Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Design and optimise detection logic for SOC platforms to enhance security.
- Company: Join Accenture, a global leader in professional services and innovation.
- Benefits: Competitive salary, diverse work environment, and opportunities for professional growth.
- Why this job: Make a real impact in cybersecurity while working with cutting-edge technology.
- Qualifications: 6-8 years in SOC content engineering and strong SIEM query writing skills.
- Other info: Inclusive culture that values diversity and supports holistic well-being.
The predicted salary is between 36000 - 60000 £ per year.
The Security Content Engineer designs, develops, and optimises detection logic, correlation rules, and analytic content across SOC platforms. They ensure the SOC maintains high detection efficacy with minimal false positives.
Key Responsibilities:
- Design and implement detection use cases in SIEM and SOAR platforms based on threat intelligence and incident trends.
- Develop and maintain detection logic aligned to MITRE ATT&CK and organisational threat models.
- Tune and optimise existing correlation rules to reduce noise and improve accuracy.
- Validate detections through controlled simulations and red team feedback.
- Collaborate with the SOC Tooling Engineer to ensure efficient data source utilisation and parsing logic.
- Document detection use cases, logic, testing methodology, and expected outputs.
- Support compliance and audit efforts by ensuring use-case traceability and documentation.
- Review post-incident findings to enhance detection and response coverage.
- Maintain a repository of SOC use cases, KPIs, and performance metrics.
Role Requirements:
- Education: Bachelor’s degree in Cybersecurity, Data Analytics, or related field.
- Experience: 6-8 years in SOC content engineering, detection development, or SIEM administration.
- Certifications (preferred): Splunk Enterprise Security Certified Admin / Engineer, GIAC GCDA, or similar.
Essential skills:
- Strong SIEM query writing (e.g., SPL, KQL), regex, data modelling and familiarity with ATT&CK mappings.
Please Note: Any offer of employment is subject to satisfactory BPSS and the candidate being granted a level of security clearance which typically requires 10 years continuous UK address history, usually including no periods of 30 consecutive days or more spent outside of the UK, and a declaration of being a British passport holder with no dual nationalism at the point of application.
Closing Date for Applications: 01/06/2026. Accenture reserves the right to close the role prior to this date should a suitable applicant be found.
Locations: London
SOC - Security Content Engineer in London employer: WeAreTechWomen
Contact Detail:
WeAreTechWomen Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land SOC - Security Content Engineer in London
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, attend meetups, and connect with people on LinkedIn. You never know who might have the inside scoop on job openings or can refer you directly.
✨Tip Number 2
Show off your skills! Create a portfolio showcasing your detection logic, correlation rules, and any projects you've worked on. This gives potential employers a tangible look at what you can do.
✨Tip Number 3
Prepare for interviews by brushing up on your SIEM query writing and MITRE ATT&CK knowledge. Practice common interview questions and scenarios related to SOC content engineering to boost your confidence.
✨Tip Number 4
Don't forget to apply through our website! It’s the best way to ensure your application gets seen. Plus, we love seeing candidates who are proactive about their job search.
We think you need these skills to ace SOC - Security Content Engineer in London
Some tips for your application 🫡
Tailor Your Application: Make sure to customise your CV and cover letter to highlight your experience in SOC content engineering and detection development. We want to see how your skills align with the role, so don’t hold back on showcasing your relevant achievements!
Show Off Your Technical Skills: Since this role involves a lot of technical know-how, be sure to mention your proficiency in SIEM query writing, regex, and data modelling. We love seeing candidates who can demonstrate their familiarity with tools like Splunk and MITRE ATT&CK.
Be Clear and Concise: When writing your application, keep it straightforward and to the point. We appreciate clarity, so avoid jargon unless it's necessary. Make it easy for us to see why you’re the perfect fit for the role!
Apply Through Our Website: Don’t forget to submit your application through our official website! It’s the best way for us to receive your details and ensures you’re considered for the position. Plus, it’s super easy to do!
How to prepare for a job interview at WeAreTechWomen
✨Know Your Stuff
Make sure you brush up on your SIEM query writing skills, especially SPL and KQL. Familiarise yourself with the MITRE ATT&CK framework and be ready to discuss how you've applied these in your previous roles.
✨Showcase Your Experience
Prepare specific examples from your 6-8 years of experience in SOC content engineering. Highlight any successful detection use cases you've designed or optimised, and be ready to explain the impact they had on reducing false positives.
✨Collaboration is Key
Accenture values teamwork, so be prepared to discuss how you've collaborated with other engineers or teams in the past. Share examples of how you worked with SOC Tooling Engineers or participated in red team feedback sessions.
✨Document Like a Pro
Since documentation is crucial for compliance and audit efforts, be ready to talk about your approach to documenting detection use cases and testing methodologies. Bring examples if possible, as this shows your attention to detail and commitment to best practices.
