eligible for DV Clearance please. What you'll be doing: Responding to ServiceNow incidents. Resolve e-mail and web browser issues. POI Investigations. Handling and maintaining an on prem Splunk solution. 3rd/4th line Network Issues. What youll bring: ? Experience in managing and maintaining Splunk solution. 3rd/4th line Network Security experience support . in an Enterprise environment More ❯
have proven experience working in a busy SOC with a tech-first approach and be able to lead from the front.From a technical perspective we are using Microsoft Sentinel, Splunk and MISP Threat sharing so any knowledge of these technologies would be a substantial benefit.This role is based out of our head office in Farnborough and will work on a … update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. What you will bring : Experience in Security Operations Centre. Demonstrable experience of Managing Microsoft Sentinel or Splunk implementations. Knowledge and experience with Mitre Att&ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Deep technical knowledge … FTP, POP, LDAP. It would be great if you had: Understanding of static malware analysis and reverse engineering. CREST Practitioner Intrusion Analyst. Experience with SIEM technologies, namely Sentinel and Splunk, with some experience with QRadar appreciated. If you are interested in this role but not sure if your skills and experience are exactly what we’re looking for, please do More ❯
Hybrid - 3 days onsite per week Clearance: Active SC Clearance is essential Rate: £550 per day - PAYE via Umbrella Only Key Responsibilities: SIEM Engineering and Architecture skills, specifically in Splunk SaaS. End to end experience of the delivery lifecycle experience for improvements. Splunk SaaS experience and expertise as a lead architect and/or engineer Experience of defining improvements within More ❯
global consultancy that require an SC Cleared SIEM Architect to join them on a major government project that's based in Wokingham. - SIEM Engineering and Architecture skills, specifically in Splunk SaaS. - End to end experience of the delivery life cycle experience for improvements. - Splunk SaaS experience and expertise as a lead architect and/or engineer - Experience of defining improvements More ❯
Wokingham, Berkshire, United Kingdom Hybrid / WFH Options
Whitehall Resources Ltd
Wokingham and the remainder remote working, for an initial 1-2 month contract. *Client requires Active SC Clearance* *Inside IR35* Job Description: - SIEM Engineering and Architecture skills, specifically in Splunk SaaS. - End to end experience of the delivery life cycle experience for improvements. - Splunk SaaS experience and expertise as a lead architect and/or engineer - Experience of defining improvements More ❯
busy SOC with a tech-first approach. The team is on the cusp of continued growth, and we are looking for leaders to drive forward. Knowledge of Microsoft Sentinel, Splunk, and MISP Threat Sharing would be a significant advantage. This role is based at our head office in Hemel Hempstead or Farnborough and involves a shift pattern with 12-hour … audiences and improving their content. Updating security incident documentation, including reports, analysis, and mitigation strategies. Qualifications and experience: Experience working in a Security Operations Centre. Managing Microsoft Sentinel and Splunk implementations. Knowledge of the Mitre Att&ck Framework. Understanding of client-server applications, web applications, databases, firewalls, VPNs, and AntiVirus products. Expertise in log data analysis and intrusion detection systems. More ❯
months; you may work other roles during this time) What You'll Be Doing: Maintain and configure data processing tools and scalable storage/analysis platforms Design and implement Splunk dashboards, alerts, and reports Support BAU operations and system development (legacy and new) Work in a fast-paced Agile environment Key Skills: Strong DevOps background with experience in Splunk and More ❯
L3 SOC Analyst A Global Organisation requires a Contract L3 SOC Analyst to join their Incident Response team acting as an escalaton point - Splunk & Defender Day Rate: £475 - £500pd IR35 Status: Inside Duration: 6 months initially Travel: 2 days a week in Berkshire This L3 SOC Analyst will have the previous following experience: Act as a lead investigator for high … containment strategies. Perform deep forensic analysis across endpoints, logs, and network traffic to uncover advanced threats. Develop and fine-tune detection rules and correlation logic in SIEM platforms (e.g., Splunk). Collaborate with engineering and threat intelligence teams to improve detection coverage and SOC workflows. Mentor and guide L1/L2 analysts, providing training, quality reviews, and escalation support. Design More ❯
SOC Analyst A Global Organisation requires a Contract L2 SOC Analyst to join their Incident Response team - Splunk, Defender Day Rate: £400 - £420pd IR35 Status: Inside Duration: 6 months initially Travel: 2 days a week in Berkshire This L2 SOC Analyst will have the previous following experience: Monitor and investigate security alerts using tools such as Splunk, Microsoft Defender, and More ❯
Manager will have the following previous experience: Direct end-to-end cyber incident lifecycle management for major security events -ensuring rapid coordination across business units and leveraging tools like Splunk and Defender to contain and mitigate threats Design, maintain, and continuously enhance playbooks, response frameworks, and tabletop exercises, incorporating threat intelligence and detection insights from CrowdStrike and Splunk to mature … IR readiness. Lead root cause analysis and develop actionable remediation plans; deliver executive-level reporting and trend analysis using integrated dashboards, combining insights from Splunk and Defender data sources. Serve as the primary advisor to senior leaders and cross-functional teams, guiding cyber incident communications, impact assessment, and risk mitigation strategies across the company, Operating Companies, and Joint Ventures. More ❯
