SOC Engineer - 6 month FTC in London

We are a leading international law and professional services firm providing legal, corporate and fiduciary services to global corporations, financial institutions, capital market participants and investment fund managers. With a global presence spanning the Americas, Europe, the Middle East and Asia, we advise on the laws of Bermuda, the British Virgin Islands, the Cayman Islands, Guernsey, Ireland and Jersey. We treat everyone as the intelligent professional they are. Our approach is to trust and empower our people to deliver consistently, and enable them to succeed. Diversity is our secret weapon – it’s the sheer breadth of Walkers people that makes us who we are – gathered from across the globe and fluent in languages, jurisdictions and cultures that help us to mirror our clients and keep our own thinking in tune with the world in which we operate.

Overview of role: 6 Month FTC Information Security Operations Engineer (London)

We are seeking a highly skilled SOC Engineer to strengthen and mature our Security Information and Event Management (SIEM) platform. The successful candidate will focus on onboarding new log sources, optimising data pipelines, developing advanced detection use cases, and improving overall SOC detection and response capability.

This role is ideal for a security professional with strong SIEM engineering experience and a passion for building robust, effective, and scalable security monitoring environments.

The SOC Engineer will report to Information Security Operations Manager and work with the Walkers CISO group for implementing and maintaining security controls and tools. Work collaboratively with other departments to improve our security posture.

They will be specifically responsible for driving the maturity of our SIEM solution as well as several other strategic based security solutions. The SOC engineer will also participate in various service improvements and management processes (incident, change and problem management) and will participate in the planning, design, enforcement and review of security controls which protect the integrity of Walkers IT.

The ideal candidate will have worked within a Legal, Financial Services organisation or a similarly regulated company. There will be an element of change, implementation or scheduled maintenance to be conducted outside of standard business hours. In the event of an IT Security emergency the security engineer may also be required.

Duties, Responsibilities & Person Specification

• SIEM Engineering & Maturity: Enhance and optimise the existing SIEM platform to improve performance, coverage, and fidelity. Conduct regular assessments of SIEM architecture and propose improvements to ingestion pipelines, parsing rules, correlation logic, and storage management. Implement automation and orchestration components (SOAR) to streamline incident response activities.
• Log Source Onboarding & Integration: Identify, prioritise, and onboard new log sources from cloud, on‑prem, network, endpoint, identity, and application platforms. Develop and maintain custom parsers, connectors, and ingestion playbooks. Work with internal teams and vendors to ensure high-quality, reliable telemetry and error-free ingestion.
• Use Case & Detection Content Development: Design, implement, test, and tune detection use cases based on attacker techniques (MITRE ATT&CK), threat intelligence, and risk appetite. Build correlation rules, anomaly-based detections, dashboards, and alerting workflows. Regularly review detection efficacy and reduce false positives through tuning and logic refinement.
• SOC Support & Incident Response: Work closely with SOC analysts to validate and refine detection logic. Support incident investigations through SIEM searches, enrichment, and data modelling. Provide technical SME support for complex incidents that require deep SIEM or log knowledge.
• Documentation & Governance: Maintain high-quality documentation covering data models, feed onboarding, use cases, correlation logic, and architecture. Ensure alignment with internal controls, compliance requirements, and industry standards.

Education, Skills & Experience

• Technical Expertise: Hands-on experience with leading SIEM platforms (e.g., Exabeam, LogRhythm, ArcSight, Microsoft Sentinel, Splunk, QRadar, Elastic). Strong understanding of log formats (JSON, syslog, XML, CEF, etc.) and ingestion technologies (Syslog, API, Event Hubs, Kafka, Agents). Practical knowledge of detection engineering, threat modelling, and attacker behaviour analysis. Experience building and tuning correlation rules, searches, and dashboards. Familiarity with SOAR platforms and automation workflows.
• Security Knowledge: Strong understanding of networking, Windows/Linux systems, Cloud platforms (Azure/AWS/GCP), identity systems, and endpoint protection technologies (e.g. SentinelOne and Microsoft Defender). Knowledge of MITRE ATT&CK, cyber kill chain, and threat hunting methodologies.
• Must Have: Level 4 or higher qualification in a computing subject, or equivalent experience. IT experience including both IT Infrastructure and Information Security roles. Relevant professional certifications that validate the fundamental skills required to perform the role, e.g. GIAC (GCIA, GCDA, GMON), Microsoft SC-200/SC-100, CompTIA Secure Infrastructure Specialist (CSIS), SSCP/CISSP etc. Strong skill level in scripting technologies, including Python, MS PowerShell and PowerApps. Ability to conduct research into Infrastructure issues and products as required. Self-starting with strong interpersonal, written, and oral communication skills. Ability to engage colleagues at all levels and project a solid, professional attitude consistently.
• Nice to have: Data Loss Prevention, Secure Remote Access solutions, Network Security solutions, Open Source and Cyber Threat Intelligence, Suitable experience working with the market leading technology vendor product suites, Experience in software-defined and cloud services such as SaaS, IaaS, PaaS and DaaS, Experience in Disaster Recovery Management and Business Continuity, Knowledge of applicable data privacy practices and laws.

Please be advised this role requires you to be in the office 2 days a week. Please note, this is not a day-rate contract.

Walkers global is an equal opportunity employer. Equality and diversity are key to our global identity and an integral part of our goal to continue being an employer of choice. We are committed to a work environment that supports all individuals irrespective of gender, ethnicity, nationality, race, religion, marital status, age, disability, pregnancy, sexual orientation, gender identity or any other applicable legally protected characteristics. We make every effort to ensure that employment opportunities are open and accessible to all purely on the basis of personal ability.