Home
Explore roles
Explore companies
Log in
Sign up
Roles
Harvey Nash
Security Engineer - SIEM, KQL
Explore roles
Harvey Nash
Security Engineer - SIEM, KQL
£350/day - £400/day
London
Hybrid
RECENTLY POSTED
Graduate
Junior
Mid
Senior
Leader
Description

Security Engineer - SIEM, KQL- sought by investment bank based in London.

Inside IR35 - 3 days a week on-site Key Responsibilities

  • SIEM Management & Optimization:

  • Design, implement, and maintain Microsoft Sentinel workspaces, connectors, analytics rules, and playbooks

  • Develop advanced KQL queries for threat hunting and reporting

  • Optimize SIEM performance, cost, and data retention policies

  • Troubleshoot log ingestion and parsing issues

  • Log Source Integration:

  • Onboard and configure critical log sources (AD, firewalls, servers, cloud infrastructure)

  • Manage event collection and forwarding infrastructure

  • Implement data filtering and custom log parsing

  • Threat Detection & Use Case Development:

  • Develop and refine detection rules based on threat intelligence and attack patterns

  • Continuously improve detection efficacy and reduce false positives

  • Security Monitoring & Incident Response:

  • Monitor systems for anomalies and malicious activity

  • Contribute to threat hunting and incident response playbooks

  • Provide expert guidance on securing applications and infrastructure

  • Security Advisory & Innovation:

  • Support PoCs for new security tools

  • Help define and measure control effectiveness

  • Required Skills & Experience

    • Certifications: AZ-500, SC-200, SC-900, CompTIA Security+, CISSP, GCIA, GCIH, GCFA, CCSP
    • Experience with SOAR playbooks, YARA rules, STIX, and YAML
    • Participation in red/purple team exercises.
    • Please apply within for further details - Alex ReederHarvey Nash
    • 3+ years in a Security Engineer, SOC Analyst, or similar role
    • Hands-on experience with Microsoft Sentinel and KQL
    • Strong knowledge of Active Directory, Windows/Linux systems, and cloud platforms (Azure, AWS, GCP)
    • Proficiency in scripting (PowerShell, Python)
    • Familiarity with security frameworks (MITRE ATT&CK, NIST, Kill Chain)
    • Experience with EDR, DLP, Proxy, and SEG toolsDesirable Qualifications

  • Certifications: AZ-500, SC-200, SC-900, CompTIA Security+, CISSP, GCIA, GCIH, GCFA, CCSP

  • Experience with SOAR playbooks, YARA rules, STIX, and YAML

  • Participation in red/purple team exercises.

  • Please apply within for further details - Alex ReederHarvey Nash

To

From

Record

Yes No

Always use these settings

Role tech stack
Harvey Nash
Security Engineer - SIEM, KQL£350/day - £400/day
Share role
© 2026 HAYSTACK APP LTD
Privacy policy & Cookies
Terms
Feedback
Contact
Careers