Principal / Lead Consultant - SOC Tools Engineering

Role Serve as the technical lead on engagements focused on SOC tools architecture, deployment and integration. Design, implement and optimise tools such as SIEM, SOAR, EDR, NDR, threat intelligence platforms and case management systems. Lead client workshops to assess current-state SOC tooling and recommend improvements or transformation roadmaps. Oversee end-to-end delivery of security tools engineering projects, from requirements gathering through deployment and validation. Integrate SOC tooling with cloud platforms (AWS, Azure, GCP), log sources and other enterprise systems. Establish automation and orchestration pipelines to improve detection, response and remediation workflows. Skills ~8+ years in Cyber Security, with 5+ years in SOC or security engineering roles. ~ Deep expertise in security technologies such as: ~ SIEM: Splunk, Microsoft Sentinel, Exabeam, LogRhythm etc. ~ SOAR: Palo Alto XSOAR, Splunk SOAR, IBM Resilient etc. ~ EDR/NDR: CrowdStrike, SentinelOne, Darktrace, Vectra etc. ~ Strong experience in scripting (e.g. Python, PowerShell) and automation/integration of SOC tools. ~ Familiarity with MITRE ATT&CK, threat detection engineering and response workflows. ~ Demonstrated client-facing experience in a consulting or pre-sales engineering capacity. ~ Strong communication skills for both technical and executive-level audiences.