Opportunity awaits...
Senior Security Engineering Consultant (fully remote)
JABA108
- £75,000 to £85,000pa
- London, London, United Kingdom
- Permanent
Senior Security Consultant | £75k-£85k Total Compensation | MSP
Our client is seeking a Senior Security Engineering Consultant to join a high-performing Security Operations team, delivering hands-on engineering and advisory services across SOC tooling, automation, and detection engineering.
This is a practical, technically deep role focused on helping customers modernise and automate their SOC capabilities — from SIEM and SOAR implementation through to vulnerability management, exposure management, and cloud security health assessments.
What You’ll Be Doing:
Deliver
Lead Professional Services engagements across SOAR, SIEM, XDR, vulnerability and exposure management platforms
Conduct Azure and cloud security health checks and configuration reviews
Design and build SOAR playbooks, integrations, and automation frameworks
Develop custom log parsers, normalisation logic, and correlation rules
Deploy and optimise SIEM and XDR platforms in customer environments
Build and tune vulnerability management workflows (e.g., Rapid7, Tenable, Qualys)
Conduct CTEM-style exposure assessments (e.g., Cymulate, XM Cyber)
Produce high-quality technical documentation and customer deliverables
Collaborate
Work closely with internal SOC Engineering teams to share improvements and align best practices
Support onboarding and escalations for customer environments
Contribute to roadmap planning, design workshops, and internal innovation projects
Mentor engineers and analysts within the wider team
Improve
Identify automation opportunities across tooling and processes
Develop reusable playbooks, connectors, and integration frameworks
Enhance delivery templates, labs, and testing environments
Experience Required:
Essential
Minimum 1 year in a SOC environment or 3+ years in infrastructure/networking with strong security exposure
Experience triaging and investigating security alerts
Strong understanding of attacker behaviours, TTPs, and malware execution chains
Ability to identify indicators of compromise (suspicious processes, logons, network connections, file changes)
Hands-on experience with at least one major SIEM, EDR, or XDR platform
Familiarity with Windows event logs, authentication logs, and process analysis
Understanding of DNS, HTTP, SMB, LDAP
Operational knowledge of Windows, macOS, and Linux
Ability to interpret logs across multiple sources
Awareness of MITRE ATT&CK
Experience using ticketing platforms (ServiceNow, JIRA, Salesforce, etc.)
Desirable
Experience with Microsoft Sentinel, Google SecOps, or similar SIEM platforms
Experience with Defender, CrowdStrike, SentinelOne, or other XDR solutions
Ability to query using KQL, CQL, S1QL, XQL, or similar
Exposure to threat intelligence workflows
Scripting or coding capability (advantageous but not essential)
Strong Azure and cloud security experience (highly desirable)
Our client is seeking a Senior Security Engineering Consultant to join a high-performing Security Operations team, delivering hands-on engineering and advisory services across SOC tooling, automation, and detection engineering.
This is a practical, technically deep role focused on helping customers modernise and automate their SOC capabilities — from SIEM and SOAR implementation through to vulnerability management, exposure management, and cloud security health assessments.
What You’ll Be Doing:
Deliver
Lead Professional Services engagements across SOAR, SIEM, XDR, vulnerability and exposure management platforms
Conduct Azure and cloud security health checks and configuration reviews
Design and build SOAR playbooks, integrations, and automation frameworks
Develop custom log parsers, normalisation logic, and correlation rules
Deploy and optimise SIEM and XDR platforms in customer environments
Build and tune vulnerability management workflows (e.g., Rapid7, Tenable, Qualys)
Conduct CTEM-style exposure assessments (e.g., Cymulate, XM Cyber)
Produce high-quality technical documentation and customer deliverables
Collaborate
Work closely with internal SOC Engineering teams to share improvements and align best practices
Support onboarding and escalations for customer environments
Contribute to roadmap planning, design workshops, and internal innovation projects
Mentor engineers and analysts within the wider team
Improve
Identify automation opportunities across tooling and processes
Develop reusable playbooks, connectors, and integration frameworks
Enhance delivery templates, labs, and testing environments
Experience Required:
Essential
Minimum 1 year in a SOC environment or 3+ years in infrastructure/networking with strong security exposure
Experience triaging and investigating security alerts
Strong understanding of attacker behaviours, TTPs, and malware execution chains
Ability to identify indicators of compromise (suspicious processes, logons, network connections, file changes)
Hands-on experience with at least one major SIEM, EDR, or XDR platform
Familiarity with Windows event logs, authentication logs, and process analysis
Understanding of DNS, HTTP, SMB, LDAP
Operational knowledge of Windows, macOS, and Linux
Ability to interpret logs across multiple sources
Awareness of MITRE ATT&CK
Experience using ticketing platforms (ServiceNow, JIRA, Salesforce, etc.)
Desirable
Experience with Microsoft Sentinel, Google SecOps, or similar SIEM platforms
Experience with Defender, CrowdStrike, SentinelOne, or other XDR solutions
Ability to query using KQL, CQL, S1QL, XQL, or similar
Exposure to threat intelligence workflows
Scripting or coding capability (advantageous but not essential)
Strong Azure and cloud security experience (highly desirable)
Jack Brameld
Consultant - Network & Server Infrastructure
