19 of 19 Search Processing Language Jobs

authority for endpoint detection and response (EDR) SIEM & Security Monitoring (Splunk) Architect and enhance Splunk dashboards, alerts, and data models Write and maintain complex Splunk SPL queries Optimise Splunk Enterprise Security (ES) for advanced threat detection Incident Response & Threat Management Act as a Tier 3 escalation point for high-severity … role Deep, hands-on knowledge of CrowdStrike Falcon (Prevent, Insight, Discover) Strong expertise in Splunk SIEM and Splunk Enterprise Security Advanced proficiency in Search Processing Language (SPL) Solid understanding of networking concepts and protocols Experience securing cloud environments (AWS and/or Azure) Strong working knowledge ...

tools for rapid containment. Automation: Develop "SOAR" workflows (Security Orchestration, Automation, and Response) to reduce manual intervention and improve response times. Threat Hunting: Proactively search for undetected malicious activity using specialized queries. Training. Build up the Crowdstrike, Splunk and Security Analysis skills within the existing team. Required Experience Experience … hands-on experience with Falcon Prevent, Insight, and Discover. Certification (CCFA/CCFR) is a major plus. Splunk Power User: Proficiency in writing complex Search Processing Language (SPL) and managing Splunk Enterprise Security (ES). Technical Breadth: Strong understanding of network protocols, cloud security (AWS/Azure ...

tools for rapid containment. Automation: Develop "SOAR" workflows (Security Orchestration, Automation, and Response) to reduce manual intervention and improve response times. Threat Hunting: Proactively search for undetected malicious activity using specialized queries. Training. Build up the Crowdstrike, Splunk and Security Analysis skills within the existing team. Required Experience Experience … hands-on experience with Falcon Prevent, Insight, and Discover. Certification (CCFA/CCFR) is a major plus. Splunk Power User: Proficiency in writing complex Search Processing Language (SPL) and managing Splunk Enterprise Security (ES). Technical Breadth: Strong understanding of network protocols, cloud security (AWS/Azure ...

tools for rapid containment. Automation: Develop "SOAR" workflows (Security Orchestration, Automation, and Response) to reduce manual intervention and improve response times. Threat Hunting: Proactively search for undetected malicious activity using specialized queries. Training . Build up the Crowdstrike, Splunk and Security Analysis skills within the existing team. Required Experience … hands-on experience with Falcon Prevent, Insight, and Discover. Certification (CCFA/CCFR) is a major plus. Splunk Power User: Proficiency in writing complex Search Processing Language (SPL) and managing Splunk Enterprise Security (ES). Technical Breadth: Strong understanding of network protocols, cloud security (AWS/Azure ...

Tier 3 role. Technical Requirements: CrowdStrike Expertise: Deep hands-on experience with Falcon Prevent, Insight, and Discover. Splunk Power User: Proficiency in writing complex Search Processing Language (SPL) and managing Splunk Enterprise Security (ES). Technical Breadth: Strong understanding of network protocols, cloud security (AWS/Azure ...

Tier 3 role. Technical Requirements: CrowdStrike Expertise: Deep hands-on experience with Falcon Prevent, Insight, and Discover. Splunk Power User: Proficiency in writing complex Search Processing Language (SPL) and managing Splunk Enterprise Security (ES). Technical Breadth: Strong understanding of network protocols, cloud security (AWS/Azure ...

sets. Proficient in TA/TAF configuration, props/transforms, parsing/line-breaking, and source type normalisation. Experience with KV store, summary indexing, search head clustering, indexer clustering, and deployment servers. Elastic (Elastic Stack/Elastic Security): Hands-on with index lifecycle management (ILM), ingest pipelines, ECS mapping ...

sets. Proficient in TA/TAF configuration, props/transforms, parsing/line-breaking, and source type normalisation. Experience with KV store, summary indexing, search head clustering, indexer clustering, and deployment servers. Elastic (Elastic Stack/Elastic Security): Hands-on with index lifecycle management (ILM), ingest pipelines, ECS mapping ...

team, or cyber defence environments, with ideally around five years hands on experience. Strong hands-on experience using SIEM platforms, including: Microsoft Sentinel (KQL) Splunk (SPL) Elastic Security/Kibana (KQL, ESQL) Practical and operational understanding of MITRE ATT&CK, attacker techniques, and adversary tradecraft Experience working with Indicators … TTPs, adversary behaviours, and emerging threat intelligence Write, refine, and optimise SIEM queries using KQL, SPL, Elastic/ESQL, and Kibana Query Language Perform IOC analysis, enrichment, and validation, integrating internal and external threat intelligence sources Lead investigations from initial detection through scoping, root cause analysis, and impact assessment ...

team, or cyber defence environments, with ideally around five years hands on experience. Strong hands-on experience using SIEM platforms, including: Microsoft Sentinel (KQL) Splunk (SPL) Elastic Security/Kibana (KQL, ESQL) Practical and operational understanding of MITRE ATT&CK, attacker techniques, and adversary tradecraft Experience working with Indicators … TTPs, adversary behaviours, and emerging threat intelligence Write, refine, and optimise SIEM queries using KQL, SPL, Elastic/ESQL, and Kibana Query Language Perform IOC analysis, enrichment, and validation, integrating internal and external threat intelligence sources Lead investigations from initial detection through scoping, root cause analysis, and impact assessment ...

Managing Security Engineer (DV Cleared) Hemel Hempstead - 5 days onsite £500-£700 per day Inside IR35 We're seeking a DV-cleared Managing Security Engineer to lead the design, implementation, and optimisation of security monitoring ...

Security Content Engineer £65000 GBP Hybrid WORKING Location: Central London, Greater London - United Kingdom Type: Permanent Security Content Engineer (SOC) Location: London (Full time - 5 days onsite) Salary: Up to £65,000 + bonus Clearance ...

SOC Engineer +6 months + +DV cleared role + 600 - 700 a day Inside IR35 +On site in Hemel Hempstead Skills: + SIEM/SPLUNK/SOC + DV clearance - must hold current active clearance ...

Sheer Jobs Limited is recruiting on behalf of a local authority client for a Senior Cyber Security Engineer to play a critical role in strengthening and optimising their cyber security function. This position is key ...

Senior Cyber Security Engineer (Contract) Location: London (Hybrid public sector client) Rate: £500 per day (Umbrella) Contract Length: 6 months Start Date: March 2026 We are supporting a key public sector organisation in London who ...

Senior Cyber Security Engineer (Contract) Hybrid | 6-Month Contract | Start: ASAP Day Rate: 500p/d inside The Opportunity We're looking for a Senior Cyber Security Engineer to join a forward-thinking public sector ...

Senior Cyber Security Engineer (Contract) Location: East London (Local Council) Rate: 500 per day (Umbrella) Duration: 6 months Working Pattern: Hybrid - 1-3 days per week onsite (depending on project needs) The Opportunity We are ...

Senior Cyber Security Engineer (Contract) Location: East London (Local Council) Rate: £500 per day (Umbrella) Duration: 6 months Working Pattern: Hybrid - 1-3 days per week onsite (depending on project needs) The Opportunity We are ...

We’re seeking a highly capable Senior Cyber Security Engineer to join our client at a pivotal stage of our security evolution. Following the implementation of an outsourced Security Operations Centre (SOC) this role will ...