6-month contract opportunity with a local authority Summary This is a 6-month contract opportunity with a local authority, focused on providing senior-level cybersecurity engineering expertise. The role is pivotal in supporting and optimizing the Council’s outsourced Security Operations Center (SOC) through the use of CrowdStrike and Splunk platforms. The successful candidate will ensure the effective integration, configuration, and operational use of security tools to enhance threat detection, incident response, and overall security maturity. Additionally, the role involves providing technical leadership, mentoring, and knowledge transfer to bolster internal cyber capabilities during a period of team transition. Key Responsibilities Lead the deployment, configuration, and ongoing management of the CrowdStrike Falcon platform, including endpoint protection policies. Collaborate with the SOC provider to design, optimize, and maintain Splunk dashboards, alerts, and security data models. Serve as a technical escalation point for high-severity security incidents, facilitating rapid investigation, containment, and remediation using EDR and SIEM tools. Develop and implement SOAR workflows to automate detection, response, and security operations processes. Conduct proactive threat hunting using SIEM/EDR data and MITRE ATT&CK-aligned techniques. Support vulnerability assessment and security scanning activities using relevant tools. Provide input into penetration testing activities and interpret findings for remediation. Deliver training, coaching, and knowledge transfer to enhance the existing cybersecurity team's skills in CrowdStrike, Splunk, and threat analysis. Contribute to the development of security policies, standards, and technical documentation as needed. Requirements Minimum of 5 years’ experience in Cyber Security Engineering or SOC Tier 3 role. Strong hands-on experience with endpoint security and SIEM platforms in enterprise environments. Experience supporting or working alongside managed SOC providers. At least 2 years’ experience in vulnerability assessment tools (desirable). Exposure to penetration testing and web application security testing (desirable). Expert-level experience with CrowdStrike Falcon (Prevent, Insight, Discover). Strong expertise in Splunk, including SPL, dashboards, alerts, and Splunk Enterprise Security (ES). Solid understanding of network protocols, cloud security (AWS/Azure), and threat detection methodologies. Working knowledge of the MITRE ATT&CK framework. Experience building automation or SOAR playbooks for security operations. CrowdStrike certifications (CCFA / CCFR / CCSE – any combination preferred). Splunk Certified Cybersecurity Defense Engineer (mandatory preferred requirement). Security certifications such as Security, CySA, GSEC, CISSP, GCIH, GCIA, or CCSP (desirable). Additional Information Bi-Weekly Payments Location: Hackney, London Role closes on 20th June 2026