SIEM Content Developer

3 Days Old

SIEM Content Developer

Remote (UK-based) Contract - Outside IR35 Telecommunications
We're currently supporting a client in hiring a SIEM Content Developer to strengthen their cyber security detection capabilities. This is a fully remote contract role, operating outside IR35 .

The Role

You'll be responsible for developing and enhancing detection capabilities within the Elastic Stack , helping to improve visibility of security threats and optimise incident response.
Key responsibilities include:
Designing, building, and tuning SIEM detection rules and correlation logic
Developing and maintaining dashboards and reporting in Elastic
Creating automation scripts and workflows to support faster response
Translating threat intelligence using frameworks such as MITRE ATT&CK into actionable detections
Working closely with SOC teams to reduce false positives and improve detection quality
Supporting log ingestion, parsing, and overall SIEM performance

Requirements

2-5+ years' experience in SIEM content development, detection engineering, or SOC (Level 2/3)
Strong experience with SIEM tools, ideally Elastic Stack (or Splunk, Sentinel, QRadar, ArcSight)
Solid understanding of Windows/Linux systems and TCP/IP networking
Experience working with cloud platforms (Azure, AWS, O365)
Scripting skills in Python, PowerShell, or Bash
Familiarity with MITRE ATT&CK and modern threat detection techniques

What's on Offer

Fully remote working
Outside IR35 contract
Opportunity to work with a large-scale telecoms environment
ECS Recruitment Group Ltd is acting as an Employment Business in relation to this vacancy.

TPBN1_UKTJ
Apply
Location:
London
Salary:
not provided
Job Type:
FullTime
Category:
Media;IT

We found some similar jobs based on your search