×
Register Here to Apply for Jobs or Post Jobs. X
More jobs:

SIEM Content Development Specialist

Job in Newbury, Berkshire, RG14, England, UK
Listing for: Vodafone
Full Time position
Listed on 2026-07-14
Job specializations:
  • IT/Tech
    Cybersecurity
Salary/Wage Range or Industry Benchmark: 60000 - 90000 GBP Yearly GBP 60000.00 90000.00 YEAR
Job Description & How to Apply Below

At Vodafone, we’re not just shaping the future of connectivity for our customers – we’re shaping the future for everyone who joins our team. When you work with us, you’re part of a global mission to connect people, solve complex challenges, and create a sustainable and more inclusive world. If you want to grow your career whilst finding the perfect balance between work and life, Vodafone offers the opportunities to help you belong and make a real impact.

What

You’ll Do

The SIEM Content Development Specialist plays a critical role in advancing the Cyber Security Operations Center’s ability to detect and respond to cybersecurity incidents. This role focuses on designing and developing cutting‑edge detection content leveraging a wide array of security technologies and telemetry to identify malicious activity and guide security analysts through effective response playbooks.

  • Contribute to continuous improvement initiatives across multiple technologies by developing and refining content that enhances threat detection and response capabilities
  • Develop and optimise threat detection content, including tuning of threat and vulnerability management technologies and continual refinement of SIEM rules and logic to enhance detection accuracy and operational performance
  • Lead and contribute to the optimisation and modernisation of SIEM content, supporting the adoption of next‑generation SIEM technologies and cloud‑native security tools
  • Manage the lifecycle of detection content, including development, testing, release, and retirement, using version control and documentation best practices
  • Collaborate with Dev Ops/Sec Ops teams to integrate security content into broader CI/CD workflows
  • Collaborate with the CSOC Manager to support improvements in security operations through effective content contributions
  • Support security event analysis by participating in and possibly driving security event analysis activities to address current cyber threats
  • Assist in threat response activities, providing analytical input from a blue team perspective to help identify potential threat group behaviours
  • Contribute to the creation of cybersecurity reports and advisories, ensuring timely and accurate dissemination to key stakeholders
  • Participate in residual risk assessments, supporting post‑incident analysis and the documentation of operational and technical lessons learned
  • Collaborate with data owners and customers to understand data sources and use cases, and successfully translate requirements into actionable content
Who You Are
  • Minimum of 2‑5 years’ experience in SIEM content (rule logic and code) development role
  • Minimum of 2 years of SOC analyst experience (Level 2 or above) required
  • In‑depth and extensive hands‑on experience in security event analysis, creating and refining SIEM/EDR rules and delivering efficiency within the SIEM and other technologies used within the team
  • Deep knowledge of IPv4/IPv6, TCP networking protocols
  • Deep knowledge of Windows/Linux operating systems
  • Exceptional working knowledge of security technologies such as SIEM (Arc Sight, Sentinel, QRadar, Log Rhythm, Splunk), EDR (Microsoft Defender, Fire Eye, Tanium), IDS/IPS, firewalls, proxies, web application firewalls, anti‑virus, etc.
  • Comprehensive understanding of Windows Security Event logs and Syslog
  • Excellent familiarity with endpoint/perimeter security attack vectors and detection (blue/purple teaming)
  • Excellent familiarity with standard security frameworks such as MITRE, cyber kill chain and APT campaign strategies
  • Outstanding knowledge of cloud platforms such as Azure, O365, Google Cloud, AWS, Oracle
  • Experience with modern SIEM platforms, including cloud‑native or hybrid solutions
  • Hands‑on experience with CI/CD pipelines and automation tools for security content deployment
  • Proficiency in version control systems (e.g., Git) for managing SIEM content
  • Excellent working knowledge of regular expression development
  • Scripting and programming experience is highly desirable
  • Kusto or SQL knowledge, including rule/query optimisation
  • Proven ability to prioritise workload, meet deadlines and utilise time effectively
  • Good interpersonal and communication skills, works effectively as a…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary