Cyber Security Engineer

Cyber Security Engineer – CrowdStrike & Splunk
6‑Month Contract | £500 per day (Inside IR35) | London (Hybrid)
Job Overview

We are recruiting for a Cyber Security Engineer to join one of our customers initially on a 6 month contract basis. This role is ideal for a contractor with strong expertise in CrowdStrike Falcon and Splunk, capable of transforming security telemetry into actionable threat intelligence.

As a technical specialist, you will play a key role in endpoint security, incident response, SOAR automation, and threat hunting, working closely with a SOC partner and internal stakeholders.

Key Responsibilities
Endpoint Security (CrowdStrike Falcon)

• Lead the deployment, configuration, and ongoing optimisation of the CrowdStrike Falcon platform
• Manage policies across Falcon Prevent, Insight, and Discover
• Act as the technical authority for endpoint detection and response (EDR)

SIEM & Security Monitoring (Splunk)

• Architect and enhance Splunk dashboards, alerts, and data models
• Write and maintain complex Splunk SPL queries
• Optimise Splunk Enterprise Security (ES) for advanced threat detection

Incident Response & Threat Management

• Act as a Tier 3 escalation point for high‑severity cyber security incidents
• Use EDR and SIEM tooling to investigate, contain, and remediate threats
• Map detection and response activities to the MITRE ATT&CK framework

SOAR & Automation

• Design and implement SOAR workflows to automate response actions
• Reduce manual analyst effort and improve mean‑time‑to‑respond (MTTR)

Threat Hunting

• Conduct proactive threat hunting using custom queries and telemetry analysis
• Identify previously undetected malicious activity across the environment

Knowledge Transfer & Training

• Upskill internal teams in CrowdStrike, Splunk, and security analysis best practices

Required Skills & Experience

• 5+ years’ experience in a Cyber Security Engineer or SOC Tier 3 role
• Deep, hands‑on knowledge of CrowdStrike Falcon (Prevent, Insight, Discover)
• Strong expertise in Splunk SIEM and Splunk Enterprise Security
• Advanced proficiency in Search Processing Language (SPL)
• Solid understanding of networking concepts and protocols
• Experience securing cloud environments (AWS and/or Azure)
• Strong working knowledge of the MITRE ATT&CK framework

Desirable Experience

• 2+ years using Vulnerability Assessment tools
• Exposure to penetration testing and web application security testing