SIEM engineer

I'm looking for a hands-on SIEM Engineer to work on mission-critical Defence and National Intelligence systems. This is not a BAU SOC role. You'll be owning SIEM capability end to end in some of the most secure environments in the UK. If you do not hold active UK DV clearance, you cannot be considered. This SIEM engineer will:

• Work on classified, real-world threats not theoretical use cases

• High trust, high autonomy technical role

• Influence platform design, detection strategy and automation

• Join a small number of engineers trusted with systems that genuinely matter

In this SIEM role, you will be:

• Owning and optimising Splunk ES and/or Elastic Security

• Building high-fidelity, MITRE ATT&CK-aligned detections

• Designing and maintaining SIEM pipelines (CIM / ECS)

• Automating detection and response using CI/CD, SOAR and IaC

• Ensuring SIEM platforms are resilient, scalable and performant

If your SIEM experience covers:

• Proven, hands-on experience with Splunk ES and/or Elastic Security

• Strong detection engineering background
• Advanced SPL / KQL / EQL
• Experience running SIEM at scale in high-security environments
• Active UK DV clearance - essential

This is a great chance to use your SIEM skills in a highly secure defence environment.

If you are interested please apply ASAP. The People Network is an employment agency and will respond to all applicants within three - five working days. If you do not hear within these timescales please feel free to get in touch.