Salary: £15,000 - 20,000 per year Requirements: 5 years experience in a Cyber Security Engineer or SOC Tier 3 role Deep, hands-on knowledge of CrowdStrike Falcon (Prevent, Insight, Discover) Strong expertise in Splunk SIEM and Splunk Enterprise Security Advanced proficiency in Search Processing Language (SPL) Solid understanding of networking concepts and protocols Experience securing cloud environments (AWS and/or Azure) Strong working knowledge of the MITRE ATT&CK framework 2 years using Vulnerability Assessment tools (desirable) Exposure to penetration testing and web application security testing (desirable) Responsibilities: Lead the deployment, configuration, and ongoing optimisation of the CrowdStrike Falcon platform Manage policies across Falcon Prevent, Insight, and Discover Act as the technical authority for endpoint detection and response (EDR) Architect and enhance Splunk dashboards, alerts, and data models Write and maintain complex Splunk SPL queries Optimise Splunk Enterprise Security (ES) for advanced threat detection Act as a Tier 3 escalation point for high-severity cyber security incidents Use EDR and SIEM tooling to investigate, contain, and remediate threats Map detection and response activities to the MITRE ATT&CK framework Design and implement SOAR workflows to automate response actions Reduce manual analyst effort and improve mean-time-to-respond (MTTR) Conduct proactive threat hunting using custom queries and telemetry analysis Identify previously undetected malicious activity across the environment Upskill internal teams in CrowdStrike, Splunk, and security analysis best practices Technologies: AWS Architect Azure Cloud Security Splunk Web More: We are recruiting for a Cyber Security Engineer to join one of our customers initially on a 6 month contract basis in London (Hybrid). This role is ideal for a contractor with strong expertise in CrowdStrike Falcon and Splunk, capable of transforming security telemetry into actionable threat intelligence. As a technical specialist, you will play a key role in endpoint security, incident response, SOAR automation, and threat hunting, working closely with a SOC partner and internal stakeholders. We offer competitive compensation at £500 per day, and an opportunity to work on cutting-edge technology in a dynamic environment. last updated 16 week of 2026