CrawlJobs Logo
Vodafone Logo Vodafone · IT - Software Development

SIEM Content Development Specialist

United Kingdom, Newbury · Job Posted January 21, 2026
Apply Position
Job Link Share

Job Description

The SIEM Content Development Specialist plays a critical role in advancing the Cyber Security Operations Center’s ability to detect and respond to cybersecurity incidents. This role focuses on designing and developing cutting-edge detection content leveraging a wide array of security technologies and telemetry to identify malicious activity and guide security analysts through effective response playbooks. Working within a threat-led framework, the specialist collaborates across teams to translate threat intelligence into actionable detection logic and response workflows. The position demands strong technical acumen, analytical thinking, and problem-solving capabilities, along with the ability to communicate clearly with peers, leadership, and cross-functional stakeholders.

Job Responsibility

  • Contribute to continuous improvement initiatives across multiple technologies by developing and refining content that enhanced threat detection and response capabilities
  • Contribute to the development and optimisation of threat detection content, including the tuning of threat and vulnerability management technologies and the continual refinement of SIEM rules and logic to enhance detection accuracy and operational performance
  • Lead and contribute to the optimisation and modernisation of SIEM content, supporting the adoption of next-generation SIEM technologies and cloud-native security tools
  • Manage the lifecycle of detection content, including development, testing, release, and retirement, using version control and documentation best practices
  • Collaborate with DevOps/SecOps teams to integrate security content into broader CI/CD workflows
  • Collaborate with the CSOC Manager to support improvements in security operations through effective content contributions
  • Support security event analysis by participating in and may drive security event analysis activities to address current cyber threats
  • Assist in threat response activities, providing analytical input from a blue team perspective to help identify potential threat group behaviours
  • Contribute to the creation of cyber security reports and advisories, ensuring timely and accurate dissemination to key stakeholders
  • Participate in residual risk assessments, supporting post-incident analysis and the documentation of operational and technical lessons learned
  • Collaborating with data owners and customers on understanding data sources and use cases and successfully translating requirements to actionable content

Requirements

  • Minimum of 2-5 years’ experience in SIEM content (rule logic and code) development role
  • Minimum of 2 years of SOC analyst experience (Level2 or above) required
  • In depth and extensive hands-on experience in security event analysis, create and refine SIEM/EDR rules and deliver efficiency within the SIEM and all other technologies used within the team
  • Deep knowledge of IPv4/IPv6, TCP networking protocols
  • Deep knowledge of Windows/Linux operating systems
  • Exceptional working knowledge of security technologies such as SIEM (ArcSight, Sentinel, QRadar, LogRhythm, Splunk), EDR (Microsoft Defender, FireEye, Tanium), IDS/IPS, firewalls, proxies, web application firewalls, anti-virus, etc.
  • Comprehensive understanding of Window Security Event logs and Syslog
  • Excellent familiarity with endpoint/perimeter security attack vectors and detection (blue/purple teaming)
  • Excellent familiarity with standard security frameworks such as MITRE, cyber kill chain and APT campaign strategies
  • Outstanding knowledge of cloud platforms such as Azure, O365, Google cloud, AWS, Oracle
  • Experience with modern SIEM platforms, including cloud-native or hybrid solutions
  • Hands-on experience with CI/CD pipelines and automation tools for security content deployment
  • Proficiency in version control systems (e.g., Git) for managing SIEM content
  • Excellent working knowledge of regular expression development
  • Kusto or SQL knowledge, including rule/query optimisation
  • Proven ability to prioritise workload, meet deadlines and utilise time effectively
  • Good interpersonal and communication skills, works effectively as a team leader and the ability
  • Experience in security event analytics, for example Elastic, Azure Sentinel or Splunk
  • 3 years or above related experience
  • Excellent verbal and written communication skills
  • Highly disciplined and motivated, able to work independently or under direction
  • Deep understanding of threat actor techniques and tools

Nice to have

  • Scripting and programming experience is highly desirable
  • Demonstrable experience in critical thinking and data or logical analysis
  • Knowledge of: typical security devices such as firewalls, Intrusion detection system, anti-virus, anti-spam, Cyber threat concepts e.g. cyber kill chain, attack methods, threat actors
  • Cloud systems and Windows and Linux OS
  • Experience with investigating intrusions in Linux and cloud environments

What we offer

  • Yearly bonus: 10%
  • Annual leave: 28 days + bank holidays + the opportunity to buy/sell/carry over 5 days/year
  • Charity days: 5 days/year
  • Maternity leave: 52 weeks: the first 13 weeks are fully paid, followed by 26 weeks of half pay
  • Private pension: You can contribute up to 5% of your basic pay with 2:1 matching from Vodafone up to 10%
  • Access to: private medical, private dental, free health assessments, share save scheme
  • Additional discounts: Vodafone retail, gym, cinema, cycle to work, season ticket loan
Vodafone - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

SIEM Content Development Specialist

8 matching positions

Cyber Defence - Siem Content Development Specialist

We are seeking a Cyber Defence – SIEM Content Development Specialist to strength...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experienced cyber security professional with a strong background in SOC operations, SIEM content development, threat hunting or security engineering
  • Skilled in SIEM technologies, with hands-on experience in Elastic/ELK and working knowledge of platforms such as ArcSight, Microsoft Sentinel, Splunk or Chronicle
  • Comfortable working with cloud and endpoint telemetry across environments such as AWS, GCP and Microsoft security tooling
  • Technically confident, with experience in programming or scripting (for example Python, SQL, JavaScript, PowerShell, KQL or ES|QL) and strong capability in regular expression development
  • Knowledgeable in security frameworks and threat models, including MITRE ATT&CK, cyber kill chain concepts and advanced persistent threat strategies
  • Analytical, collaborative and able to work independently, making informed decisions while building strong relationships across the security community
Job Responsibility
Job Responsibility
  • Design, develop and fine-tune detection rules and use cases across existing and new SIEM platforms, with a strong focus on Elastic (ELK) and other leading SIEM technologies
  • Lead and contribute to security content engineering initiatives, applying secure software development lifecycle (SDLC) and agile practices
  • Analyse attacker behaviour, threat intelligence, MITRE ATT&CK techniques and adversary tooling to create indicator-based and behavioural detections
  • Support and, where required, lead threat response workflows and playbook creation, ensuring seamless integration with CSOC operations
  • Collaborate closely with log source owners, engineering teams and stakeholders to understand telemetry, risks and operational requirements, translating them into effective detection content
  • Deliver security reporting, advisories and post-incident analysis, converting lessons learnt into measurable improvements in detection and response
  • Maintain clear documentation, including detection logic, workflows and operational playbooks, to support consistent CSOC operations
Read More
Arrow Right

Systems Engineering Senior Specialist-Vulnerability Remediation & Tanium Support

We are currently seeking a Systems Engineering Senior Specialist-Vulnerability R...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • HCL Tanium — Server, Module Server, Zone Proxy, and Client deployment and administration (intermediate to advanced level)
  • Tanium Patch, Deploy, Interact, Inventory, Comply, Connect — module configuration and operations
  • Tanium Client deployment via GPO, SCCM, Intune, and PowerShell scripting
  • Tanium sensor, package, and saved question development
  • Vulnerability Remediation
  • Understanding of CVEs
  • Tanium RBAC — user roles, computer groups, content set management
  • Tanium Relevance Language for custom sensor and targeting development
  • PowerShell and Batch scripting for Tanium automation and client management
  • Tanium Connect integration with SIEM and ITSM platforms
Job Responsibility
Job Responsibility
  • Deploy and configure Tanium Server, Tanium Module Server, Zone Proxies, and Tanium Client across enterprise environments
  • vulnerability remediation using Tanium Comply, Detect, Patch, and custom remediation packages
  • Collaborate with security teams (SOC, Threat Management, GRC) to align remediation with vulnerability SLAs and compliance frameworks
  • Drive security hardening programs across endpoints using custom sensors, packages, and benchmarks
  • Execute Tanium platform deployments following defined architecture standards, deployment runbooks, and organizational guidelines
  • Manage Tanium Client deployment at scale across Windows, Linux, and macOS endpoints using GPO, SCCM, Intune, and script-based methods
  • Configure Tanium Zone Proxies for DMZ and remote site endpoint connectivity and visibility
  • Set up and configure Tanium modules post-deployment including Tanium Patch, Deploy, Interact, Inventory, Comply, and Connect
  • Manage Tanium platform SSL certificates, authentication configurations, and RBAC role assignments during and post-deployment
  • Execute Tanium platform upgrades, module updates, and hotfix deployments following change management procedures
  • Fulltime
Read More
Arrow Right

Senior Cyber Incident Management, Operations & Response Specialist - VOIS

We are seeking a Senior Cyber Incident Management, Operations and Response Speci...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in a Security Operations Centre, operating at senior analyst level
  • Strong expertise in SIEM platforms (such as ArcSight, Splunk, QRadar or LogRhythm)
  • Proven experience in security incident investigation, response and management
  • Understanding of malware behaviour, advanced persistent threats and complex attack techniques
  • Skilled in SIEM correlation logic, rule tuning and detection optimisation
  • Ability to create structured workflows, playbooks and triage processes
  • Confident mentoring, coaching and motivating analysts within the team
  • Strong written and verbal communication skills, including the ability to present technical findings to senior stakeholders
  • Degree in Computer Science, Information Technology, Engineering or a related field
  • Prior experience in cloud technologies and the information security domain
Job Responsibility
Job Responsibility
  • Investigate, analyse and accurately triage security alerts and incidents across CSOC platforms
  • Perform deep-dive incident analysis, identify root causes and assess business risk
  • Lead daily stand-ups and act as an escalation point for functional and technical queries from Cyber Defence Analysts
  • Produce clear, high-quality technical and operational reports for stakeholders
  • Maintain and continuously enhance alert triage quality and operational deliverables
  • Develop, document and maintain playbooks, runbooks, SOPs, KEDB articles and knowledge base content
  • Proactively fine-tune detection rules and identify opportunities for alert reduction and effort optimisation
  • Monitor and protect digital systems against unauthorised access, modification or data loss
  • Analyse security breaches and recommend appropriate tools, controls and countermeasures
  • Collaborate closely with Local Market CSIRT teams to manage ongoing cases and reduce backlog
What we offer
What we offer
  • Opportunity to work at the forefront of cyber defence within a global telecommunications organisation
  • Exposure to complex threat landscapes and enterprise-scale security environments
  • A role that combines technical depth with leadership, mentoring and operational ownership
  • The ability to influence detection strategy, incident response quality and process maturity
  • Fulltime
Read More
Arrow Right

Systems Engineering Specialist - Tanium

We are currently seeking a Systems Engineering Specialist - Tanium to join our t...
Location
Location
India , Noida
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6–9 years of experience in enterprise endpoint management with hands-on specialization in Tanium platform deployment and support
  • HCL Tanium — Server, Module Server, Zone Proxy, and Client deployment and administration (intermediate to advanced level)
  • Tanium Patch, Deploy, Interact, Inventory, Comply, Connect — module configuration and operations
  • Tanium Client deployment via GPO, SCCM, Intune, and PowerShell scripting
  • Tanium sensor, package, and saved question development
  • Tanium RBAC — user roles, computer groups, content set management
  • Tanium Relevance Language for custom sensor and targeting development
  • PowerShell and Batch scripting for Tanium automation and client management
  • Tanium Connect integration with SIEM and ITSM platforms
  • Windows, Linux, and macOS endpoint management fundamentals
Job Responsibility
Job Responsibility
  • Deploy and configure Tanium Server, Tanium Module Server, Zone Proxies, and Tanium Client across enterprise environments
  • Execute Tanium platform deployments following defined architecture standards, deployment runbooks, and organizational guidelines
  • Manage Tanium Client deployment at scale across Windows, Linux, and macOS endpoints using GPO, SCCM, Intune, and script-based methods
  • Configure Tanium Zone Proxies for DMZ and remote site endpoint connectivity and visibility
  • Set up and configure Tanium modules post-deployment including Tanium Patch, Deploy, Interact, Inventory, Comply, and Connect
  • Manage Tanium platform SSL certificates, authentication configurations, and RBAC role assignments during and post-deployment
  • Execute Tanium platform upgrades, module updates, and hotfix deployments following change management procedures
  • Validate post-deployment platform health — server connectivity, client registration rates, module functionality, and data accuracy
  • Document deployment configurations, architecture decisions, and post-deployment validation results for knowledge transfer
  • Support proof-of-concept (POC) and pilot deployments for new Tanium modules or platform expansions
  • Fulltime
Read More
Arrow Right

Systems Engineering Specialist - Tanium

The Systems Engineering Specialist - Tanium role at NTT DATA involves deploying,...
Location
Location
India , Noida
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6-9 years of experience in enterprise endpoint management with hands-on specialization in Tanium platform deployment and support
  • HCL Tanium — Server, Module Server, Zone Proxy, and Client deployment and administration (intermediate to advanced level)
  • Tanium Patch, Deploy, Interact, Inventory, Comply, Connect — module configuration and operations
  • Tanium Client deployment via GPO, SCCM, Intune, and PowerShell scripting
  • Tanium sensor, package, and saved question development
  • Tanium RBAC — user roles, computer groups, content set management
  • Tanium Relevance Language for custom sensor and targeting development
  • PowerShell and Batch scripting for Tanium automation and client management
  • Tanium Connect integration with SIEM and ITSM platforms
  • Windows, Linux, and macOS endpoint management fundamentals
Job Responsibility
Job Responsibility
  • Deploy and configure Tanium Server, Tanium Module Server, Zone Proxies, and Tanium Client across enterprise environments
  • Execute Tanium platform deployments following defined architecture standards
  • Manage Tanium Client deployment at scale across Windows, Linux, and macOS endpoints using GPO, SCCM, Intune, and script-based methods
  • Configure Tanium Zone Proxies for DMZ and remote site endpoint connectivity
  • Set up and configure Tanium modules post-deployment
  • Manage Tanium platform SSL certificates, authentication configurations, and RBAC role assignments
  • Execute Tanium platform upgrades, module updates, and hotfix deployments
  • Validate post-deployment platform health
  • Document deployment configurations, architecture decisions, and post-deployment validation results
  • Support proof-of-concept (POC) and pilot deployments
  • Fulltime
Read More
Arrow Right

Systems Engineering Specialist - Tanium

This role is responsible for deploying, configuring, and supporting the Tanium p...
Location
Location
India , Noida
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6-9 years of experience in enterprise endpoint management with hands-on specialization in Tanium platform deployment and support
  • HCL Tanium — Server, Module Server, Zone Proxy, and Client deployment and administration (intermediate to advanced level)
  • Tanium Patch, Deploy, Interact, Inventory, Comply, Connect — module configuration and operations
  • Tanium Client deployment via GPO, SCCM, Intune, and PowerShell scripting
  • Tanium sensor, package, and saved question development
  • Tanium RBAC — user roles, computer groups, content set management
  • Tanium Relevance Language for custom sensor and targeting development
  • PowerShell and Batch scripting for Tanium automation and client management
  • Tanium Connect integration with SIEM and ITSM platforms
  • Windows, Linux, and macOS endpoint management fundamentals
Job Responsibility
Job Responsibility
  • Deploy and configure Tanium Server, Tanium Module Server, Zone Proxies, and Tanium Client across enterprise environments
  • Execute Tanium platform deployments following defined architecture standards, deployment runbooks, and organizational guidelines
  • Manage Tanium Client deployment at scale across Windows, Linux, and macOS endpoints using GPO, SCCM, Intune, and script-based methods
  • Configure Tanium Zone Proxies for DMZ and remote site endpoint connectivity and visibility
  • Set up and configure Tanium modules post-deployment including Tanium Patch, Deploy, Interact, Inventory, Comply, and Connect
  • Manage Tanium platform SSL certificates, authentication configurations, and RBAC role assignments during and post-deployment
  • Execute Tanium platform upgrades, module updates, and hotfix deployments following change management procedures
  • Validate post-deployment platform health — server connectivity, client registration rates, module functionality, and data accuracy
  • Document deployment configurations, architecture decisions, and post-deployment validation results for knowledge transfer
  • Support proof-of-concept (POC) and pilot deployments for new Tanium modules or platform expansions
  • Fulltime
Read More
Arrow Right
New

IT Training Lead

The IT Training Lead will drive technology learning and user adoption across the...
Location
Location
United States , Delray Beach
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience in IT training, instructional design, technical enablement, or learning and development
  • Strong knowledge of Microsoft 365
  • Excellent communication, facilitation, and content development skills
  • Ability to translate technical concepts into practical, user-friendly training.
Job Responsibility
Job Responsibility
  • Design, develop, and deliver IT training programs in instructor-led, virtual, and self-paced formats
  • Take lead in the Microsoft Copilot and AI training strategy, including onboarding, advanced use cases, responsible AI usage, and ongoing enablement
  • Partner with IT leadership to support new technology rollouts, system upgrades, and digital transformation initiatives
  • Create and maintain training content, including videos, guides, tutorials, and job aids
  • Identify skill gaps and develop targeted learning solutions to improve adoption and productivity
  • Gather feedback and measure training effectiveness to continuously improve programs.
Read More
Arrow Right
New

K Kitchen Representative

The position includes, but is not limited to, the following essential job duties...
Location
Location
United States , New Albany
Salary
Salary:
Not provided
https://www.circlek.com Logo
Circle K
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Excellent communication skills
  • Team player who can work well with others or independently
  • Acts with integrity
  • keeps commitments
  • Contagious positive attitude
  • Focuses on achieving results while having fun
  • Frequently bend, twist at waist, kneel, squat, stand, and walk
  • Occasionally climb and descend ladders
  • Tolerate extreme cold and hot temperatures and work in and around fryers, ovens, grills, coolers, freezers, sharp objects, and loud noises
  • Reach, grasp, and manipulate objects with hands for entire shift, including reaching for objects overhead
Job Responsibility
Job Responsibility
  • Provides excellent guest service in a fast and friendly manner
  • Maintains a clean restaurant environment by cleaning and performing general housekeeping duties
  • Prepares and serves food items in accordance with all Brand, Company, and health department regulations
  • Ensures product quality, food safety, and operational standards are met
  • Keeps accurate cash, sales, and inventory control records
  • Follows all government laws and safety codes
  • Completes reports on all incidents following our 5-minute rule policy
  • Lives our Company values: One Team, Do the Right Thing, Takes Ownership, Play to Win
What we offer
What we offer
  • Medical, Dental, Vision, Term Life and AD&D plans
  • Flexible spending and health savings accounts (FT)
  • Vacation paid time off
  • Company holidays paid at time and a half
  • Matching 401(k)
  • Tuition Reimbursement
  • Stock Purchase Plan
  • Employee Discount Program
  • Discount Meal Benefit
  • Wellness Plan
Read More
Arrow Right