Contract | 6 Months | Inside IR35 | Hybrid (2 days a week)
**Security Engineer - SOC & Automation (Financial Services)
We're looking for a Security Engineer to strengthen SOC capabilities at a financial services client. The focus is on SIEM/SOAR tooling, automation, and improving threat detection and response.
**Responsibilities:
- Maintain and optimise SOC tools (SIEM, SOAR, EDR).
- Automate detection and response using scripts (Python, PowerShell).
- Integrate threat intel, onboard log sources, and fine-tune alerts.
- Collaborate with SOC teams to enhance detection and incident response workflows.
- Support regulatory compliance (FCA, PRA, DORA) through improved security operations.
**Requirements:
- 4+ years in cybersecurity, with 2+ in SOC or security engineering.
- Strong experience with SIEM/SOAR (e.g., Splunk, Sentinel).
- Proficient in scripting (Python, PowerShell).
- Knowledge of MITRE ATT&CK and incident response.
- Experience in regulated financial environments.
**Nice to Have:
- SOC certifications (e.g., GCIH, GCIA), Splunk Certified User/Admin.
- Familiarity with cloud logging (CloudTrail, Azure Monitor).
- Understanding of NIST 800-61, ISO 27001.