Cyber Security Engineer
6‑Month Contract
£500 per day (Inside IR35)
London (Hybrid)
I'm current recruiting for a Cyber Security Engineer to join one of our customers initially on a 6 month contract basis. This role is ideal for a contractor with strong expertise in CrowdStrike Falcon and Splunk, capable of transforming security telemetry into actionable threat intelligence.
As a technical specialist, you will play a key role in endpoint security, incident response, SOAR automation, and threat hunting, working closely with a SOC partner and internal stakeholders.
Key Responsibilities
Endpoint Security (CrowdStrike Falcon)
* Lead the deployment, configuration, and ongoing optimisation of the CrowdStrike Falcon platform
* Manage policies across Falcon Prevent, Insight, and Discover
* Act as the technical authority for endpoint detection and response (EDR)
SIEM & Security Monitoring (Splunk)
* Architect and enhance Splunk dashboards, alerts, and data models
* Write and maintain complex Splunk SPL queries
* Optimise Splunk Enterprise Security (ES) for advanced threat detection
Incident Response & Threat Management
* Act as a Tier 3 escalation point for high‑severity cyber security incidents
* Use EDR and SIEM tooling to investigate, contain, and remediate threats
* Map detection and response activities to the MITRE ATT&CK framework
SOAR & Automation
* Design and implement SOAR workflows to automate response actions
* Reduce manual analyst effort and improve mean‑time‑to‑respond (MTTR)
Threat Hunting
* Conduct proactive threat hunting using custom queries and telemetry analysis
* Identify previously undetected malicious activity across the environment
Required Skills & Experience
* 5+ years’ experience in a Cyber Security Engineer or SOC Tier 3 role
* Deep, hands‑on knowledge of CrowdStrike Falcon (Prevent, Insight, Discover)
* Strong expertise in Splunk SIEM and Splunk Enterprise Security
* Advanced proficiency in Search Processing Language (SPL)
* Solid understanding of networking concepts and protocols
* Experience securing cloud environments (AWS and/or Azure)
* Strong working knowledge of the MITRE ATT&CK framework
Desirable Experience
* 2+ years using Vulnerability Assessment tools
* Exposure to penetration testing and web application security testing