Role: SOC - SOC Engineer - SIEM & SOAR
Location: London
Salary: Competitive salary and package dependent on experience
Career Level: Specialist
Please Note: Any offer of employment is subject to satisfactory BPSS and the candidate being granted a level of security clearance which typically requires 10 years continuous UK address history, usually including no periods of 30 consecutive days or more spent outside of the UK, and a declaration of being a British passport holder with no dual nationality at the point of application.
Note: The above information relates to a specific client requirement
Role Description
Responsible for the configuration, optimisation, and integration of SIEM and SOAR platforms - Splunk Enterprise Security and SOAR. The role focuses on ensuring the platforms are stable, scalable, and effectively supporting detection, automation, and incident response across the SOC.
Key Responsibilities
- Configure and maintain SIEM and SOAR platforms - Splunk ES, Splunk SOAR
- Design and implement integrations between SIEM/SOAR and security tools such as EDR, Vulnerability Management, etc.
- Develop and maintain SOAR playbooks to automate investigation and response actions
- Support onboarding of log sources into SIEM, ensuring proper parsing and normalisation
- Optimise platform performance, search efficiency, and data pipelines
- Troubleshoot issues across SIEM/SOAR (data ingestion, alerts, playbooks, integrations)
- Work with Detection Engineers to operationalise detection use cases
- Implement enrichment workflows (threat intel, asset context, identity data)
- Support incident response by ensuring automation and data availability
- Maintain documentation for integrations, playbooks, and platform configurations
Role Requirements
- Bachelor’s degree in Cyber Security, IT, or related field (or equivalent experience)
The following skills and experience are essential for this role
- 4–7 years experience in SIEM, SOAR, or security engineering roles
- Hands-on experience with SIEM platforms (e.g. Splunk) and/or SOAR tools
Skills
- Strong understanding of SIEM architecture and log management
- Experience building integrations using APIs, scripts (Python, PowerShell, etc.)
- Knowledge of automation and orchestration in security operations
- Understanding of security tooling (EDR, IAM, network security)
- Good troubleshooting and problem-solving skills
Certifications (Desirable)
- Splunk Enterprise Certified Admin
- Splunk SOAR Automation Developer
- Relevant vendor certifications (SIEM/SOAR/tools)
Closing Date for Applications: 01/06/2026
Accenture reserves the right to close the role prior to this date should a suitable applicant be found. #LI-EU
