SIEM Content Developer - Outside IR35 - Hybrid - 3-Month Contract

Duration: 3 months+

SIEM Content Developer - Outside IR35 - Hybrid - 3-Month Contract Location: Hybrid (2-3 days onsite) Sector: Telecommunications (Telco experience highly desirable) We're hiring a SIEM Content Developer to join a leading Telco organisation on an initial 3-month Outside IR35 contract . You will develop and tune advanced detection rules, dashboards, and automation workflows across a modern SIEM environment. Experience with Elastic Stack/Elastic Security is essential as the platform (Prism) is built entirely on Elastic. What You'll Do Build & tune SIEM rules and behavioural detections Use MITRE ATT&CK & threat Intel to create high-fidelity alerts Support Elastic/Prism ingestion, parsing, dashboards Create automation & SOAR workflows Work closely with SOC teams to close detection gaps What We're Looking For 2-5+ years in SIEM content engineering or SOC (L2/L3) Strong experience with Elastic, Splunk, Sentinel, ArcSight, or similar Good Scripting skills (Python, PowerShell, Bash) Strong understanding of Windows/Linux, networks, and cloud (Azure/AWS/O365) Telco sector experience highly desirable