Contract | 6 Months | Inside IR35 | Hybrid (2 days a week)
Security Engineer - SOC & Automation (Financial Services)
We're looking for a Security Engineer to strengthen SOC capabilities at a financial services client. The focus is on SIEM/SOAR tooling, automation, and improving threat detection and response.
Responsibilities:
* Maintain and optimise SOC tools (SIEM, SOAR, EDR).
* Automate detection and response using scripts (Python, PowerShell).
* Integrate threat intel, onboard log sources, and fine-tune alerts.
* Collaborate with SOC teams to enhance detection and incident response workflows.
* Support regulatory compliance (FCA, PRA, DORA) through improved security operations.
Requirements:
* 4+ years in cybersecurity, with 2+ in SOC or security engineering.
* Strong experience with SIEM/SOAR (e.g., Splunk, Sentinel).
* Proficient in scripting (Python, PowerShell).
* Knowledge of MITRE ATT&CK and incident response.
* Experience in regulated financial environments.
Nice to Have:
* SOC certifications (e.g., GCIH, GCIA), Splunk Certified User/Admin.
* Familiarity with cloud logging (CloudTrail, Azure Monitor).
* Understanding of NIST 800-61, ISO 27001.