SOC Engineer (SIEM & SOAR)
Location: London (Onsite – 5 days per week)
Salary: £65,000 base + package
NOTE: Candidates for this opportunity must be eligible for UK Security Clearance.
We are seeking a skilled SOC Engineer with a strong focus on SIEM and SOAR technologies to join a high-performing security operations environment. This role is centred on the configuration, optimisation, and integration of enterprise-scale security platforms, with a particular emphasis on Splunk Enterprise Security and Splunk SOAR.
You will play a critical role in ensuring these platforms are stable, scalable, and effectively supporting detection engineering, automation, and incident response functions across the SOC.
Key Responsibilities
- Configure, maintain, and optimise SIEM and SOAR platforms, specifically Splunk ES and Splunk SOAR
- Design and implement integrations between SIEM/SOAR and wider security tooling (EDR, vulnerability management, IAM, etc.)
- Develop, enhance, and maintain SOAR playbooks to automate investigation and response workflows
- Support onboarding of log sources into SIEM, ensuring accurate parsing and normalisation
- Optimise search performance, data pipelines, and platform efficiency
- Troubleshoot issues across SIEM/SOAR environments (data ingestion, alerting, integrations, automation workflows)
- Collaborate with Detection Engineers to operationalise detection use cases
- Implement enrichment workflows incorporating threat intelligence, asset context, and identity data
- Support incident response through effective automation and data availability
- Maintain clear and comprehensive documentation for configurations, integrations, and playbooks
Required Skills & Experience
- Minimum 3+ years of commercial experience in SOC, SIEM, SOAR, or security engineering roles
- Strong hands-on experience with Splunk (essential)
- Solid understanding of SIEM architecture and log management principles
- Experience building integrations using APIs and scripting languages (e.g. Python, PowerShell)
- Knowledge of automation and orchestration within security operations
- Familiarity with security tooling such as EDR, IAM, and network security solutions
- Strong troubleshooting and analytical problem-solving capabilities
Desirable Qualifications
- Bachelor’s degree in Cyber Security, IT, or a related discipline (or equivalent experience)
- Splunk Enterprise Certified Admin
- Splunk SOAR Automation Developer certification
- Additional relevant vendor certifications in SIEM/SOAR or security tooling
If you are a hands-on SOC Engineer with deep Splunk expertise and a passion for building scalable, automated security operations, apply today.
”, “datePosted”: “2026-05-23”, “hiringOrganization”: { “@type”: “Organization”, “name”: “Anson McCade”, “sameAs”: “https://uk.whatjobs.com/pub_api__cpl__439517864__4861?utm_campaign=publisher&utm_medium=api&utm_source=4861&geoID=33” }, “jobLocation”: { “@type”: “Place”, “address”: { “@type”: “PostalAddress”, “addressLocality”: “London” } } }SOC Engineer (SIEM & SOAR)
Location: London (Onsite – 5 days per week)
Salary: £65,000 base + package
NOTE: Candidates for this opportunity must be eligible for UK Security Clearance.
We are seeking a skilled SOC Engineer with a strong focus on SIEM and SOAR technologies to join a high-performing security operations environment. This role is centred on the configuration, optimisation, and integration of enterprise-scale security platforms, with a particular emphasis on Splunk Enterprise Security and Splunk SOAR.
You will play a critical role in ensuring these platforms are stable, scalable, and effectively supporting detection engineering, automation, and incident response functions across the SOC.
Key Responsibilities
- Configure, maintain, and optimise SIEM and SOAR platforms, specifically Splunk ES and Splunk SOAR
- Design and implement integrations between SIEM/SOAR and wider security tooling (EDR, vulnerability management, IAM, etc.)
- Develop, enhance, and maintain SOAR playbooks to automate investigation and response workflows
- Support onboarding of log sources into SIEM, ensuring accurate parsing and normalisation
- Optimise search performance, data pipelines, and platform efficiency
- Troubleshoot issues across SIEM/SOAR environments (data ingestion, alerting, integrations, automation workflows)
- Collaborate with Detection Engineers to operationalise detection use cases
- Implement enrichment workflows incorporating threat intelligence, asset context, and identity data
- Support incident response through effective automation and data availability
- Maintain clear and comprehensive documentation for configurations, integrations, and playbooks
Required Skills & Experience
- Minimum 3+ years of commercial experience in SOC, SIEM, SOAR, or security engineering roles
- Strong hands-on experience with Splunk (essential)
- Solid understanding of SIEM architecture and log management principles
- Experience building integrations using APIs and scripting languages (e.g. Python, PowerShell)
- Knowledge of automation and orchestration within security operations
- Familiarity with security tooling such as EDR, IAM, and network security solutions
- Strong troubleshooting and analytical problem-solving capabilities
Desirable Qualifications
- Bachelor’s degree in Cyber Security, IT, or a related discipline (or equivalent experience)
- Splunk Enterprise Certified Admin
- Splunk SOAR Automation Developer certification
- Additional relevant vendor certifications in SIEM/SOAR or security tooling
If you are a hands-on SOC Engineer with deep Splunk expertise and a passion for building scalable, automated security operations, apply today.
…