Job Description: 5 years of experience in a CSOC, Cyber detection, Threat Hunting and/or SOAR development role. 5 years developing detections within a SIEM environment (such as Splunk ES). 2 years experience working with Splunk. Experience working with security tools such as endpoint detection and response systems, network anomaly detection etc, Experience working with cloud and SaaS environments (AWS, Azure, M365, Entra ID, etc) and awareness of threats impacting them. Designing and implementing threat/attack modelling to derive abuse cases, detection logic and automation course of actions. Ability to think like an adversary/threat actor. Well versed in the development of detection and hunting strategies for a broad range of cyber threats, including malware, DDOS, hacking, phishing, lateral movement and data exfiltration in the Financial Services sector or similar. Working in large/complex environments. Good consulting and stakeholder management, Pro-active & energetic work ethic. Participation or experience in penetration testing / red teaming exercises, including network, infrastructure and application exploitation would be a plus. Knowledge of the following frameworks is required: NIST Cybersecurity framework MITRE ATT&CK Lockheed Martin Cyber Kill Chain™ or similar methodologies