Cyber Security Engineer – CrowdStrike and Splunk
6-Month Contract | £500 per day (Inside IR35) | London (Hybrid)
Job Overview

We are recruiting for a Cyber Security Engineer to join one of our customers initially on a 6 month contract basis. This role is ideal for a contractor with strong expertise in CrowdStrike Falcon and Splunk, capable of transforming security telemetry into actionable threat intelligence.

As a technical specialist, you will play a key role in endpoint security, incident response, SOAR automation, and threat hunting, working closely with a SOC partner and internal stakeholders.

Key Responsibilities
Endpoint Security (CrowdStrike Falcon)

- Lead the deployment, configuration, and ongoing optimisation of the CrowdStrike Falcon platform
- Manage policies across Falcon Prevent, Insight, and Discover
- Act as the technical authority for endpoint detection and response (EDR)

SIEM and Security Monitoring (Splunk)

- Architect and enhance Splunk dashboards, alerts, and data models
- Write and maintain complex Splunk SPL queries
- Optimise Splunk Enterprise Security (ES) for advanced threat detection

Incident Response and Threat Management

- Act as a Tier 3 escalation point for high-severity cyber security incidents
- Use EDR and SIEM tooling to investigate, contain, and remediate threats
- Map detection and response activities to the MITRE ATTandCK framework

SOAR and Automation

- Design and implement SOAR workflows to automate response actions
- Reduce manual analyst effort and improve mean-time-to-respond (MTTR)

Threat Hunting

- Conduct proactive threat hunting using custom queries and telemetry analysis
- Identify previously undetected malicious activity across the environment

Knowledge Transfer and Training

- Upskill internal teams in CrowdStrike, Splunk, and security analysis best practices

Required Skills and Experience

- 5+ years’ experience in a Cyber Security Engineer or SOC Tier 3 role
- Deep, hands-on knowledge of CrowdStrike Falcon (Prevent, Insight, Discover)
- Strong expertise in Splunk SIEM and Splunk Enterprise Security
- Advanced proficiency in Search Processing Language (SPL)
- Solid understanding of networking concepts and protocols
- Experience securing cloud environments (AWS and/or Azure)
- Strong working knowledge of the MITRE ATTandCK framework

Desirable Experience

- 2+ years using Vulnerability Assessment tools
- Exposure to penetration testing and web application security testing