Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead the design and tuning of SIEM content to enhance cyber defence.
- Company: Join a fast-growing Security Operations Centre supporting high-profile clients.
- Benefits: Enjoy a hybrid work setup and opportunities for professional growth.
- Why this job: Make a real impact on national security through your expertise in SIEM.
- Qualifications: Experience with SIEM platforms and strong scripting skills required.
- Other info: Work in a dynamic environment with a focus on innovation and collaboration.
The predicted salary is between 43200 - 72000 £ per year.
We’re looking for a Lead SOC SIEM Engineer to join a large, fast-growing Security Operations Centre supporting some of the UK’s most high-profile defence and national security clients. This is a hands-on, senior role where you’ll take ownership of SIEM content engineering — designing, building, tuning, and evolving detection capability across multiple secure environments. If you know SIEMs inside out and want your work to directly influence real-world cyber defence, this role gives you the platform to do exactly that.
What you’ll be doing:
- Leading the design, build, and tuning of SIEM content including detection rules, dashboards, and reporting
- Ensuring high-quality data ingestion, visibility, and coverage so genuine threats aren’t missed
- Collaborating closely with SOC Analysts, Security Architects, Engineers, and Programme teams
- Translating threat intelligence, vulnerabilities, and adversary techniques into effective detections
- Supporting incident response by improving alert fidelity and reducing noise
- Helping define and maintain SOC standards, detection strategy, and engineering best practice
What you’ll bring:
- Strong hands-on experience with SIEM platforms such as Splunk, Microsoft Sentinel, or QRadar
- Deep understanding of detection engineering and security monitoring best practices
- Knowledge of industry standards and frameworks (ISO 27001/27002, NIST, CIS, PCI DSS)
- Scripting capability in Python, PowerShell, and regex
- Ability to operate across multiple customers and projects without losing technical depth
- Willingness and eligibility to obtain DV clearance
This is a SIEM engineering role where you’ll see the tangible impact of your work — improving detection capability for defence-critical systems. You’ll benefit from a genuine hybrid setup and join a SOC that’s scaling by design, not backfilling.
If you are interested please apply ASAP. The People Network is an employment agency and will respond to all applicants within three - five working days. If you do not hear within these timescales please feel free to get in touch.
Lead SIEM Engineer employer: Fynity
Contact Detail:
Fynity Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Lead SIEM Engineer
✨Tip Number 1
Network like a pro! Reach out to your connections in the cybersecurity field, especially those who work with SIEMs. A friendly chat can lead to insider info about job openings or even a referral.
✨Tip Number 2
Show off your skills! If you’ve got a portfolio of projects or contributions to open-source SIEM tools, make sure to highlight them. This is your chance to demonstrate your hands-on experience and technical depth.
✨Tip Number 3
Prepare for interviews by brushing up on common SIEM scenarios and challenges. Be ready to discuss how you would tackle real-world problems, as this shows you’re not just book-smart but also practical.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, we love seeing candidates who are proactive about their job search.
We think you need these skills to ace Lead SIEM Engineer
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the Lead SOC SIEM Engineer role. Highlight your hands-on experience with SIEM platforms and any relevant projects you've worked on. We want to see how your skills align with what we're looking for!
Showcase Your Skills: Don’t just list your skills; demonstrate them! Use specific examples of how you've designed, built, or tuned SIEM content in previous roles. This will help us understand your depth of knowledge and practical experience.
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Explain why you're passionate about cyber defence and how you can contribute to our team. We love seeing enthusiasm and a clear understanding of the role.
Apply Through Our Website: We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it makes the process smoother for everyone involved!
How to prepare for a job interview at Fynity
✨Know Your SIEM Inside Out
Make sure you brush up on your knowledge of SIEM platforms like Splunk, Microsoft Sentinel, or QRadar. Be ready to discuss your hands-on experience and how you've designed, built, or tuned detection rules in the past.
✨Showcase Your Collaboration Skills
This role involves working closely with SOC Analysts and Security Architects. Prepare examples of how you've successfully collaborated with different teams to enhance security measures or improve incident response.
✨Understand Threat Intelligence
Be prepared to talk about how you translate threat intelligence into effective detections. Familiarise yourself with common adversary techniques and be ready to discuss how you've applied this knowledge in previous roles.
✨Demonstrate Your Scripting Skills
Since scripting is a key part of this role, make sure you can discuss your experience with Python, PowerShell, and regex. Consider preparing a small example or two of how you've used these skills to solve problems in your past work.