L

Cyber Security Engineer

London
3 hours ago
Full-time
On-site
London
£500 - £500 GBP daily
Security
Cyber Security Engineer – CrowdStrike & Splunk
6‑Month Contract | £500 per day (Inside IR35) | London (Hybrid)
Job Overview

We are recruiting for a Cyber Security Engineer to join one of our customers initially on a 6 month contract basis. This role is ideal for a contractor with strong expertise in CrowdStrike Falcon and Splunk, capable of transforming security telemetry into actionable threat intelligence.

As a technical specialist, you will play a key role in endpoint security, incident response, SOAR automation, and threat hunting, working closely with a SOC partner and internal stakeholders.

Key Responsibilities
Endpoint Security (CrowdStrike Falcon)
Lead the deployment, configuration, and ongoing optimisation of the CrowdStrike Falcon platform
Manage policies across Falcon Prevent, Insight, and Discover
Act as the technical authority for endpoint detection and response (EDR)SIEM & Security Monitoring (Splunk)

Architect and enhance Splunk dashboards, alerts, and data models
Write and maintain complex Splunk SPL queries
Optimise Splunk Enterprise Security (ES) for advanced threat detectionIncident Response & Threat Management

Act as a Tier 3 escalation point for high‑severity cyber security incidents
Use EDR and SIEM tooling to investigate, contain, and remediate threats
Map detection and response activities to the MITRE ATT&CK frameworkSOAR & Automation

Design and implement SOAR workflows to automate response actions
Reduce manual analyst effort and improve mean‑time‑to‑respond (MTTR)Threat Hunting

Conduct proactive threat hunting using custom queries and telemetry analysis
Identify previously undetected malicious activity across the environmentKnowledge Transfer & Training

Upskill internal teams in CrowdStrike, Splunk, and security analysis best practices
Required Skills & Experience

5+ years’ experience in a Cyber Security Engineer or SOC Tier 3 role
Deep, hands‑on knowledge of CrowdStrike Falcon (Prevent, Insight, Discover)
Strong expertise in Splunk SIEM and Splunk Enterprise Security
Advanced proficiency in Search Processing Language (SPL)
Solid understanding of networking concepts and protocols
Experience securing cloud environments (AWS and/or Azure)
Strong working knowledge of the MITRE ATT&CK frameworkDesirable Experience

2+ years using Vulnerability Assessment tools
Exposure to penetration testing and web application security testing