Principal Security Engineer

The Role

A growing security services provider is seeking an experienced Senior Security Engineer to join a distributed, remote-first team. This role is 100% remote and focuses on helping clients maintain, secure, and continuously improve their security environments through strong SIEM engineering, detection optimisation, and collaboration with a 24x7 Security Operations Centre.

You’ll work hands-on across multiple client environments, contributing to detection engineering, automation, and operational security outcomes without the need for onsite presence.

• Design, implement, configure, and maintain SIEM platforms to support security monitoring and threat detection
• Onboard and manage log sources from servers, endpoints, network devices, cloud platforms, and security tools
• Develop, tune, and optimise detection logic and correlation rules to reduce false positives and improve signal quality
• Investigate, validate, and escalate security alerts in collaboration with SOC and incident response teams
• Build dashboards, reports, and metrics to provide visibility into security posture and trends
• Work closely with clients remotely to understand their environments, threat landscape, and business requirements
• Develop and maintain SIEM automation and integrations with SOAR and third-party tools
• Collaborate with a 24x7x365 Security Operations Centre to support detection engineering and operational workflows
• Document SIEM architectures, data sources, detections, and operational procedures
• Support continuous improvement initiatives such as use case lifecycle management and detection maturity
• Troubleshoot ingestion, data quality, and performance issues across client environments
• Provide technical guidance to SOC analysts and other engineers
• Participate in after-hours incident support and escalations on a rotating, remote basis

• 5+ years’ experience in a security engineering or similar role
• Strong hands-on experience managing SIEM and SOAR platforms
• Proven ability to diagnose and troubleshoot complex security and IT issues
• Familiarity with common cybersecurity tools, including vulnerability management and security awareness platforms
• Working knowledge of cloud environments such as Microsoft 365, Azure, and AWS
• Excellent written and verbal communication skills, comfortable working directly with clients remotely
• Strong documentation, organisation, and time-management skills
• Self-motivated and proactive, with the ability to work independently in a remote environment
• Able to translate technical concepts for non-technical stakeholders
• Passion for security improvement, automation, and continuous learning
• Industry-recognised security certifications
• Experience working in an MSSP or consulting environment

• Fully remote role with no onsite or travel requirements
• Hands-on technical ownership in SIEM and detection engineering
• Exposure to diverse client environments and real-world security challenges
• Collaborative remote culture with experienced SOC and engineering teams
• Opportunity to influence detection maturity and automation at scale