Hackney Council | Contract | Inside IR35

Hackney Council is seeking an experienced Senior Cyber Security Engineer to join its security function on a contract basis. This role is ideal for a hands-on technical specialist with deep expertise in CrowdStrike and Splunk, capable of turning complex security telemetry into actionable intelligence and supporting enterprise-scale security operations.

The Role

As a Senior Cyber Security Engineer, you will act as a senior technical authority within the security team, working closely with internal stakeholders and an external SOC partner to strengthen endpoint security, detection, and response capabilities.

Key Responsibilities

* Endpoint Security Strategy: Lead the deployment, configuration, and ongoing management of the CrowdStrike Falcon platform.

* SIEM & Detection Engineering: Design, optimise, and maintain Splunk dashboards, alerts, and data models to detect advanced threats.

* Incident Response: Act as a technical escalation point for high-priority incidents, supporting containment and remediation using EDR and SIEM tools.

* SOAR & Automation: Develop and enhance security automation workflows to reduce manual effort and improve response times.

* Threat Hunting: Conduct proactive threat hunting using advanced queries and analytical techniques.

* Knowledge Transfer: Upskill internal teams across CrowdStrike, Splunk, and security analysis best practices.

Required Experience

* Minimum 5+ years' experience in a Cyber Security Engineering or SOC Tier 3 role.

* Strong hands-on expertise with CrowdStrike Falcon (Prevent, Insight, Discover).

* Advanced Splunk experience, including SPL and Splunk Enterprise Security (ES).

* Solid understanding of network protocols, cloud security (AWS/Azure), and the MITRE ATT&CK framework.

* Experience with vulnerability assessment tools (minimum 2 years desirable).

* Exposure to penetration testing and web application testing.

Qualifications & Certifications (Desirable)

Cyber Security Certifications

* Foundational: Security+, Network+, CySA+, GSEC

* Advanced: CISSP, GCIH, GCIA, CCSP

CrowdStrike Certifications (ideally 2 or more):

* CCFA - CrowdStrike Certified Falcon Administrator

* CCFR - CrowdStrike Certified Falcon Responder

* CCSE - CrowdStrike Certified SIEM Engineer

Splunk

* Splunk Certified Cybersecurity Defense Engineer (Mandatory)