SIEM Content DeveloperRemote (UK-based) Contract - Outside IR35TelecommunicationsWe're currently supporting a client in hiring a SIEM Content Developer to strengthen their cyber security detection capabilities. This is a fully remote contract role, operating outside IR35.The RoleYou'll be responsible for developing and enhancing detection capabilities within the Elastic Stack, helping to improve visibility of security threats and optimise incident response.Key responsibilities include:Designing, building, and tuning SIEM detection rules and correlation logicDeveloping and maintaining dashboards and reporting in ElasticCreating automation scripts and workflows to support faster responseTranslating threat intelligence using frameworks such as MITRE ATT&CK into actionable detectionsWorking closely with SOC teams to reduce false positives and improve detection qualitySupporting log ingestion, parsing, and overall SIEM performanceRequirements2-5+ years' experience in SIEM content development, detection engineering, or SOC (Level 2/3)Strong experience with SIEM tools, ideally Elastic Stack (or Splunk, Sentinel, QRadar, ArcSight)Solid understanding of Windows/Linux systems and TCP/IP networkingExperience working with cloud platforms (Azure, AWS, O365)Scripting skills in Python, PowerShell, or BashFamiliarity with MITRE ATT&CK and modern threat detection techniquesWhat's on OfferFully remote workingOutside IR35 contractOpportunity to work with a large-scale telecoms environmentECS Recruitment Group Ltd is acting as an Employment Business in relation to this vacancy.JBRP1_UKTJ