Contract | 6 Months | Inside IR35 | Hybrid (2 days a week) Security Engineer - SOC & Automation (Financial Services) We're looking for a Security Engineer to strengthen SOC capabilities at a financial services client. The focus is on SIEM/SOAR tooling, automation, and improving threat detection and response.
Responsibilities:
Maintain and optimise SOC tools (SIEM, SOAR, EDR).
Automate detection and response using scripts (Python, PowerShell).
Integrate threat intel, onboard log sources, and fine-tune alerts.
Collaborate with SOC teams to enhance detection and incident response workflows.
Support regulatory compliance (FCA, PRA, DORA) through improved security operations.
Requirements:
4+ years in cybersecurity, with 2+ in SOC or security engineering.
Strong experience with SIEM/SOAR (e.g., Splunk, Sentinel).
Proficient in scripting (Python, PowerShell).
Knowledge of MITRE ATT&CK and incident response.
Experience in regulated financial environments.
Nice to Have:
SOC certifications (e.g., GCIH, GCIA), Splunk Certified User/Admin.
Familiarity with cloud logging (CloudTrail, Azure Monitor).
Understanding of NIST 800-61, ISO 27001.