Senior Cyber Security Engineer (Contract)
Location: London (Hybrid – public sector client)
Rate: £500 per day (Umbrella)
Contract Length: 6 months
Start Date: March 2026

We are supporting a key public sector organisation in London who are undergoing a significant uplift in their cyber security capability through the deployment of an outsourced Security Operations Centre (SOC) delivered in partnership with NCC Group, leveraging Splunk and CrowdStrike.

Due to an upcoming vacancy within the internal cyber team, they are now seeking a Senior Cyber Security Engineer to provide critical technical leadership, ensuring the organisation maximises the value of its SOC investment. This role will act as the bridge between the internal security function and the external SOC provider, driving optimisation, integration, and capability maturity across the environment.

This is a hands-on technical role suited to a seasoned cyber security professional with deep expertise in endpoint security, SIEM engineering, and threat detection engineering, alongside the ability to mentor and uplift existing team capability.

Key Responsibilities

• Lead the deployment, configuration, and ongoing management of CrowdStrike Falcon across the enterprise environment
• Work closely with the SOC partner to design, build, and optimise Splunk Enterprise Security dashboards, correlation searches, and data models
• Act as a senior escalation point for high-priority security incidents, supporting containment and remediation using EDR and SIEM tooling
• Develop and implement SOAR automation workflows to streamline detection and response processes
• Conduct proactive threat hunting activities using advanced queries and behavioural analytics
• Support capability uplift by training and mentoring internal team members across CrowdStrike, Splunk, and security analysis techniques
• Contribute to vulnerability management, penetration testing oversight, and security policy/standards development

Required Experience

• 5+ years’ experience in Cyber Security Engineering or SOC Tier 3-level roles
• Strong hands-on expertise with CrowdStrike Falcon (Prevent, Insight, Discover)
• Advanced Splunk experience, including SPL development and Splunk ES administration
• Solid understanding of network protocols, cloud environments (AWS/Azure), and the MITRE ATT&CK framework
• Experience with vulnerability assessment tools (2+ years desirable)
• Exposure to penetration testing or web application security testing

Desirable Certifications

• Security certifications such as Security+, CySA+, CISSP, GCIH, GCIA, CCSP
• CrowdStrike certifications (CCFA / CCFR / CCSE – highly desirable)
• Splunk Certified Cybersecurity Defense Engineer (required)