Job Description 

We are looking for an experienced and highly organised Senior Cyber Security Engineer for a local government client. This position provides an opportunity to contribute to public safety and community resilience. The ideal candidate will be a technical expert in CrowdStrike for endpoint protection and Splunk for security telemetry, capable of transforming raw data into actionable intelligence.

Key Responsibilities 

• Endpoint Strategy: Lead the deployment, policy configuration, and maintenance of the CrowdStrike Falcon platform, playing a crucial role in strengthening our security posture. 
• SIEM Mastery: Collaborate with our SOC partner to design and optimise Splunk dashboards, alerts, and data models to identify sophisticated threats. 
• Incident Response: Act as a technical escalation point for high-priority security incidents, utilising EDR and SIEM tools to enable rapid containment. 
• Automation: Develop Security Orchestration, Automation, and Response (SOAR) workflows to minimise manual intervention and enhance response times. 
• Threat Hunting: Proactively search for undetected malicious activity using specialised queries. 
• Training: Enhance the CrowdStrike, Splunk, and security analysis skills of the existing team, providing opportunities for professional development and leadership.

Qualifications – Essential and Desired Cyber Security 

• Foundational Certifications: CompTIA Security+, Network+, CYSA+, GSEC 
• Advanced Certifications: CISSP, GCIH, GCIA, CCSP 
• CrowdStrike Certifications: Ideally, possess 2 or more of the following: 
• CCFA (CrowdStrike Certified Falcon Administrator) 
• CCFR (CrowdStrike Certified Falcon Responder) 
• CCSE (CrowdStrike Certified SIEM Engineer) 
• Splunk Certification: Splunk Certified Cybersecurity Defence Engineer (Mandatory)

Criteria for Shortlisting - Ideal Candidate Profile: 

• Experience: 5+ years in a dedicated Cyber Security Engineering or SOC Tier 3 role. 
• CrowdStrike Expertise: Solid hands-on experience with Falcon Prevent, Insight, and Discover. Certification (CCFA/CCFR) is a significant advantage. 
• Splunk Proficiency: Skilled in writing complex Search Processing Language (SPL) queries and managing Splunk Enterprise Security (ES). 
• Technical Knowledge: Strong Understanding of network protocols, cloud security (AWS/Azure), and the MITRE ATT&CK framework. 
• Vulnerability Assessment: 2+ years of experience using vulnerability assessment tools is a bonus. 
• Penetration Testing Experience: Familiarity with penetration testing and web application testing.

Compliance Requirements 

Willingness to participate in the mandatory Right to Work Checks as part of the pre-screening application process.

Diamond Blaque Group, a leading public-sector provider, acts as the employment business for this vacancy. We are committed to fostering an inclusive environment that values diversity and equal opportunity in the workplace.