Senior Cyber Security Engineer

Our local authority client based in East London are urgently seeking an experienced .Senior Cyber Security Engineer.

500 a day Umbrella

Business Justification

With the strategic deployment of an outsourced Security Operations Center (SOC) from NCC Group that leverages Splunk and CrowdStrike, the Senior Cyber Security Engineer role is a key addition to our team to maximise the timeline and investment. With a team member leaving the cyber team and LBH in February, this position is necessary to get the best out of the SOC partnership with NCC Group by providing the senior-level technical expertise to manage, integrate, optimize the capabilities of our outsourced SOC and train the existing team.

We will also look for additional technical skill sets in this role such as experience with Vulnerability Assessment, Penetration Testing and Policy/Standards Creation.

Position Summary

Contract Senior Cybersecurity Engineer. The ideal candidate will be a technical expert in CrowdStrike for endpoint protection and Splunk for security telemetry, capable of turning raw data into actionable intelligence.

Key Responsibilities

• Endpoint Strategy: Lead the deployment, policy configuration, and maintenance of the CrowdStrike Falcon platform.
• SIEM Mastery: Work with our SOC partner to architect and optimize Splunk dashboards, alerts, and data models to identify sophisticated threats.
• Incident Response: Serve as a technical escalation point for high-priority security incidents, utilizing EDR and SIEM tools for rapid containment.
• Automation: Develop "SOAR" workflows (Security Orchestration, Automation, and Response) to reduce manual intervention and improve response times.
• Threat Hunting: Proactively search for undetected malicious activity using specialized queries.
• Training. Build up the Crowdstrike, Splunk and Security Analysis skills within the existing team.

Required Experience

• Experience: 5+ years in a dedicated Cyber Security Engineering or SOC Tier 3 role.
• CrowdStrike Expert: Deep hands-on experience with Falcon Prevent, Insight, and Discover. Certification (CCFA/CCFR) is a major plus.
• Splunk Power User: Proficiency in writing complex Search Processing Language (SPL) and managing Splunk Enterprise Security (ES).
• Technical Breadth: Strong understanding of network protocols, cloud security (AWS/Azure), and the MITRE ATT&CK framework.
• Vulnerability Assessment: 2+ years using VA tools would be a bonus
• Penetration Testing: Exposure to Penetration Testing and Web Application Testing.

Desired Qualifications

• Cyber Security
  • Foundational: Such as CompTIA Security+, Network+, CySA+, GSEC
  • Advanced: Such as CISSP, GCIH, GCIA ,CCSP
• Crowdstrike. Ideally 2 or more out of the following 3
  • CCFA (CrowdStrike Certified Falcon Administrator):
  • CCFR (CrowdStrike Certified Falcon Responder):
  • CCSE (CrowdStrike Certified SIEM Engineer):
• Splunk
  • Splunk Certified Cybersecurity Defense Engineer (Mandatory)

Please apply with your updated CV ensuring that any gaps in employment are explained.

At this point, may we take this opportunity to thank you for the interest you have shown in this role. Unfortunately, due to the high volume of applications that we receive, it is not always possible to respond to everyone. Therefore, unless you hear from us within the next 7 days, your application for this vacancy will have been unsuccessful.