SIEM Content Developer
New Today
Remote (UK-based) Contract - Outside IR35 Telecommunications We're currently supporting a client in hiring a
SIEM Content Developer
to strengthen their cyber security detection capabilities. This is a fully remote contract role, operating
outside IR35 .
The Role
You'll be responsible for developing and enhancing detection capabilities within the
Elastic Stack , helping to improve visibility of security threats and optimise incident response. Key responsibilities include: Designing, building, and tuning
SIEM detection rules and correlation logic Developing and maintaining
dashboards and reporting
in Elastic Creating
automation scripts and workflows
to support faster response Translating threat intelligence using frameworks such as
MITRE ATT&CK
into actionable detections Working closely with SOC teams to
reduce false positives and improve detection quality Supporting
log ingestion, parsing, and overall SIEM performance
Requirements
2-5+ years' experience in
SIEM content development, detection engineering, or SOC (Level 2/3) Strong experience with SIEM tools, ideally
Elastic Stack
(or Splunk, Sentinel, QRadar, ArcSight) Solid understanding of
Windows/Linux systems and TCP/IP networking Experience working with
cloud platforms
(Azure, AWS, O365) Scripting skills in
Python, PowerShell, or Bash Familiarity with
MITRE ATT&CK
and modern threat detection techniques
What's on Offer
Fully
remote working Outside IR35
contract Opportunity to work with a
large-scale telecoms environment ECS Recruitment Group Ltd is acting as an Employment Business in relation to this vacancy.
TPBN1_UKTJ
- Location:
- United Kingdom
- Job Type:
- FullTime
- Category:
- Media;IT