ML
Posted 4 days ago
Senior Cyber Security Engineer
Morgan Law
📍 Not Specified
I.T. & CommunicationsContract
Job description
<p>A Council in London is seeking a Contract Senior Cybersecurity Engineer for 6 months. With the strategic deployment of an outsourced Security Operations Center (SOC) that leverages <strong>Splunk and CrowdStrike</strong>, the Senior Cyber Security Engineer role is a key addition to our team to maximise the timeline and investment. The ideal candidate will be a technical expert in <strong>CrowdStrike</strong> for endpoint protection and <strong>Splunk</strong> for security telemetry, capable of turning raw data into actionable intelligence. Key Responsibilities</p><ul><li><strong>Endpoint Strategy:</strong> Lead the deployment, policy configuration, and maintenance of the <strong>CrowdStrike Falcon</strong></li><li><strong>SIEM Mastery:</strong> Work with our SOC partner to architect and optimize <strong>Splunk</strong> dashboards, alerts, and data models to identify sophisticated threats.</li><li><strong>Incident Response:</strong> Serve as a technical escalation point for high-priority security incidents, utilizing EDR and SIEM tools for rapid containment.</li><li><strong>Automation:</strong> Develop "SOAR" workflows (Security Orchestration, Automation, and Response) to reduce manual intervention and improve response times.</li><li><strong>Threat Hunting:</strong> Proactively search for undetected malicious activity using specialized queries.</li><li><strong>Training</strong>. Build up the Crowdstrike, Splunk and Security Analysis skills within the existing team.</li></ul><p>Required Experience</p><ul><li><strong>Experience:</strong> 5+ years in a dedicated Cyber Security Engineering or SOC Tier 3 role.</li><li><strong>CrowdStrike Expert:</strong> Deep hands-on experience with Falcon Prevent, Insight, and Discover. Certification (CCFA/CCFR) is a major plus.</li><li><strong>Splunk Power User:</strong> Proficiency in writing complex <strong>Search Processing Language (SPL)</strong> and managing Splunk Enterprise Security (ES).</li><li><strong>Technical Breadth:</strong> Strong understanding of network protocols, cloud security (AWS/Azure), and the <strong>MITRE ATT&CK</strong></li><li><strong>Vulnerability Assessment</strong>: 2+ years using VA tools would be a bonus</li><li><strong>Penetration Testing</strong>: Exposure to Penetration Testing and Web Application Testing.</li></ul><img src="https://www.jobg8.com/Tracking.aspx?SWtLklruwzJUdi3hfu1SKhUEUBqRUvCMw" width="0" height="0" />