SOC Engineer

SOC Engineer

+6 months +

+DV cleared role

+ 600 - 700 a day Inside IR35

+On site in Hemel Hempstead

Skills:

+ SIEM / SPLUNK / SOC

+ DV clearance - must hold current active clearance

Join our team as a SOC Engineer and become a critical player in safeguarding organizations through cutting-edge security monitoring and threat detection. In this role, you will lead the design, implementation, and optimization of advanced security tools within a dynamic Security Operations Centre, ensuring our clients' infrastructure remains resilient against emerging cyber threats. This is an exciting opportunity for an experienced cybersecurity professional to shape security strategies, work with innovative technologies, and make a tangible impact in the field of digital protection.

Required Skills:

• Proven experience leading security engineering teams and managing large client engagements
• Expertise in SIEM platforms, specifically Splunk Enterprise & Enterprise Security and Elastic Stack / Elastic Security
• Deep knowledge of detection engineering, threat intelligence frameworks (MITRE ATT&CK), and noise reduction techniques
• Hands-on experience with data ingestion tools such as Elastic Agent, Beats, Splunk UF/HF, Syslog, Kafka
• Advanced proficiency in querying languages including SPL, KQL, and EQL
• Strong understanding of ECS and CIM log normalization, enrichment, and large-scale data architectures
• Expertise in detection rule design, tuning, and lifecycle management
• Proficiency with automation and orchestration tools, CI/CD pipelines, and Infrastructure as Code (Terraform, Ansible)
• Excellent stakeholder communication and client management skills
• Ability to assess risks, evaluate complex information, and communicate effectively at all levels

Ready to take your cybersecurity expertise to the next level? Apply now and become a vital part of our mission to defend digital assets with innovative security solutions!