Our client is a leading enterprise organisation, recognised for its strong investment in cyber security and commitment to innovation. Backed by a clear vision and supportive leadership, the business is undergoing a multi-year transformation program to uplift its detection and response capability.
This is a high-impact role where you will work at the intersection of cyber, data, and engineering to build solutions that make a real difference.
About the Role
This is not a SOC analyst position. It’s a hands-on engineering role where you will design, build, and optimise the tooling, pipelines, and automation that enable the SOC to operate at scale.
You’ll combine your understanding of DevOps fundamentals, SIEM optimisation, and data processing with a curiosity for automation and cloud-native security. Working closely with SOC stakeholders, you’ll ensure security detections and responses are delivered effectively through modern engineering practices.
Key Responsibilities
- Support and maintain DevOps pipelines that release security detections and response content into production.
- Optimise and maintain the SIEM platform and SIEM data, ensuring accuracy and value in detections.
- Design and enhance data pipelines- filtering, redacting, and modelling data to deliver the right information at the right time.
- Work with SOC stakeholders to understand requirements and deliver automation and tooling they can rely on.
- Apply modern engineering practices - CI/CD, infrastructure-as-code, scripting and coding (Python, GitHub/GitLab).
- Contribute to measurement of detection coverage and alignment to frameworks such as MITRE ATT&CK.
- Stay curious and innovative - explore new technology and approaches to continuous detection and response (CDR)
About You
- Strong knowledge of DevOps tooling and techniques (pipelines, CI/CD, version control, automation fundamentals).
- Understanding of how a SIEM works, not just dashboards and queries, but the technology and data optimisation behind it.
- Knowledge of data pipeline design and processing – filtering, redacting, modelling (enterprise scale experience not essential).
- Hands-on scripting/coding skills (Python preferred) with an automation-first mindset.
- Cloud security exposure (AWS, Azure, or GCP) and familiarity with serverless or containerised environments.
- General cyber security awareness - including detection principles, defend processes, and how SOCs consume engineered data.
- Able to self-manage outcomes in an agile environment and collaborate with SOC stakeholders
Why Join?
Work on a flagship cyber transformation program with enterprise impact.
Be part of a team that values innovation, automation, and modern engineering practices.
Opportunity to pioneer new approaches in detection engineering, data pipelines, and automation.
Strong leadership support, clear vision, and a culture that encourages continuous learning.
For a confidential no obligations chat - cwhyte@decipherbureau.com