Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Design and optimise detection logic for SOC platforms to enhance security.
- Company: Join Accenture, a global leader in professional services and innovation.
- Benefits: Competitive salary, diverse work culture, and opportunities for professional growth.
- Why this job: Make a real impact in cybersecurity while working with cutting-edge technology.
- Qualifications: Bachelor’s degree in Cybersecurity or related field; 6-8 years of relevant experience.
- Other info: Inclusive environment with a focus on well-being and continuous learning.
The predicted salary is between 36000 - 60000 £ per year.
The Security Content Engineer designs, develops, and optimises detection logic, correlation rules, and analytic content across SOC platforms. They ensure the SOC maintains high detection efficacy with minimal false positives.
Key Responsibilities:
- Design and implement detection use cases in SIEM and SOAR platforms based on threat intelligence and incident trends.
- Develop and maintain detection logic aligned to MITRE ATT&CK and organisational threat models.
- Tune and optimise existing correlation rules to reduce noise and improve accuracy.
- Validate detections through controlled simulations and red team feedback.
- Collaborate with the SOC Tooling Engineer to ensure efficient data source utilisation and parsing logic.
- Document detection use cases, logic, testing methodology, and expected outputs.
- Support compliance and audit efforts by ensuring use-case traceability and documentation.
- Review post-incident findings to enhance detection and response coverage.
- Maintain a repository of SOC use cases, KPIs, and performance metrics.
Role Requirements:
- Education: Bachelor’s degree in Cybersecurity, Data Analytics, or related field.
- Experience: 6-8 years in SOC content engineering, detection development, or SIEM administration.
- Certifications (preferred): Splunk Enterprise Security Certified Admin / Engineer, GIAC GCDA, or similar.
Essential skills:
- Strong SIEM query writing (e.g., SPL, KQL), regex, data modelling and familiarity with ATT&CK mappings.
Please Note: Any offer of employment is subject to satisfactory BPSS and the candidate being granted a level of security clearance which typically requires 10 years continuous UK address history, usually including no periods of 30 consecutive days or more spent outside of the UK, and a declaration of being a British passport holder with no dual nationalism at the point of application.
Closing Date for Applications: 01/06/2026. Accenture reserves the right to close the role prior to this date should a suitable applicant be found.
Locations: London
SOC - Security Content Engineer employer: WeAreTechWomen
Contact Detail:
WeAreTechWomen Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land SOC - Security Content Engineer
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, attend meetups, and connect with people on LinkedIn. You never know who might have the inside scoop on job openings or can refer you directly.
✨Tip Number 2
Show off your skills! Create a portfolio showcasing your detection logic, correlation rules, and any projects you've worked on. This gives potential employers a taste of what you can bring to the table.
✨Tip Number 3
Prepare for interviews by brushing up on your SIEM query writing and MITRE ATT&CK knowledge. Practice common interview questions and think about how your experience aligns with the role's requirements.
✨Tip Number 4
Don't forget to apply through our website! It’s the best way to ensure your application gets seen. Plus, we love seeing candidates who are proactive about their job search.
We think you need these skills to ace SOC - Security Content Engineer
Some tips for your application 🫡
Tailor Your Application: Make sure to customise your CV and cover letter for the SOC - Security Content Engineer role. Highlight your experience with SIEM, detection logic, and any relevant certifications. We want to see how your skills align with what we're looking for!
Showcase Your Skills: Don’t just list your skills; demonstrate them! Use specific examples from your past work that showcase your expertise in writing SIEM queries or optimising detection rules. This helps us see your practical experience in action.
Be Clear and Concise: When writing your application, keep it clear and to the point. Avoid jargon unless it's necessary, and make sure your key achievements stand out. We appreciate straightforward communication that gets right to the heart of your qualifications.
Apply Through Our Website: We encourage you to apply directly through our website. It’s the best way to ensure your application gets into the right hands. Plus, you’ll find all the details you need about the role and our company culture there!
How to prepare for a job interview at WeAreTechWomen
✨Know Your Detection Logic
Make sure you brush up on your knowledge of detection logic and correlation rules. Be prepared to discuss how you've designed or optimised these in previous roles, especially in relation to SIEM and SOAR platforms.
✨Familiarise with MITRE ATT&CK
Since the role involves aligning detection logic with MITRE ATT&CK, it’s crucial to understand this framework inside out. Prepare examples of how you've used it in your work to enhance detection efficacy.
✨Showcase Your Query Skills
Be ready to demonstrate your SIEM query writing skills, particularly in SPL or KQL. You might be asked to solve a problem on the spot, so practice writing queries that reduce false positives and improve accuracy.
✨Collaboration is Key
Highlight your experience working with other teams, like SOC Tooling Engineers. Discuss how collaboration has helped you optimise data source utilisation and parsing logic in past projects.
