Key Responsibilities Design, develop and deploy detection logic across SIEM, EDR and cloud security platforms. Build detections aligned with frameworks such as MITREATT&CK and continuously tune for accuracy and performance. Conduct threat modelling and participate in purple team exercises to assess and improve detection effectiveness. Use Detection-as-Code principles to manage detection … content (e.g. SIEM rules, correlation searches and detection-as-code signatures) to proactively identify malicious behaviour and improve threat visibility and reduce false positives Familiarity with MITREATT&CK framework and threat detection lifecycle. More ❯
and KQL Strong knowledge of Active Directory, Windows/Linux systems, and cloud platforms (Azure, AWS, GCP) Proficiency in scripting (PowerShell, Python) Familiarity with security frameworks (MITREATT&CK, NIST, Kill Chain) Experience with EDR, DLP, Proxy, and SEG tools Desirable Qualifications Certifications: AZ-500, SC-200, SC-900, CompTIA Security+, CISSP, GCIA, GCIH, GCFA More ❯
London, South East, England, United Kingdom Hybrid / WFH Options
Randstad Technologies
enhancing SOC documentation, SOPs, and playbooks Collaborating with cross-functional teams and contributing to security strategy Ensuring security policies align with standards like NIST, ISO 27001, MITREATT&CK We're Looking for Someone With: Expert-level SIEM experience (Azure Sentinel highly preferred) Strong knowledge of Kusto Query Language (KQL) Demonstrated experience in cybersecurity incident More ❯
reporting abilities. Familiarity with risk management frameworks (ISO 3100X, NIST 800 series, ENISA, EBIOS, OCTAVE, FAIR). Preferred: Background in information security and security frameworks (eg, MITREATT&CK, ISO 2700X). Experience working in multinational environments. Knowledge of AI governance or ethics is a plus. Details 9+ month contract (Inside IR35) | Hybrid: 3 days More ❯
