×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Security Manager Systems Engineer Network Security

Cyber Security Specialist – SIEM Engineering

Job in Leeds, West Yorkshire, ME17, England, UK
Listing for: Asda
Full Time, Contract position
Listed on 2026-01-30
Job specializations:
  • IT/Tech
    Cybersecurity, Security Manager, Systems Engineer, Network Security
Job Description & How to Apply Below

Overview

Job Title
:
Cyber Security Specialist – SIEM Engineering

Location
:
Asda House

Location:

Leeds (Asda House) / Hybrid (3 days in office)

Employment Type
:
Full time
Contract Type
:
Permanent
Hours Per Week
: 37.5
Salary
:
Competitive salary plus benefits
Category
:
Cyber Security
Closing Date
: 3 February 2026

Department
:
Technology – Cyber Security
Reports to
: SOC and Incident Response Manager

Role Purpose

We are looking for a Cyber Security Specialist – SIEM Engineer to strengthen Asda’s detection and response capabilities. This is a hands-on engineering role, acting as a key enabler for the SOC and Incident Response Team (IRT), ensuring Asda gets maximum value from its investment in Microsoft Sentinel and the wider Defender XDR suite. The role will be responsible for onboarding and tuning log sources, building and optimising detections, and driving continuous improvement in SOC maturity.

Responsibilities
  • Engineer, configure, and maintain Microsoft Sentinel as Asda’s SIEM, ensuring effective log ingestion, correlation, and alerting alongside existing Security Engineering function.
  • Build, tune, and optimise detections, analytic rules, and automation (SOAR) to support SOC monitoring and IRT investigations.
  • Integrate and enhance visibility across the Microsoft Defender XDR ecosystem, driving log source value and efficiency (Defender for Endpoint, Identity, Office 365, Cloud Apps, Entra ).
  • Onboard and manage diverse log sources (cloud, endpoint, network, SaaS, third party) to enrich SOC coverage.
  • Support SOC analysts and incident responders with deep technical investigations and context enrichment.
  • Develop dashboards, workbooks, and metrics to demonstrate SOC effectiveness and identify gaps.
  • Partner with Threat Intelligence to translate IOCs/TTPs into actionable detections mapped to MITRE ATT&CK.
  • Lead continuous improvement efforts to mature SIEM and SOC capabilities, reducing false positives and increasing detection fidelity.
  • Maintain awareness of Microsoft’s evolving security capabilities; recommend and implement enhancements to strengthen resilience.
  • Document engineering standards, playbooks, and knowledge articles for ongoing SOC/IRT operations.
Skills & Experience
  • Strong hands-on experience with Microsoft Sentinel SIEM — log source integration, KQL queries, analytic rule development, automation.
  • Familiarity with the Microsoft Defender XDR suite (Defender for Endpoint, Identity, O365, Cloud Apps).
  • Understanding of SOC operations, incident response workflows, and detection engineering principles.
  • Proficiency in Kusto Query Language (KQL) for writing detections and reports.
  • Knowledge of logging, telemetry, and security data sources across cloud and on-premise environments.
  • Experience building and maintaining SOAR playbooks (preferably Microsoft Logic Apps).
  • Strong problem-solving and analytical skills; ability to identify gaps and implement solutions.
  • Effective communicator; able to translate technical details into value for SOC and business stakeholders.
Desirable
  • Microsoft certifications (e.g., SC-200, SC-300, AZ-500, MS-500).
  • Familiarity with automation and scripting (Power Shell, Python).
  • Experience with threat hunting, purple teaming, or threat-informed defence.
  • Exposure to large-scale retail or enterprise environments.
What Success Looks Like
  • Sentinel SIEM is well-engineered, integrated, and delivering high-fidelity detections to SOC.
  • SOC analysts and IRT can respond faster and with greater confidence thanks to improved visibility and automation.
  • False positives are reduced; alerting is tuned and aligned to real-world threats.
  • Coverage across Asda’s critical systems (cloud, endpoint, identity, email, SaaS) is comprehensive and monitored.
  • Continuous improvement is evident — SOC maturity increases quarter by quarter.
What You’ll Gain
  • Being a key engineer enabling Asda’s frontline cyber defence.
  • Hands-on experience with Microsoft’s leading-edge security stack at enterprise scale.
  • Opportunity to influence SOC/IRT strategy and tooling improvements.
  • A collaborative, values-led culture with career growth opportunities.
  • Hybrid working, competitive benefits, and the chance to protect a brand trusted by millions.
Asda Culture:
How We Work
  • One…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search