Job Title: Cyber Threat Hunting Lead - Use Case Factory/Monitoring
Location: Hybrid - Reading (2 days/week onsite, travel expensed)
Clearance: Active SC clearance required
Contract Type: Inside IR35
Duration: 6 months
Start Date: ASAP

Overview:
SR2 Consulting is supporting a strategically significant programme within the defence and national security domain and is looking for an experienced Cyber Threat Hunting Lead to drive proactive detection capability and threat visibility across a complex environment.

This role will blend hands-on threat hunting, detection engineering leadership, and the operational oversight of monitoring frameworks - including the design and implementation of a Use Case Factory to enable structured, repeatable threat detection development.

Key Responsibilities:

• Lead threat hunting and detection operations across enterprise and cloud platforms
• Build and maintain a Use Case Factory to enable scalable detection content creation and management
• Develop and tune behavioural and intelligence-driven detection logic (aligned to frameworks such as MITRE ATT&CK)
• Collaborate closely with SOC analysts, detection engineers, threat Intel, and platform teams
• Manage detection coverage, threat modelling, and ongoing content validation
• Act as an escalation point for investigations and contribute to cyber incident readiness
• Support improvements in monitoring strategy, dashboards, KPIs, and detection tooling integration

Essential Skills & Experience:

• Proven experience in cyber threat hunting, detection engineering, or SOC leadership
• Deep familiarity with MITRE ATT&CK, TTP modelling, and detection-as-code principles
• Experience designing or running a Use Case Factory or similar detection development framework
• Strong technical skills across SIEM/XDR platforms (eg Splunk, Sentinel, Elastic, Defender, CrowdStrike)
• Ability to interpret threat Intel and translate it into effective detection logic
• Excellent stakeholder engagement skills across technical and non-technical teams
• Active SC clearance is required

This is a key opportunity to help shape proactive cyber detection within a high-impact national programme. If you're available immediately and have the skills outlined above, apply now for immediate consideration.