Cyber Threat Hunting Lead | Contract | SC Cleared
Posted 3 hours 50 minutes ago by SR2 - Socially Responsible Recruitment
£500 - £600 Daily
Contract
Not Specified
Factory Jobs
Berkshire, Reading, United Kingdom, RG317
Job Description
Job Title: Cyber Threat Hunting Lead - Use Case Factory/Monitoring
Location: Hybrid - Reading (2 days/week onsite, travel expensed)
Clearance: Active SC clearance required
Contract Type: Inside IR35
Duration: 6 months
Start Date: ASAP
Overview:
SR2 Consulting is supporting a strategically significant programme within the defence and national security domain and is looking for an experienced Cyber Threat Hunting Lead to drive proactive detection capability and threat visibility across a complex environment.
This role will blend hands-on threat hunting, detection engineering leadership, and the operational oversight of monitoring frameworks - including the design and implementation of a Use Case Factory to enable structured, repeatable threat detection development.
Key Responsibilities:
Location: Hybrid - Reading (2 days/week onsite, travel expensed)
Clearance: Active SC clearance required
Contract Type: Inside IR35
Duration: 6 months
Start Date: ASAP
Overview:
SR2 Consulting is supporting a strategically significant programme within the defence and national security domain and is looking for an experienced Cyber Threat Hunting Lead to drive proactive detection capability and threat visibility across a complex environment.
This role will blend hands-on threat hunting, detection engineering leadership, and the operational oversight of monitoring frameworks - including the design and implementation of a Use Case Factory to enable structured, repeatable threat detection development.
Key Responsibilities:
- Lead threat hunting and detection operations across enterprise and cloud platforms
- Build and maintain a Use Case Factory to enable scalable detection content creation and management
- Develop and tune behavioural and intelligence-driven detection logic (aligned to frameworks such as MITRE ATT&CK)
- Collaborate closely with SOC analysts, detection engineers, threat Intel, and platform teams
- Manage detection coverage, threat modelling, and ongoing content validation
- Act as an escalation point for investigations and contribute to cyber incident readiness
- Support improvements in monitoring strategy, dashboards, KPIs, and detection tooling integration
- Proven experience in cyber threat hunting, detection engineering, or SOC leadership
- Deep familiarity with MITRE ATT&CK, TTP modelling, and detection-as-code principles
- Experience designing or running a Use Case Factory or similar detection development framework
- Strong technical skills across SIEM/XDR platforms (eg Splunk, Sentinel, Elastic, Defender, CrowdStrike)
- Ability to interpret threat Intel and translate it into effective detection logic
- Excellent stakeholder engagement skills across technical and non-technical teams
- Active SC clearance is required