Anson McCade
SIEM Engineer

How your CV stacks up
Upload your CV to see how well it fits this job role
?%
Location(s): UK (Guildford or Frimley)
Working Arrangements: Hybrid and flexible working options available
Key Responsibilities
- SIEM Application Management: Design, deploy, and configure SIEM applications (including Splunk Enterprise, Enterprise Security, Splunk SOAR/UBA, Microsoft Sentinel, Elastic, and Microsoft XDR).
- Infrastructure Specification: Define infrastructure requirements (RAM, Disk, CPU, Network bandwidth) for SIEM applications.
- System Integration: Integrate SIEM applications with Identity Management, Vulnerability Management (e.g., Nessus), Asset/Configuration Management, Cyber Threat Intelligence, and Case Management solutions.
- Log Onboarding: Design, implement, and manage log collection and onboarding activities to the SIEM.
- Detection & Automation: Identify initial sets of use cases and playbooks for detection and automation content, overseeing development, testing, and release.
- Deployment Environments: Support the deployment of SIEM applications to cloud hosting, containers, and on-premises hosted VMs.
- Release & Change Management: Oversee implementation activities to ensure entry criteria are met, planned activities are completed, and rollback plans are initiated if required. Review and approve documentation (design, deployment, configuration, and admin guides).
- Technical SME Support: Act as a cyber technical specialist providing deep knowledge of monitoring technologies, threat tools, tactics, techniques, and procedures (TTPs). Provide generalist SME support for tools like Jira and Cribl.
- Testing: Develop test procedures to ensure solutions meet both functional and non-functional requirements.
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.
Core Duties & Qualifications


Get help with your application
Your very own career expert that helps elevate your application to the next level.
- SIEM/SOAR Expertise: Proven knowledge and hands-on experience in the design, build, deployment, and operation of SIEM/SOAR tools (Splunk and Microsoft Sentinel at a minimum), alongside traffic analysis and threat intelligence tooling.
- Performance Tuning: Experience deploying and configuring SIEM applications in a performant manner across cloud and on-premises environments to support high data rates.
- Data Onboarding: Proven delivery and experience leading onboarding activities onto a SIEM.
- Cloud Security: Strong knowledge of how Azure and AWS security functions operate as both controls and detection tools to protect large cloud estates. Ability to produce threat-led use cases, content, and playbooks on Sentinel and Splunk.
- Enterprise ICT & Architecture: Deep knowledge of enterprise ICT and a strong understanding of security architecture, with a particular focus on networking.
- Threat Intelligence: Detailed understanding of threat intelligence, threat actors, and TTPs, with the ability to operationalise threat intelligence.
- Network Protocol Knowledge: Solid understanding of TCP/IP component layers to successfully identify normal and abnormal network traffic.
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills
Location