At a Glance
- Tasks: Engineer and optimise advanced SIEM detections to combat real-world cyber threats.
- Company: Respected cyber security operation focused on critical defence environments.
- Benefits: Up to £65,000 salary, excellent benefits, hybrid work model, and career progression.
- Other info: Opportunity for ongoing development and to shape detection strategy.
- Why this job: Join a collaborative team making a real impact in cyber defence.
- Qualifications: Experience with Splunk or Microsoft Sentinel, and knowledge of threat detection methodologies.
The predicted salary is between 65000 - 65000 € per year.
We’re working with a highly respected cyber security operation supporting critical defence environments, seeking a SIEM Detection Engineer to strengthen and evolve advanced threat detection capability across secure enterprise environments. This is a hands-on technical role where you’ll design, build and optimise detection logic across SIEM platforms, working directly against real-world attacker techniques in a mature, high-performing SOC.
You’ll have the autonomy to shape detection strategy, influence capability development, and act as a technical SME within a complex MSSP environment.
What you’ll be doing:
- Engineering and refining advanced SIEM detections across secure environments
- Researching emerging threats and mapping detections to MITRE ATT&CK
- Tuning detections to improve fidelity and reduce false positives
- Supporting SOC analysts and wider engineering teams with technical expertise
- Driving detection maturity and technical standards
What we’re looking for:
- Strong Splunk (SPL) and/or Microsoft Sentinel (KQL) experience
- Detection engineering experience within enterprise or MSSP environments
- Solid understanding of attacker TTPs and threat detection methodologies
- Scripting ability (Python / PowerShell)
- Knowledge of cloud and enterprise infrastructure
- SC Cleared or eligible
Desirable: QRadar, EDR threat hunting, CrowdStrike, Defender for Endpoint.
Why this role: You’ll join a collaborative cyber team working on genuinely meaningful defence-focused projects, with strong progression, ongoing development, and the opportunity to make a measurable impact.
Interested? Apply now or reach out for a confidential conversation.
SIEM Detection Engineer (SIEM) in Southampton employer: Fynity
Join a leading cyber security operation in Farnborough, where you'll be part of a dynamic team dedicated to protecting critical defence environments. With a strong emphasis on employee growth and development, we offer excellent benefits and a collaborative work culture that values innovation and autonomy. This hybrid role not only allows you to work on impactful projects but also provides the opportunity to shape detection strategies and advance your career in a high-performing SOC.
StudySmarter Expert Advice🤫
We think this is how you could land SIEM Detection Engineer (SIEM) in Southampton
✨Tip Number 1
Network like a pro! Reach out to current employees in the cyber security field, especially those working with SIEM tools. A friendly chat can give you insider info and might even lead to a referral.
✨Tip Number 2
Show off your skills! If you’ve got experience with Splunk or Microsoft Sentinel, make sure to highlight that in conversations. Share specific examples of how you've tackled detection challenges in the past.
✨Tip Number 3
Stay updated on the latest threats! Research emerging trends and techniques in cyber security. Being knowledgeable about current attacker TTPs will impress potential employers and show your passion for the field.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets noticed. Plus, it shows you’re genuinely interested in joining our team and contributing to meaningful defence projects.
We think you need these skills to ace SIEM Detection Engineer (SIEM) in Southampton
Some tips for your application 🫡
Tailor Your CV:Make sure your CV is tailored to the SIEM Detection Engineer role. Highlight your experience with Splunk, Microsoft Sentinel, and any relevant detection engineering work. We want to see how your skills match what we're looking for!
Showcase Your Skills:In your application, don’t just list your skills—show us how you've used them in real-world scenarios. Talk about specific projects where you’ve engineered detections or improved threat detection capabilities. This helps us see your hands-on experience!
Be Clear and Concise:When writing your application, keep it clear and to the point. Use bullet points for key achievements and avoid jargon unless it's relevant. We appreciate straightforward communication that gets right to the heart of your qualifications.
Apply Through Our Website:We encourage you to apply through our website for the best chance of getting noticed. It’s super easy, and you’ll be able to track your application status. Plus, we love seeing applications come directly from our site!
How to prepare for a job interview at Fynity
✨Know Your SIEM Tools Inside Out
Make sure you brush up on your knowledge of Splunk and Microsoft Sentinel. Be ready to discuss your experience with these tools, including specific examples of how you've engineered detections or improved existing ones.
✨Understand the MITRE ATT&CK Framework
Familiarise yourself with the MITRE ATT&CK framework and be prepared to talk about how you've mapped detections to it in previous roles. This shows that you not only understand the theory but can apply it practically.
✨Showcase Your Scripting Skills
Since scripting is a key part of this role, be ready to discuss your experience with Python or PowerShell. Consider bringing along a small project or example that demonstrates your ability to automate tasks or enhance detection capabilities.
✨Prepare for Technical Questions
Expect technical questions related to threat detection methodologies and attacker TTPs. Brush up on common attack vectors and be ready to explain how you would approach tuning detections to improve fidelity and reduce false positives.
