Senior Cyber Security Engineer

Job Description

We are looking for an experienced and highly organised Senior Cyber Security Engineer for a local government client. This position provides an opportunity to contribute to public safety and community resilience. The ideal candidate will be a technical expert in CrowdStrike for endpoint protection and Splunk for security telemetry, capable of transforming raw data into actionable intelligence.

Key Responsibilities

• Endpoint Strategy: Lead the deployment, policy configuration, and maintenance of the CrowdStrike Falcon platform, playing a crucial role in strengthening our security posture.
• SIEM Mastery: Collaborate with our SOC partner to design and optimise Splunk dashboards, alerts, and data models to identify sophisticated threats.
• Incident Response: Act as a technical escalation point for high-priority security incidents, utilising EDR and SIEM tools to enable rapid containment.
• Automation: Develop Security Orchestration, Automation, and Response (SOAR) workflows to minimise manual intervention and enhance response times.
• Threat Hunting: Proactively search for undetected malicious activity using specialised queries.
• Training: Enhance the CrowdStrike, Splunk, and security analysis skills of the existing team, providing opportunities for professional development and leadership.

Qualifications Essential and Desired Cyber Security

• Foundational Certifications: CompTIA Security+, Network+, CYSA+, GSEC
• Advanced Certifications: CISSP, GCIH, GCIA, CCSP
• CrowdStrike Certifications: Ideally, possess 2 or more of the following:
• CCFA (CrowdStrike Certified Falcon Administrator)
• CCFR (CrowdStrike Certified Falcon Responder)
• CCSE (CrowdStrike Certified SIEM Engineer)
• Splunk Certification: Splunk Certified Cybersecurity Defence Engineer (Mandatory)

Criteria for Shortlisting - Ideal Candidate Profile:

• Experience: 5+ years in a dedicated Cyber Security Engineering or SOC Tier 3 role.
• CrowdStrike Expertise: Solid hands-on experience with Falcon Prevent, Insight, and Discover. Certification (CCFA/CCFR) is a significant advantage.
• Splunk Proficiency: Skilled in writing complex Search Processing Language (SPL) queries and managing Splunk Enterprise Security (ES).
• Technical Knowledge: Strong Understanding of network protocols, cloud security (AWS/Azure), and the MITRE ATT&CK framework.
• Vulnerability Assessment: 2+ years of experience using vulnerability assessment tools is a bonus.
• Penetration Testing Experience: Familiarity with penetration testing and web application testing.

Compliance Requirements

Willingness to participate in the mandatory Right to Work Checks as part of the pre-screening application process.

Diamond Blaque Group, a leading public-sector provider, acts as the employment business for this vacancy. We are committed to fostering an inclusive environment that values diversity and equal opportunity in the workplace.