flexible spending or health savings account
  • life and AD&D insurance
  • short and long term disability coverage
  • paid time off
  • employee assistance
  • participation in a 401k program with company match
  • additional voluntary or legally-required benefits
  • Fulltime
Read More
Arrow Right

Lead Security Engineer

Location
Location
United States , Fort Washington
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of security engineering or security operations experience
  • Strong incident response and remediation background
  • Experience designing and maintaining enterprise security controls
  • Excellent troubleshooting and communication skills
Job Responsibility
Job Responsibility
  • Serve as the technical lead for security operations and incident response
  • Assist in investigation, containment, and remediation of severity incidents
  • Design, implement, and tune security controls across identity, endpoint, email, network, and SIEM platforms
  • Maintain and improve detection quality, response playbooks, and operational documentation
  • Participate in after-hours on-call rotation and provide escalation leadership
Read More
Arrow Right

Lead Cyber Security Engineer

FinXL is seeking an experienced Lead Cyber Security Engineer to design automated...
Location
Location
Australia , Canberra
Salary
Salary:
Not provided
finxl.com.au Logo
FinXL
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience building integrations between SIEM platforms and enterprise systems
  • Knowledge of log ingestion from hybrid environments (Azure and AWS)
  • Experience designing, implementing, and testing security automation playbooks
  • Strong technical documentation skills and a collaborative, team-first mindset
  • Must have be Australian Citizen with minimum of NV1 Clearance
Job Responsibility
Job Responsibility
  • Developing and maintaining playbooks and automated workflows
  • Identifying patterns in logs/events to develop proactive countermeasures
  • Leading incident response, remediation, and threat hunting activities
  • Contributing to security uplift initiatives and emerging tech assessments
Read More
Arrow Right
New

Infrastructure and Security Engineer

We are looking for a highly experienced and forward-thinking Senior Infrastructu...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
fortnumandmason.com Logo
Fortnum & Mason
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong experience with Microsoft infrastructure (Windows Server, Active Directory, Azure, Microsoft 365)
  • Deep understanding of networking technologies (LAN/WAN/WiFi, TCP/IP, firewalls, routing, switching – Cisco)
  • Experience with cloud security, IAM, and Azure environments
  • Knowledge of virtualisation technologies (VMware)
  • Scripting experience (PowerShell)
  • Familiarity with monitoring tools (e.g., SolarWinds, PRTG, Zabbix)
  • Experience in incident response, vulnerability management, and endpoint security
  • Understanding of backup, disaster recovery, and storage solutions
Job Responsibility
Job Responsibility
  • Act as a hands-on technical lead, driving continuous improvement across infrastructure and security
  • Design, implement, and optimise secure, scalable environments across servers, cloud, storage, and networks
  • Support and enhance a hybrid Microsoft ecosystem including Azure, Microsoft 365, Intune, Entra ID, SCCM, and SQL Server
  • Manage and maintain virtualised environments (VMware vSphere, ESXi, vCenter)
  • Ensure performance, resilience, and security of the Cisco Meraki network
  • Manage security tooling including SIEM platforms, endpoint protection, and identity access controls
  • Lead vulnerability assessments, penetration testing, and remediation activities
  • Strengthen cyber defence through proactive threat detection, incident response, and forensic analysis
  • Drive adoption of Zero Trust principles and secure identity management (RBAC, MFA)
  • Enhance security posture across Azure using tools such as Microsoft Defender for Cloud and Sentinel
What we offer
What we offer
  • Competitive salary
  • Up to 40% store and restaurant discount
  • 25 days holiday + your birthday off
  • Subsidised staff restaurant using Fortnum’s own ingredients
  • Excellent pension scheme
  • Ongoing development and career progression opportunities
  • Fulltime
Read More
Arrow Right
New

Vodafone Business Senior Security Engineer

At Vodafone, we’re not just shaping the future of connectivity for our customers...
Location
Location
Egypt , Giza
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5–9 years in cybersecurity engineering or implementation roles
  • Bachelor’s degree in Computer Science, Engineering, IT, or related field
  • Strong communication, presentation, and stakeholder management skills
  • Proven leadership, teamwork, and collaboration abilities
  • Fluency in Arabic and English
  • Security architecture, operations, and enterprise-scale environments
  • Threat management, vulnerability management, and incident response
  • Hands-on experience with SIEM, endpoint protection, IAM, and firewalls
  • Experience with vendors like Microsoft, Cisco, Palo Alto, Fortinet, Trend Micro
  • CISSP, CISM, CEH, CompTIA Security+
Job Responsibility
Job Responsibility
  • Lead the delivery and implementation of end-to-end cybersecurity projects in enterprise-scale environments
  • Design, develop, and maintain secure architecture frameworks covering network, endpoint, identity, and cloud security
  • Manage and enhance Security Operations (SecOps) including monitoring, detection, and response capabilities
  • Oversee threat management, vulnerability management, and incident response processes to minimize risk exposure
  • Analyze and troubleshoot complex security and infrastructure issues across integrated environments
  • Collaborate with internal teams, vendors, and stakeholders to ensure seamless security integration and project execution
  • Provide technical leadership, mentoring, and guidance to security teams
  • Drive adherence to industry standards, policies, and compliance frameworks (ISO 27001, NIST, PCI-DSS)
  • Support continuous improvement initiatives by evaluating emerging threats, tools, and technologies
  • Bridge communication between technical and non-technical stakeholders to support decision-making
  • Fulltime
Read More
Arrow Right
New

Vodafone Business Security Associate Manager

At Vodafone, we’re not just shaping the future of connectivity for our customers...
Location
Location
Egypt , Giza
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 10 years of experience in cybersecurity or IT security roles
  • At least 5 years in a security delivery or service delivery management position
  • Proven experience managing large-scale security programs and multi-disciplinary teams
  • Bachelor's degree in Computer Science, IT, Engineering, or a related field
  • Strong understanding of security domains:Threat management and incident response
  • Identity and Access Management (IAM) & Cloud security
  • Experience with security technologies: SIEM solutions, Firewalls and network security tools & Endpoint protection platforms
  • Familiarity with ICT system integration methodologies
  • Knowledge of IT Service Management frameworks (ITIL v4) and tools such as ServiceNow or BMC Remedy
  • Strong knowledge of security frameworks and standards (ISO 27001, NIST CSF, PCI-DSS)
Job Responsibility
Job Responsibility
  • Oversee the end-to-end delivery of security services, ensuring adherence to timelines, budgets, and quality standards
  • Ensure compliance with SLAs, KPIs, and agreed business objectives
  • Monitor service performance and implement corrective actions when required
  • Act as the primary point of contact for clients, ensuring clear communication and high customer satisfaction
  • Lead the execution of large-scale security projects across complex environments
  • Manage risks, scope, timelines, and resource allocation throughout the project lifecycle
  • Ensure alignment with regulatory requirements, industry frameworks, and internal policies
  • Drive continuous improvement initiatives to enhance service delivery efficiency and quality
  • Lead and manage security delivery teams, ensuring high performance and alignment with organizational goals
  • Conduct performance evaluations, coaching, and team development activities
Read More
Arrow Right
New

Siem Content Development Specialist - Cyber Defence - Vois

We are seeking a SIEM Content Development Specialist to strengthen Cyber Defence...
Location
Location
India , Pune
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experienced professional with 10+ years in SOC operations, SIEM content development, threat hunting, or security engineering
  • Skilled in SIEM technologies, particularly Elastic/ELK, with knowledge of platforms such as Splunk, Sentinel, ArcSight, or Chronicle
  • Proficient in programming and scripting (e.g., Python, SQL, JavaScript, PowerShell, KQL, ES|QL)
  • Strong understanding of cloud environments (AWS, Azure, GCP) and associated telemetry
  • Experienced in developing detection use cases and threat scenarios aligned with MITRE ATT&CK and cyber kill chain frameworks
  • Competent in Regex and data analysis techniques
  • Knowledgeable in networking concepts (TCP/IP, CIDR, subnets) and security tools (IDS/IPS, firewalls, AV systems)
  • Strong analytical, problem-solving, and communication skills
  • Able to work independently, prioritise tasks, and collaborate effectively across teams
  • Certifications such as CISSP or SANS (e.g., GCIH, GCIA) are advantageous
Job Responsibility
Job Responsibility
  • Design, develop, and optimise SIEM detection content across existing and new platforms
  • Lead and contribute to SIEM content engineering initiatives, applying SDLC and Agile methodologies
  • Continuously refine detection rules and logic to improve SOC efficiency and effectiveness
  • Develop and integrate threat response workflows and playbooks
  • Conduct threat analysis to design behavioural and indicator-based detection use cases
  • Collaborate with log source owners to translate business and technical requirements into actionable SIEM content
  • Deliver cyber security reports and advisories to key stakeholders
  • Perform post-incident analysis and drive improvements through actionable insights
  • Support EDR/XDR detection engineering and tuning activities
  • Create and maintain technical documentation, workflows, and operational playbooks
What we offer
What we offer
  • Opportunity to work at the core of global cyber defence operations
  • Exposure to advanced SIEM, EDR, and XDR technologies and large-scale security environments
  • Collaboration with global cyber security experts and stakeholders
  • Continuous learning through evolving threat landscapes and modern security frameworks
  • Opportunity to contribute to meaningful risk reduction initiatives across Vodafone
Read More
Arrow Right