Start Hiring Start Applying
Start Applying

StudySmarter Job Board

Splunk Developer in City of London
Apply now
Job Board
Companies
ANSON MCCADE
Splunk Developer

Splunk Developer in City of London

City of London Full-Time 65000 - 65000 £ / year (est.) No home office possible
Apply now Go Premium
A

At a Glance

  • Tasks: Design and develop detection content to enhance cyber defence capabilities.
  • Company: Join a high-performing Security Operations Centre in London.
  • Benefits: Competitive salary, bonus, and opportunities for professional growth.
  • Other info: Collaborative environment with a focus on innovation and career advancement.
  • Why this job: Make a real impact in cyber security and strengthen threat visibility.
  • Qualifications: 3+ years in SOC content engineering and strong Splunk experience required.

The predicted salary is between 65000 - 65000 £ per year.

Location: London (Full time - 5 days onsite)

Salary: £65,000 + bonus

Clearance: Must be eligible for UK Developed Vetting (DV) clearance

We are seeking an experienced Security Content Engineer to join a high-performing Security Operations Centre (SOC) environment. This role is focused on designing, developing, and optimising detection content to strengthen cyber defence capabilities and improve threat visibility across enterprise environments.

You will play a critical role in enhancing detection efficacy, reducing false positives, and ensuring robust coverage against evolving threat landscapes.

Key Responsibilities

  • Design and implement detection use cases across SIEM and SOAR platforms using threat intelligence and incident data
  • Develop, map, and maintain detection logic aligned to MITRE ATT&CK frameworks
  • Continuously tune and optimise correlation rules to improve signal-to-noise ratio
  • Validate detection logic through simulations, threat emulation, and red team collaboration
  • Work closely with SOC tooling and engineering teams to ensure efficient data ingestion and parsing
  • Document detection logic, methodologies, and expected outputs for audit and operational use
  • Contribute to post-incident reviews, enhancing detection coverage and response effectiveness
  • Maintain and evolve a repository of use cases, KPIs, and SOC performance metrics

Requirements

  • 3+ years of commercial experience in SOC content engineering, detection engineering, or SIEM administration
  • Strong commercial experience with Splunk
  • Strong hands-on experience with SIEM platforms and query languages (e.g. SPL, KQL)
  • Solid understanding of detection engineering principles, data modelling, and regex
  • Proven experience working with MITRE ATT&CK and threat-informed defence strategies
  • Ability to design scalable and maintainable detection content in complex environments
  • Strong documentation and stakeholder communication skills

Desirable

  • Relevant certifications such as Splunk Enterprise Security, GIAC GCDA, or similar
  • Experience with SOAR platforms and automation workflows
  • Background in threat hunting or incident response

If you are a detection-focused cyber security professional who thrives on building high-quality, intelligence-led SOC content, apply today.

Splunk Developer in City of London employer: ANSON MCCADE

Join our dynamic team in London as a Splunk Developer, where you will be at the forefront of enhancing cyber defence capabilities within a high-performing Security Operations Centre. We pride ourselves on fostering a collaborative work culture that encourages continuous learning and professional growth, offering competitive salaries, bonuses, and the opportunity to work with cutting-edge technology in a vibrant city. With a focus on employee development and a commitment to innovation, we provide a unique environment for those looking to make a meaningful impact in the field of cybersecurity.
A

Contact Detail:

ANSON MCCADE Recruiting Team

View ANSON MCCADE Profile

StudySmarter Expert Advice 🤫

We think this is how you could land Splunk Developer in City of London

✨Tip Number 1

Network like a pro! Reach out to folks in the industry, attend meetups, and connect with people on LinkedIn. You never know who might have the inside scoop on job openings or can refer you directly.

✨Tip Number 2

Show off your skills! Create a portfolio or GitHub repository showcasing your projects related to Splunk and detection engineering. This gives potential employers a taste of what you can do beyond your CV.

✨Tip Number 3

Prepare for interviews by brushing up on common SOC scenarios and Splunk use cases. Practice articulating your thought process and how you've tackled challenges in previous roles. Confidence is key!

✨Tip Number 4

Don't forget to apply through our website! We love seeing candidates who are genuinely interested in joining us. Tailor your application to highlight your experience with detection engineering and how you can contribute to our SOC team.

We think you need these skills to ace Splunk Developer in City of London

Splunk
SIEM Administration
SPL
KQL
Detection Engineering Principles
Data Modelling
Regex
MITRE ATT&CK
Threat Intelligence
Incident Data Analysis
Correlation Rules Tuning
Documentation Skills
Stakeholder Communication
SOAR Platforms
Automation Workflows

Some tips for your application 🫡

Tailor Your CV: Make sure your CV highlights your experience with Splunk and SOC environments. We want to see how your skills align with the job description, so don’t be shy about showcasing your relevant projects and achievements!

Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you’re passionate about detection engineering and how your background makes you a perfect fit for our team. Keep it engaging and personal – we love to see your personality!

Showcase Your Technical Skills: When filling out your application, make sure to mention your hands-on experience with SIEM platforms and query languages like SPL or KQL. We’re looking for candidates who can hit the ground running, so highlight those technical skills!

Apply Through Our Website: We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it’s super easy – just follow the prompts and submit your materials!

How to prepare for a job interview at ANSON MCCADE

✨Know Your Splunk Inside Out

Make sure you brush up on your Splunk skills before the interview. Be ready to discuss your hands-on experience with SIEM platforms and query languages like SPL. Prepare to showcase specific examples of how you've designed and implemented detection use cases in previous roles.

✨Familiarise Yourself with MITRE ATT&CK

Since this role heavily involves working with the MITRE ATT&CK framework, it’s crucial to understand its principles. Be prepared to explain how you've applied this framework in your past work, particularly in developing detection logic and improving threat visibility.

✨Demonstrate Your Problem-Solving Skills

Expect to face scenario-based questions that test your ability to optimise detection content and reduce false positives. Think of specific challenges you've encountered in your previous roles and how you tackled them, especially in relation to tuning correlation rules.

✨Communicate Clearly and Document Well

Strong documentation and communication skills are key for this position. Practice explaining complex technical concepts in a clear and concise manner. Be ready to discuss how you document detection logic and methodologies, as well as your approach to collaborating with stakeholders.

Splunk Developer in City of London
ANSON MCCADE
Location: City of London

Land your dream job quicker with Premium

You’re marked as a top applicant with our partner companies
Individual CV and cover letter feedback including tailoring to specific job roles
Be among the first applications for new jobs with our AI application
1:1 support and career advice from our career coaches
Go Premium

Money-back if you don't land a job in 6-months

>