Security Engineer

Contract | 6 Months | Inside IR35 | Hybrid (2 days a week)

Security Engineer – SOC & Automation (Financial Services)

We're looking for a Security Engineer to strengthen SOC capabilities at a financial services client. The focus is on SIEM/SOAR tooling, automation, and improving threat detection and response.

Responsibilities:

• Maintain and optimise SOC tools (SIEM, SOAR, EDR).

• Automate detection and response using scripts (Python, PowerShell).

• Integrate threat intel, onboard log sources, and fine-tune alerts.

• Collaborate with SOC teams to enhance detection and incident response workflows.

• Support regulatory compliance (FCA, PRA, DORA) through improved security operations.

Requirements:

• 4+ years in cybersecurity, with 2+ in SOC or security engineering.

• Strong experience with SIEM/SOAR (e.g., Splunk, Sentinel).

• Proficient in scripting (Python, PowerShell).

• Knowledge of MITRE ATT&CK and incident response.

• Experience in regulated financial environments.

Nice to Have:

• SOC certifications (e.g., GCIH, GCIA), Splunk Certified User/Admin.

• Familiarity with cloud logging (CloudTrail, Azure Monitor).

• Understanding of NIST 800-61, ISO 27001.