Our client, a specialist cybersecurity organisation focused on helping clients strengthen their security operations, protect critical infrastructure, and who deliver practical, high-impact solutions that improve resilience across IT, OT, and cloud environments are seeking a Senior Security Engineering Consultant.This is a hands‑on Senior Security Engineering Consultant role within Security Operations, focused on enhancing and automating customers’ SOC capabilities across SIEM, SOAR, vulnerability management, and exposure management platforms. Working closely with the internal SOC Engineering team, you will deliver short to mid‑term customer engagements including Azure health checks, SIEM integrations, parser and ruleset development, automation builds, and security optimisation projects.This position suits an experienced SOC or Security Engineer who enjoys working across multiple environments and technologies, and who is comfortable engaging directly with customers as a trusted technical consultant. We are particularly interested in speaking to individuals with Azure and Cloud based skillsets.Required skills:Minimum 1 year in a Security Operations Centre (SOC), orMinimum 3 years in infrastructure or networking roles with demonstrable security exposure.Experience triaging and investigating security alerts.Understanding of attacker behaviours, TTPs, and common malware execution chains (e.g., phishing leading to script or binary execution).Ability to recognise indicators of compromise such as unusual processes, network connections, irregular logon activity or file changes.Hands‑on experience with at least one major security platform (SIEM, EDR or XDR).Familiarity with ticketing tools such as ServiceNow, Salesforce, or JIRA.Familiarity with Windows event logs, authentication logs, basic process trees, and command-line tools(Windows & Unix‑like systems).Understanding of core network protocols: DNS, HTTP, SMB, LDAP.Operational knowledge of Windows, macOS and Linux.Ability to read and interpret logs from multiple sources.Awareness of MITRE ATT&CK and differentiating legitimate admin activity vs suspicious behaviour.Experience with Microsoft Sentinel, Google SecOps or other SIEM platforms.Experience with Defender, CrowdStrike, SentinelOne or other XDR solutions.Ability to query in KQL, CQL, S1QL, XQL or similar languages.Awareness of threat intelligence concepts and application to investigations.Awareness of coding or scripting, with proficiency in at least one language preferred (but not required).Job SpecificsLocation: This role is home‑based with occasional visits to the office in Basingstoke and so the successful applicant will need to live within an hour’s commute.Security clearance: Eligibility for SC clearance #J-18808-Ljbffr