4 of 4 Search Processing Language Jobs in the South East

both technical teams and non-technical stakeholders. What you’ll bring: Deep SIEM expertise, building advanced detection logic, automation and complex queries in Splunk (SPL) and Microsoft Sentinel (KQL). A proven track record delivering complex detection engineering projects within enterprise or MSSP environments. Strong analytical skills, with the ability ...

sets. Proficient in TA/TAF configuration, props/transforms, parsing/line-breaking, and source type normalisation. Experience with KV store, summary indexing, search head clustering, indexer clustering, and deployment servers. Elastic (Elastic Stack/Elastic Security): Hands-on with index lifecycle management (ILM), ingest pipelines, ECS mapping ...

What we’re looking for: 5+ years in Cyber Security Engineering or SOC (Tier 3 level) Strong hands-on experience with CrowdStrike (Falcon) Advanced Splunk (SPL + Enterprise Security) expertise Solid understanding of networks, cloud (AWS/Azure), and MITRE ATT&CK Bonus: Vulnerability Assessment and Pen Testing experience MUST ...

team, or cyber defence environments, with ideally around five years hands on experience. Strong hands-on experience using SIEM platforms, including: Microsoft Sentinel (KQL) Splunk (SPL) Elastic Security/Kibana (KQL, ESQL) Practical and operational understanding of MITRE ATT&CK, attacker techniques, and adversary tradecraft Experience working with Indicators … TTPs, adversary behaviours, and emerging threat intelligence Write, refine, and optimise SIEM queries using KQL, SPL, Elastic/ESQL, and Kibana Query Language Perform IOC analysis, enrichment, and validation, integrating internal and external threat intelligence sources Lead investigations from initial detection through scoping, root cause analysis, and impact assessment ...