Location: London
Career Level: Specialist
Salary: Competitive salary and package dependent on experience
Role Description: Responsible for the configuration, optimisation, and integration of SIEM and SOAR platforms – Splunk Enterprise Security and SOAR. The role focuses on ensuring the platforms are stable, scalable, and effectively supporting detection, automation, and incident response across the SOC.
Security Clearance: Any offer of employment is subject to satisfactory BPSS and the candidate being granted a level of security clearance which typically requires 10 years continuous UK address history, usually including no periods of 30 consecutive days or more spent outside of the UK, and a declaration of being a British passport holder with no dual nationality at the point of application.
Key Responsibilities
- Configure and maintain SIEM and SOAR platforms – Splunk ES, Splunk SOAR
- Design and implement integrations between SIEM/SOAR and security tools such as EDR, Vulnerability Management, etc.
- Develop and maintain SOAR playbooks to automate investigation and response actions
- Support onboarding of log sources into SIEM, ensuring proper parsing and normalisation
- Optimise platform performance, search efficiency, and data pipelines
- Troubleshoot issues across SIEM/SOAR (data ingestion, alerts, playbooks, integrations)
- Work with Detection Engineers to operationalise detection use cases
- Implement enrichment workflows (threat intel, asset context, identity data)
- Support incident response by ensuring automation and data availability
- Maintain documentation for integrations, playbooks, and platform configurations
Role Requirements
- Bachelor’s degree in Cyber Security, IT, or related field (or equivalent experience)
Essential Skills and Experience
- 4-7 years experience in SIEM, SOAR, or security engineering roles
- Hands‑on experience with SIEM platforms (e.g. Splunk) and/or SOAR tools
Skills
- Strong understanding of SIEM architecture and log management
- Experience building integrations using APIs, scripts (Python, PowerShell, etc.)
- Knowledge of automation and orchestration in security operations
- Understanding of security tooling (EDR, IAM, network security)
- Good troubleshooting and problem‑solving skills
Certifications (Desirable)
- Splunk Enterprise Certified Admin
- Splunk SOAR Automation Developer
- Relevant vendor certifications (SIEM/SOAR/tools)
Location: London
Career Level: Specialist
Salary: Competitive salary and package dependent on experience
Role Description: Responsible for the configuration, optimisation, and integration of SIEM and SOAR platforms – Splunk Enterprise Security and SOAR. The role focuses on ensuring the platforms are stable, scalable, and effectively supporting detection, automation, and incident response across the SOC.
Security Clearance: Any offer of employment is subject to satisfactory BPSS and the candidate being granted a level of security clearance which typically requires 10 years continuous UK address history, usually including no periods of 30 consecutive days or more spent outside of the UK, and a declaration of being a British passport holder with no dual nationality at the point of application.
Key Responsibilities
- Configure and maintain SIEM and SOAR platforms – Splunk ES, Splunk SOAR
- Design and implement integrations between SIEM/SOAR and security tools such as EDR, Vulnerability Management, etc.
- Develop and maintain SOAR playbooks to automate investigation and response actions
- Support onboarding of log sources into SIEM, ensuring proper parsing and normalisation
- Optimise platform performance, search efficiency, and data pipelines
- Troubleshoot issues across SIEM/SOAR (data ingestion, alerts, playbooks, integrations)
- Work with Detection Engineers to operationalise detection use cases
- Implement enrichment workflows (threat intel, asset context, identity data)
- Support incident response by ensuring automation and data availability
- Maintain documentation for integrations, playbooks, and platform configurations
Role Requirements
- Bachelor’s degree in Cyber Security, IT, or related field (or equivalent experience)
Essential Skills and Experience
- 4-7 years experience in SIEM, SOAR, or security engineering roles
- Hands‑on experience with SIEM platforms (e.g. Splunk) and/or SOAR tools
Skills
- Strong understanding of SIEM architecture and log management
- Experience building integrations using APIs, scripts (Python, PowerShell, etc.)
- Knowledge of automation and orchestration in security operations
- Understanding of security tooling (EDR, IAM, network security)
- Good troubleshooting and problem‑solving skills
Certifications (Desirable)
- Splunk Enterprise Certified Admin
- Splunk SOAR Automation Developer
- Relevant vendor certifications (SIEM/SOAR/tools)
#J-18808-Ljbffr…