Job Description
We are looking for an experienced and highly organised Senior Cyber Security Engineer for a local government client. This position provides an opportunity to contribute to public safety and community resilience. The ideal candidate will be a technical expert in CrowdStrike for endpoint protection and Splunk for security telemetry, capable of transforming raw data into actionable intelligence.
Key Responsibilities
Endpoint Strategy: Lead the deployment, policy configuration, and maintenance of the CrowdStrike Falcon platform, playing a crucial role in strengthening our security posture.
SIEM Mastery: Collaborate with our SOC partner to design and optimise Splunk dashboards, alerts, and data models to identify sophisticated threats.
Incident Response: Act as a technical escalation point for high-priority security incidents, utilising EDR and SIEM tools to enable rapid containment.
Automation: Develop Security Orchestration, Automation, and Response (SOAR) workflows to minimise manual intervention and enhance response times.
Threat Hunting: Proactively search for undetected malicious activity using specialised queries.
Training: Enhance the CrowdStrike, Splunk, and security analysis skills of the existing team, providing opportunities for professional development and leadership.
Qualifications – Essential and Desired Cyber Security
Foundational Certifications: CompTIA Security+, Network+, CYSA+, GSEC
Advanced Certifications: CISSP, GCIH, GCIA, CCSP
CrowdStrike Certifications: Ideally, possess 2 or more of the following:
CCFA (CrowdStrike Certified Falcon Administrator)
CCFR (CrowdStrike Certified Falcon Responder)
CCSE (CrowdStrike Certified SIEM Engineer)
Splunk Certification: Splunk Certified Cybersecurity Defence Engineer (Mandatory)
Criteria for Shortlisting - Ideal Candidate Profile:
Experience: 5+ years in a dedicated Cyber Security Engineering or SOC Tier 3 role.
CrowdStrike Expertise: Solid hands-on experience with Falcon Prevent, Insight, and Discover. Certification (CCFA/CCFR) is a significant advantage.
Splunk Proficiency: Skilled in writing complex Search Processing Language (SPL) queries and managing Splunk Enterprise Security (ES).
Technical Knowledge: Strong Understanding of network protocols, cloud security (AWS/Azure), and the MITRE ATT&CK framework.
Vulnerability Assessment: 2+ years of experience using vulnerability assessment tools is a bonus.
Penetration Testing Experience: Familiarity with penetration testing and web application testing.
Compliance Requirements
Willingness to participate in the mandatory Right to Work Checks as part of the pre-screening application process.
Diamond Blaque Group, a leading public-sector provider, acts as the employment business for this vacancy. We are committed to fostering an inclusive environment that values diversity and equal opportunity in the workplace
:quality(80))
:quality(80))
:quality(80))