Senior Cyber Security Splunk SME Full Time Permanent Fully onsite - Moorgate, London EC2Y 80-92K basic + benefits (5% pension, 25 days hols, life insurance, medical cover) Are you an experienced Splunk SME looking for a new challenge? Do you have a strong background in Splunk, IAM and SOAR with a high-level understanding of wider Splunk ecosystem, along with Incident Management, Python and Powershell skills? Here at ARM, we are recruiting for a full time permanent Splunk SME for a global IT services and consultancy client of ours. Our client: They're a leading business with a global reach that empowers local teams, and they undertake hugely exciting work that is genuinely changing the world. Their advanced portfolio of consulting, applications, business process, cloud, and infrastructure services will allow you to achieve great things by working with brilliant colleagues, and clients, on exciting projects. They're a rapidly growing, people-first technology organisation and part of a $1B global service provider delivering end-to-end IT Outsourcing (ITO) and Cyber Defence services to clients across the UK and beyond. Within their Security Practice, they provide a range of services including Managed Detection and Response (MDR), Vulnerability Management, Penetration Testing, Incident Response, and consultancy led Security Advisory services. You'll be joining a team that values learning, celebrates innovation, and supports your career journey every step of the way. The Opportunity: We are looking for a skilled Splunk Specialist to deliver end-to-end Splunk engagements, helping clients build and enhance their security monitoring capabilities. You will lead the full project lifecycle, from requirements gathering and stakeholder engagement through to data onboarding, alert development, and dashboard creation, ensuring solutions are aligned to both business and security objectives. You will bring strong hands-on experience with Splunk Enterprise Security and a proven track record in delivering cybersecurity projects. This includes designing and implementing detection use cases, tuning alerts, and developing dashboards that provide clear, actionable insights for security operations teams. Experience with SOAR and UEBA technologies is advantageous but not essential. This role suits someone who enjoys working in a client-facing environment, solving complex challenges, and contributing to the ongoing evolution of modern Security Operations Centres. What You'll Be Doing: Design, build, and continuously enhance detection capabilities within Splunk across Linux and Windows environments, including log onboarding, normalisation, and enrichment Develop and maintain high-quality detection content such as correlation searches and risk-based alerting within Splunk Enterprise Security Write and optimise complex queries to support threat detection, proactive threat hunting, and anomaly identification Map detection logic to adversary behaviours using the MITRE ATT&CK Framework, ensuring effective coverage of tactics, techniques, and procedures Work with the wider Splunk ecosystem, including tools like TrackMe, and contribute to automation and orchestration initiatives (including exposure to SOAR where applicable) Leverage scripting languages such as Python and PowerShell to automate detection logic, enrich data, and integrate with security workflows Provide mentorship and technical guidance to junior engineers, particularly on Splunk backend activities such as data ingestion, parsing, indexing, and troubleshooting Collaborate closely with SOC analysts, incident responders, and global engineering teams to improve detection and response capabilities Apply strong analytical and problem-solving skills to translate threat intelligence into actionable detection use cases and continuously improve security operations What We're Looking For: Essential: Experience working on multiple projects with broad scope, ambiguity, and a high degree of difficulty Demonstrable proficiency across a wide range of IT and cybersecurity technologies Strong knowledge of key cybersecurity domains, including Identity and Access Management and Incident Management High-level analytical ability to solve unusual and complex problems Ability to maintain up-to-date working knowledge of cybersecurity principles and best practices Experience in senior stakeholder management and providing clear, relevant management reporting, professional communication - written and verbal. Eligibility to work in the UK. Desirable: Experience in technology projects such as cyber infrastructure implementation or replacement initiatives Understanding of global program structures, launch plans, timing, and ownership Ability to coach and mentor team members through knowledge transfer and constructive feedback Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission.
Apr 21, 2026
Full time
Senior Cyber Security Splunk SME Full Time Permanent Fully onsite - Moorgate, London EC2Y 80-92K basic + benefits (5% pension, 25 days hols, life insurance, medical cover) Are you an experienced Splunk SME looking for a new challenge? Do you have a strong background in Splunk, IAM and SOAR with a high-level understanding of wider Splunk ecosystem, along with Incident Management, Python and Powershell skills? Here at ARM, we are recruiting for a full time permanent Splunk SME for a global IT services and consultancy client of ours. Our client: They're a leading business with a global reach that empowers local teams, and they undertake hugely exciting work that is genuinely changing the world. Their advanced portfolio of consulting, applications, business process, cloud, and infrastructure services will allow you to achieve great things by working with brilliant colleagues, and clients, on exciting projects. They're a rapidly growing, people-first technology organisation and part of a $1B global service provider delivering end-to-end IT Outsourcing (ITO) and Cyber Defence services to clients across the UK and beyond. Within their Security Practice, they provide a range of services including Managed Detection and Response (MDR), Vulnerability Management, Penetration Testing, Incident Response, and consultancy led Security Advisory services. You'll be joining a team that values learning, celebrates innovation, and supports your career journey every step of the way. The Opportunity: We are looking for a skilled Splunk Specialist to deliver end-to-end Splunk engagements, helping clients build and enhance their security monitoring capabilities. You will lead the full project lifecycle, from requirements gathering and stakeholder engagement through to data onboarding, alert development, and dashboard creation, ensuring solutions are aligned to both business and security objectives. You will bring strong hands-on experience with Splunk Enterprise Security and a proven track record in delivering cybersecurity projects. This includes designing and implementing detection use cases, tuning alerts, and developing dashboards that provide clear, actionable insights for security operations teams. Experience with SOAR and UEBA technologies is advantageous but not essential. This role suits someone who enjoys working in a client-facing environment, solving complex challenges, and contributing to the ongoing evolution of modern Security Operations Centres. What You'll Be Doing: Design, build, and continuously enhance detection capabilities within Splunk across Linux and Windows environments, including log onboarding, normalisation, and enrichment Develop and maintain high-quality detection content such as correlation searches and risk-based alerting within Splunk Enterprise Security Write and optimise complex queries to support threat detection, proactive threat hunting, and anomaly identification Map detection logic to adversary behaviours using the MITRE ATT&CK Framework, ensuring effective coverage of tactics, techniques, and procedures Work with the wider Splunk ecosystem, including tools like TrackMe, and contribute to automation and orchestration initiatives (including exposure to SOAR where applicable) Leverage scripting languages such as Python and PowerShell to automate detection logic, enrich data, and integrate with security workflows Provide mentorship and technical guidance to junior engineers, particularly on Splunk backend activities such as data ingestion, parsing, indexing, and troubleshooting Collaborate closely with SOC analysts, incident responders, and global engineering teams to improve detection and response capabilities Apply strong analytical and problem-solving skills to translate threat intelligence into actionable detection use cases and continuously improve security operations What We're Looking For: Essential: Experience working on multiple projects with broad scope, ambiguity, and a high degree of difficulty Demonstrable proficiency across a wide range of IT and cybersecurity technologies Strong knowledge of key cybersecurity domains, including Identity and Access Management and Incident Management High-level analytical ability to solve unusual and complex problems Ability to maintain up-to-date working knowledge of cybersecurity principles and best practices Experience in senior stakeholder management and providing clear, relevant management reporting, professional communication - written and verbal. Eligibility to work in the UK. Desirable: Experience in technology projects such as cyber infrastructure implementation or replacement initiatives Understanding of global program structures, launch plans, timing, and ownership Ability to coach and mentor team members through knowledge transfer and constructive feedback Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission.
Senior Cyber Security Engineer (Contract) Location: London (Hybrid public sector client) Rate: £500 per day (Umbrella) Contract Length: 6 months Start Date: March 2026 We are supporting a key public sector organisation in London who are undergoing a significant uplift in their cyber security capability through the deployment of an outsourced Security Operations Centre (SOC) delivered in partnership with NCC Group, leveraging Splunk and CrowdStrike. Due to an upcoming vacancy within the internal cyber team, they are now seeking a Senior Cyber Security Engineer to provide critical technical leadership, ensuring the organisation maximises the value of its SOC investment. This role will act as the bridge between the internal security function and the external SOC provider, driving optimisation, integration, and capability maturity across the environment. This is a hands-on technical role suited to a seasoned cyber security professional with deep expertise in endpoint security, SIEM engineering, and threat detection engineering, alongside the ability to mentor and uplift existing team capability. Key Responsibilities Lead the deployment, configuration, and ongoing management of CrowdStrike Falcon across the enterprise environment Work closely with the SOC partner to design, build, and optimise Splunk Enterprise Security dashboards, correlation searches, and data models Act as a senior escalation point for high-priority security incidents, supporting containment and remediation using EDR and SIEM tooling Develop and implement SOAR automation workflows to streamline detection and response processes Conduct proactive threat hunting activities using advanced queries and behavioural analytics Support capability uplift by training and mentoring internal team members across CrowdStrike, Splunk, and security analysis techniques Contribute to vulnerability management, penetration testing oversight, and security policy/standards development Required Experience 5+ years experience in Cyber Security Engineering or SOC Tier 3-level roles Strong hands-on expertise with CrowdStrike Falcon (Prevent, Insight, Discover) Advanced Splunk experience, including SPL development and Splunk ES administration Solid understanding of network protocols, cloud environments (AWS/Azure), and the MITRE ATT&CK framework Experience with vulnerability assessment tools (2+ years desirable) Exposure to penetration testing or web application security testing Desirable Certifications Security certifications such as Security+, CySA+, CISSP, GCIH, GCIA, CCSP CrowdStrike certifications (CCFA / CCFR / CCSE highly desirable) Splunk Certified Cybersecurity Defense Engineer (required)
Apr 18, 2026
Contractor
Senior Cyber Security Engineer (Contract) Location: London (Hybrid public sector client) Rate: £500 per day (Umbrella) Contract Length: 6 months Start Date: March 2026 We are supporting a key public sector organisation in London who are undergoing a significant uplift in their cyber security capability through the deployment of an outsourced Security Operations Centre (SOC) delivered in partnership with NCC Group, leveraging Splunk and CrowdStrike. Due to an upcoming vacancy within the internal cyber team, they are now seeking a Senior Cyber Security Engineer to provide critical technical leadership, ensuring the organisation maximises the value of its SOC investment. This role will act as the bridge between the internal security function and the external SOC provider, driving optimisation, integration, and capability maturity across the environment. This is a hands-on technical role suited to a seasoned cyber security professional with deep expertise in endpoint security, SIEM engineering, and threat detection engineering, alongside the ability to mentor and uplift existing team capability. Key Responsibilities Lead the deployment, configuration, and ongoing management of CrowdStrike Falcon across the enterprise environment Work closely with the SOC partner to design, build, and optimise Splunk Enterprise Security dashboards, correlation searches, and data models Act as a senior escalation point for high-priority security incidents, supporting containment and remediation using EDR and SIEM tooling Develop and implement SOAR automation workflows to streamline detection and response processes Conduct proactive threat hunting activities using advanced queries and behavioural analytics Support capability uplift by training and mentoring internal team members across CrowdStrike, Splunk, and security analysis techniques Contribute to vulnerability management, penetration testing oversight, and security policy/standards development Required Experience 5+ years experience in Cyber Security Engineering or SOC Tier 3-level roles Strong hands-on expertise with CrowdStrike Falcon (Prevent, Insight, Discover) Advanced Splunk experience, including SPL development and Splunk ES administration Solid understanding of network protocols, cloud environments (AWS/Azure), and the MITRE ATT&CK framework Experience with vulnerability assessment tools (2+ years desirable) Exposure to penetration testing or web application security testing Desirable Certifications Security certifications such as Security+, CySA+, CISSP, GCIH, GCIA, CCSP CrowdStrike certifications (CCFA / CCFR / CCSE highly desirable) Splunk Certified Cybersecurity Defense Engineer (required)
Senior Cyber Security Engineer (Contract) Location: East London (Local Council) Rate: 500 per day (Umbrella) Duration: 6 months Working Pattern: Hybrid - 1-3 days per week onsite (depending on project needs) The Opportunity We are seeking a highly skilled Senior Cyber Security Engineer to support a Local Council in East London. This role is critical in maximising the value of a newly established outsourced Security Operations Centre (SOC) partnership, ensuring effective integration, optimisation, and knowledge transfer across the internal team. Following a recent team departure, this position will provide senior-level technical leadership to enhance security operations, strengthen internal capability, and drive forward cyber resilience. Key Responsibilities Lead deployment, configuration, and optimisation of endpoint protection using CrowdStrike Falcon Collaborate with SOC partner to design and enhance Splunk dashboards, alerts, and data models Act as escalation point for high-severity incidents, driving rapid detection and response Develop SOAR workflows to automate and streamline security operations Conduct proactive threat hunting to identify hidden risks Upskill internal teams in CrowdStrike, Splunk, and security analysis best practices Required Experience 5+ years in Cyber Security Engineering or SOC (Tier 3) roles Strong hands-on expertise with CrowdStrike (Falcon Prevent, Insight, Discover) Advanced Splunk skills, including SPL and Enterprise Security (ES) Solid understanding of networking, cloud security (AWS/Azure), and MITRE ATT&CK Experience in vulnerability assessment (desirable) Exposure to penetration testing and web application security (desirable) Qualifications Cyber security certifications (e.g. Security+, CySA+, CISSP, GCIH, CCSP) CrowdStrike certifications (e.g. CCFA, CCFR, CCSE) - preferred Splunk Certified Cybersecurity Defense Engineer - required Eden Brown is committed to equality in the workplace and is an equal opportunity employer. Eden Brown is acting as an Employment Business in relation to this vacancy.
Apr 18, 2026
Contractor
Senior Cyber Security Engineer (Contract) Location: East London (Local Council) Rate: 500 per day (Umbrella) Duration: 6 months Working Pattern: Hybrid - 1-3 days per week onsite (depending on project needs) The Opportunity We are seeking a highly skilled Senior Cyber Security Engineer to support a Local Council in East London. This role is critical in maximising the value of a newly established outsourced Security Operations Centre (SOC) partnership, ensuring effective integration, optimisation, and knowledge transfer across the internal team. Following a recent team departure, this position will provide senior-level technical leadership to enhance security operations, strengthen internal capability, and drive forward cyber resilience. Key Responsibilities Lead deployment, configuration, and optimisation of endpoint protection using CrowdStrike Falcon Collaborate with SOC partner to design and enhance Splunk dashboards, alerts, and data models Act as escalation point for high-severity incidents, driving rapid detection and response Develop SOAR workflows to automate and streamline security operations Conduct proactive threat hunting to identify hidden risks Upskill internal teams in CrowdStrike, Splunk, and security analysis best practices Required Experience 5+ years in Cyber Security Engineering or SOC (Tier 3) roles Strong hands-on expertise with CrowdStrike (Falcon Prevent, Insight, Discover) Advanced Splunk skills, including SPL and Enterprise Security (ES) Solid understanding of networking, cloud security (AWS/Azure), and MITRE ATT&CK Experience in vulnerability assessment (desirable) Exposure to penetration testing and web application security (desirable) Qualifications Cyber security certifications (e.g. Security+, CySA+, CISSP, GCIH, CCSP) CrowdStrike certifications (e.g. CCFA, CCFR, CCSE) - preferred Splunk Certified Cybersecurity Defense Engineer - required Eden Brown is committed to equality in the workplace and is an equal opportunity employer. Eden Brown is acting as an Employment Business in relation to this vacancy.
Senior Cyber Security Engineer (Contract) Hybrid 6-Month Contract Start: ASAP Day Rate: 500p/d inside The Opportunity We're looking for a Senior Cyber Security Engineer to join a forward-thinking public sector environment at a critical point in its cyber maturity journey. With a newly implemented outsourced Security Operations Centre (SOC) powered by Splunk and CrowdStrike , this role is key to maximising both investment and capability. You'll act as the senior technical lead-optimising tooling, strengthening detection and response, and upskilling the internal team. This is a hands-on, high-impact role suited to someone who can hit the ground running and elevate an evolving security function. Key Responsibilities Endpoint Security Leadership: Own deployment, configuration, and optimisation of CrowdStrike Falcon SIEM Optimisation: Partner with the SOC to enhance Splunk dashboards, alerts, and data models Incident Response: Act as escalation point for high-priority incidents, driving rapid containment Threat Hunting: Proactively identify hidden threats using advanced queries and telemetry Automation (SOAR): Build workflows to streamline response and reduce manual effort Capability Building: Upskill internal teams across CrowdStrike, Splunk, and security analysis Required Experience 5+ years in Cyber Security Engineering or SOC (Tier 3 level) Deep hands-on experience with CrowdStrike Falcon (Prevent, Insight, Discover) Strong Splunk expertise, including SPL and Enterprise Security (ES) Solid understanding of: Network protocols Cloud security (AWS/Azure) MITRE ATT&CK framework Additional desirable experience: Vulnerability Assessment tools Penetration Testing / Web Application Testing exposure Security policy and standards development Certifications (Desirable) Cyber Security: CompTIA Security+, Network+, CySA+, GSEC CISSP, GCIH, GCIA, CCSP CrowdStrike (ideally 2+): CCFA (Falcon Administrator) CCFR (Falcon Responder) CCSE (SIEM Engineer) Splunk: Splunk Certified Cybersecurity Defense Engineer (preferred) Why Apply? Shape and optimise a modern SOC capability Work with best-in-class tools (CrowdStrike & Splunk) High-impact role with visibility across the organisation Opportunity to leave a lasting legacy through capability uplift and knowledge transfer If you're a senior cyber specialist who thrives in hands-on, technically challenging environments and enjoys building capability as well as solving problems, this is worth a conversation Eden Brown Synergy is an equal opportunities employer. Eden Brown Limited is a limited company registered in England and Wales with registered number (phone number removed). Our registered address is 5th floor 4 Coleman Street, London, EC2R 5AR, part of nGAGE Specialist Recruitment Limited T/A nGAGE Talent. Please consider the environment before printing this e-mail. This message is intended solely for the addressee and may contain confidential information. If you have received this message in error, please send it back to us, and immediately and permanently delete it. Do not use, copy or disclose the information contained in this message or in any attachment. We take reasonable precautions to ensure no viruses are present in this email but cannot accept responsibility for any loss or damage sustained as a result of computer viruses and the recipient must ensure that the email (and attachments) are virus free.
Apr 18, 2026
Contractor
Senior Cyber Security Engineer (Contract) Hybrid 6-Month Contract Start: ASAP Day Rate: 500p/d inside The Opportunity We're looking for a Senior Cyber Security Engineer to join a forward-thinking public sector environment at a critical point in its cyber maturity journey. With a newly implemented outsourced Security Operations Centre (SOC) powered by Splunk and CrowdStrike , this role is key to maximising both investment and capability. You'll act as the senior technical lead-optimising tooling, strengthening detection and response, and upskilling the internal team. This is a hands-on, high-impact role suited to someone who can hit the ground running and elevate an evolving security function. Key Responsibilities Endpoint Security Leadership: Own deployment, configuration, and optimisation of CrowdStrike Falcon SIEM Optimisation: Partner with the SOC to enhance Splunk dashboards, alerts, and data models Incident Response: Act as escalation point for high-priority incidents, driving rapid containment Threat Hunting: Proactively identify hidden threats using advanced queries and telemetry Automation (SOAR): Build workflows to streamline response and reduce manual effort Capability Building: Upskill internal teams across CrowdStrike, Splunk, and security analysis Required Experience 5+ years in Cyber Security Engineering or SOC (Tier 3 level) Deep hands-on experience with CrowdStrike Falcon (Prevent, Insight, Discover) Strong Splunk expertise, including SPL and Enterprise Security (ES) Solid understanding of: Network protocols Cloud security (AWS/Azure) MITRE ATT&CK framework Additional desirable experience: Vulnerability Assessment tools Penetration Testing / Web Application Testing exposure Security policy and standards development Certifications (Desirable) Cyber Security: CompTIA Security+, Network+, CySA+, GSEC CISSP, GCIH, GCIA, CCSP CrowdStrike (ideally 2+): CCFA (Falcon Administrator) CCFR (Falcon Responder) CCSE (SIEM Engineer) Splunk: Splunk Certified Cybersecurity Defense Engineer (preferred) Why Apply? Shape and optimise a modern SOC capability Work with best-in-class tools (CrowdStrike & Splunk) High-impact role with visibility across the organisation Opportunity to leave a lasting legacy through capability uplift and knowledge transfer If you're a senior cyber specialist who thrives in hands-on, technically challenging environments and enjoys building capability as well as solving problems, this is worth a conversation Eden Brown Synergy is an equal opportunities employer. Eden Brown Limited is a limited company registered in England and Wales with registered number (phone number removed). Our registered address is 5th floor 4 Coleman Street, London, EC2R 5AR, part of nGAGE Specialist Recruitment Limited T/A nGAGE Talent. Please consider the environment before printing this e-mail. This message is intended solely for the addressee and may contain confidential information. If you have received this message in error, please send it back to us, and immediately and permanently delete it. Do not use, copy or disclose the information contained in this message or in any attachment. We take reasonable precautions to ensure no viruses are present in this email but cannot accept responsibility for any loss or damage sustained as a result of computer viruses and the recipient must ensure that the email (and attachments) are virus free.
