Connect2Hackney, the internal talent team for the London Borough of Hackney, are looking for a high-level Senior Cyber Security Engineer to join our team during a pivotal phase of our security evolution.

With the strategic deployment of our new outsourced Security Operations Center (SOC) from NCC Group, we need a technical expert to bridge the gap between our raw security data and actionable intelligence. You will be the technical lead responsible for managing, integrating, and optimizing our SOC capabilities while mentoring and training our existing team to elevate their technical skill sets.

Key Responsibilities

• Endpoint Strategy: Lead the deployment, policy configuration, and maintenance of our CrowdStrike Falcon platform.
• SIEM Mastery: Collaborate with our SOC partner to architect and optimize Splunk dashboards, alerts, and data models.
• Incident Response: Act as the technical escalation point for high-priority incidents, utilizing EDR and SIEM tools for rapid containment.
• Automation & Hunting: Develop SOAR workflows to improve response times and proactively hunt for undetected malicious activity.
• Upskilling: Directly train the existing team in CrowdStrike, Splunk, and advanced security analysis.

Your Profile

We are seeking a candidate who brings at least 5+ years of experience in a dedicated Cyber Security Engineering or SOC Tier 3 role.

Technical Requirements:

• CrowdStrike Expertise: Deep hands-on experience with Falcon Prevent, Insight, and Discover.
• Splunk Power User: Proficiency in writing complex Search Processing Language (SPL) and managing Splunk Enterprise Security (ES).
• Technical Breadth: Strong understanding of network protocols, cloud security (AWS/Azure), and the MITRE ATT&CK framework.
• Additional Skills: Experience with Vulnerability Assessment (VA) tools, Penetration Testing, and Web Application Testing is a significant bonus.

Desired Qualifications:

• Mandatory: Splunk Certified Cybersecurity Defense Engineer.
• CrowdStrike: Ideally 2 or more certifications from CCFA, CCFR, or CCSE.
• General: Advanced certifications such as CISSP, GCIH, GCIA, or CCSP are highly valued.

Why Join LBH?

This is a critical role that goes beyond daily operations; you will be instrumental in maturing our SOC service and ensuring our investment in NCC Group, Splunk, and CrowdStrike is fully realized. If you are a technical expert capable of turning raw data into defense, we want to hear from you.