SOC Engineer

SOC Engineer (SIEM & SOAR)

Location: London (Onsite – 5 days per week)

Salary: £65,000 base + package

NOTE: Candidates for this opportunity must be eligible for UK Security Clearance.

We are seeking a skilled SOC Engineer with a strong focus on SIEM and SOAR technologies to join a high-performing security operations environment. This role is centred on the configuration, optimisation, and integration of enterprise-scale security platforms, with a particular emphasis on Splunk Enterprise Security and Splunk SOAR.

You will play a critical role in ensuring these platforms are stable, scalable, and effectively supporting detection engineering, automation, and incident response functions across the SOC.

Key Responsibilities

  • Configure, maintain, and optimise SIEM and SOAR platforms, specifically Splunk ES and Splunk SOAR
  • Design and implement integrations between SIEM/SOAR and wider security tooling (EDR, vulnerability management, IAM, etc.)
  • Develop, enhance, and maintain SOAR playbooks to automate investigation and response workflows
  • Support onboarding of log sources into SIEM, ensuring accurate parsing and normalisation
  • Optimise search performance, data pipelines, and platform efficiency
  • Troubleshoot issues across SIEM/SOAR environments (data ingestion, alerting, integrations, automation workflows)
  • Collaborate with Detection Engineers to operationalise detection use cases
  • Implement enrichment workflows incorporating threat intelligence, asset context, and identity data
  • Support incident response through effective automation and data availability
  • Maintain clear and comprehensive documentation for configurations, integrations, and playbooks

Required Skills & Experience

  • Minimum 3+ years of commercial experience in SOC, SIEM, SOAR, or security engineering roles
  • Strong hands-on experience with Splunk (essential)
  • Solid understanding of SIEM architecture and log management principles
  • Experience building integrations using APIs and scripting languages (e.g. Python, PowerShell)
  • Knowledge of automation and orchestration within security operations
  • Familiarity with security tooling such as EDR, IAM, and network security solutions
  • Strong troubleshooting and analytical problem-solving capabilities

Desirable Qualifications

  • Bachelor’s degree in Cyber Security, IT, or a related discipline (or equivalent experience)
  • Splunk Enterprise Certified Admin
  • Splunk SOAR Automation Developer certification
  • Additional relevant vendor certifications in SIEM/SOAR or security tooling

If you are a hands-on SOC Engineer with deep Splunk expertise and a passion for building scalable, automated security operations, apply today.

Apply Now
Apply Now

Job Details

Company
Anson McCade
Location
United Kingdom
Posted