SOC Engineer

SOC Engineer (SIEM & SOAR) Location: London (Onsite – 5 days per week) Salary: £65,000 base + package

NOTE: Candidates for this opportunity must be eligible for UK Security Clearance.

We are seeking a skilled SOC Engineer with a strong focus on SIEM and SOAR technologies to join a high-performing security operations environment. This role is centred on the configuration, optimisation, and integration of enterprise-scale security platforms, with a particular emphasis on Splunk Enterprise Security and Splunk SOAR.

You will play a critical role in ensuring these platforms are stable, scalable, and effectively supporting detection engineering, automation, and incident response functions across the SOC.

Key Responsibilities Configure, maintain, and optimise SIEM and SOAR platforms, specifically Splunk ES and Splunk SOAR Design and implement integrations between SIEM/SOAR and wider security tooling (EDR, vulnerability management, IAM, etc.) Develop, enhance, and maintain SOAR playbooks to automate investigation and response workflows Support onboarding of log sources into SIEM, ensuring accurate parsing and normalisation Optimise search performance, data pipelines, and platform efficiency Troubleshoot issues across SIEM/SOAR environments (data ingestion, alerting, integrations, automation workflows) Collaborate with Detection Engineers to operationalise detection use cases Implement enrichment workflows incorporating threat intelligence, asset context, and identity data Support incident response through effective automation and data availability Maintain clear and comprehensive documentation for configurations, integrations, and playbooks

Required Skills & Experience Minimum 3+ years of commercial experience in SOC, SIEM, SOAR, or security engineering roles Strong hands-on experience with Splunk (essential) Solid understanding of SIEM architecture and log management principles Experience building integrations using APIs and scripting languages (e.g. Python, PowerShell) Knowledge of automation and orchestration within security operations Familiarity with security tooling such as EDR, IAM, and network security solutions Strong troubleshooting and analytical problem-solving capabilities

Desirable Qualifications Bachelor’s degree in Cyber Security, IT, or a related discipline (or equivalent experience) Splunk Enterprise Certified Admin Splunk SOAR Automation Developer certification Additional relevant vendor certifications in SIEM/SOAR or security tooling

If you are a hands-on SOC Engineer with deep Splunk expertise and a passion for building scalable, automated security operations, apply today.