Senior Cyber Security Engineer

Job Description  We are looking for an experienced and highly organised Senior Cyber Security Engineer for a local government client. This position provides an opportunity to contribute to public safety and community resilience. The ideal candidate will be a technical expert in CrowdStrike for endpoint protection and Splunk for security telemetry, capable of transforming raw data into actionable intelligence. Key Responsibilities  Endpoint Strategy: Lead the deployment, policy configuration, and maintenance of the CrowdStrike Falcon platform, playing a crucial role in strengthening our security posture.  SIEM Mastery: Collaborate with our SOC partner to design and optimise Splunk dashboards, alerts, and data models to identify sophisticated threats.  Incident Response: Act as a technical escalation point for high-priority security incidents, utilising EDR and SIEM tools to enable rapid containment.  Automation: Develop Security Orchestration, Automation, and Response (SOAR) workflows to minimise manual intervention and enhance response times.  Threat Hunting: Proactively search for undetected malicious activity using specialised queries.  Training: Enhance the CrowdStrike, Splunk, and security analysis skills of the existing team, providing opportunities for professional development and leadership. Qualifications – Essential and Desired Cyber Security  Foundational Certifications: CompTIA Security+, Network+, CYSA+, GSEC  Advanced Certifications: CISSP, GCIH, GCIA, CCSP  CrowdStrike Certifications: Ideally, possess 2 or more of the following:  CCFA (CrowdStrike Certified Falcon Administrator)  CCFR (CrowdStrike Certified Falcon Responder)  CCSE (CrowdStrike Certified SIEM Engineer)  Splunk Certification: Splunk Certified Cybersecurity Defence Engineer (Mandatory) Criteria for Shortlisting - Ideal Candidate Profile:  Experience: 5+ years in a dedicated Cyber Security Engineering or SOC Tier 3 role.  CrowdStrike Expertise: Solid hands-on experience with Falcon Prevent, Insight, and Discover. Certification (CCFA/CCFR) is a significant advantage.  Splunk Proficiency: Skilled in writing complex Search Processing Language (SPL) queries and managing Splunk Enterprise Security (ES).  Technical Knowledge: Strong Understanding of network protocols, cloud security (AWS/Azure), and the MITRE ATT&CK framework.  Vulnerability Assessment: 2+ years of experience using vulnerability assessment tools is a bonus.  Penetration Testing Experience: Familiarity with penetration testing and web application testing. Compliance Requirements  Willingness to participate in the mandatory Right to Work Checks as part of the pre-screening application process. Diamond Blaque Group, a leading public-sector provider, acts as the employment business for this vacancy. We are committed to fostering an inclusive environment that values diversity and equal opportunity in the workplace