SOC Engineer (SIEM & SOAR)
Location: London (Onsite – 5 days per week)
Salary: £65,000 base + package
NOTE: Candidates for this opportunity must be eligible for UK Security Clearance.
We are seeking a skilled SOC Engineer with a strong focus on SIEM and SOAR technologies to join a high-performing security operations environment. This role is centred on the configuration, optimisation, and integration of enterprise-scale security platforms, with a particular emphasis on Splunk Enterprise Security and Splunk SOAR.
You will play a critical role in ensuring these platforms are stable, scalable, and effectively supporting detection engineering, automation, and incident response functions across the SOC.
Key Responsibilities
* Configure, maintain, and optimise SIEM and SOAR platforms, specifically Splunk ES and Splunk SOAR
* Design and implement integrations between SIEM/SOAR and wider security tooling (EDR, vulnerability management, IAM, etc.)
* Develop, enhance, and maintain SOAR playbooks to automate investigation and response workflows
* Support onboarding of log sources into SIEM, ensuring accurate parsing and normalisation
* Optimise search performance, data pipelines, and platform efficiency
* Troubleshoot issues across SIEM/SOAR environments (data ingestion, alerting, integrations, automation workflows)
* Collaborate with Detection Engineers to operationalise detection use cases
* Implement enrichment workflows incorporating threat intelligence, asset context, and identity data
* Support incident response through effective automation and data availability
* Maintain clear and comprehensive documentation for configurations, integrations, and playbooks
Required Skills & Experience
* Minimum 3+ years of commercial experience in SOC, SIEM, SOAR, or security engineering roles
* Strong hands-on experience with Splunk (essential)
* Solid understanding of SIEM architecture and log management principles
* Experience building integrations using APIs and scripting languages (e.g. Python, PowerShell)
* Knowledge of automation and orchestration within security operations
* Familiarity with security tooling such as EDR, IAM, and network security solutions
* Strong troubleshooting and analytical problem-solving capabilities
Desirable Qualifications
* Bachelor’s degree in Cyber Security, IT, or a related discipline (or equivalent experience)
* Splunk Enterprise Certified Admin
* Splunk SOAR Automation Developer certification
* Additional relevant vendor certifications in SIEM/SOAR or security tooling
If you are a hands-on SOC Engineer with deep Splunk expertise and a passion for building scalable, automated security operations, apply today.