Security Operations Consultant

Capgemini’s Global Cybersecurity Practice delivers secure solutions across IT and OT environments, from networks to cloud services and everything in between.

We work across all sectors, including government and secure industries, offering strategic consulting, architecture design, implementation, and managed services such as those delivered by our global network of Security Operations Centres (SOC).

Hybrid working: The places that you work from day to day will vary according to your role, your needs, and those of the business; it will be a blend of company offices, client sites, and your home; noting that you will be unable to work at home 100% of the time.

As a Security Operations Consultant, you’ll collaborate with clients and colleagues to deliver security-focused activities across one or more of the following areas:

• Design, configure, and optimise SOC tooling including SIEM, SOAR, NDR, EDR/XDR and Vulnerability Management platforms.
• Define and implement firewall monitoring and alerting integrations.
• Develop and document detection use cases, response workflows, playbooks, handover documentation, operational guides for the run team.
• Integrate log sources, network devices, and security controls into monitoring platforms.
• Conduct threat modelling and hunting exercises to validate detection coverage and collaborate with infrastructure, network, and application teams to ensure visibility and coverage.
• Provide expert consultancy on operational security best practices and tooling alignment with business requirements.

We welcome applicants from all backgrounds and experiences. You may have experience in one or more of the following areas:

• Proven experience in SOC operations or engineering, with a focus on tooling enablement and process readiness.
• Strong hands‑on experience with SIEM/SOAR tools (e.g., Splunk, Microsoft Sentinel, QRadar).
• Deep understanding of firewall technologies and security event monitoring integration.
• Familiarity with EDR/XDR and log source onboarding.
• Knowledge of MITRE ATT&CK, detection engineering, and threat hunting methodologies.
• Excellent documentation and stakeholder communication skills.

Capgemini is proud to be a Disability Confident Employer (Level 2). As part of our commitment to inclusive recruitment, we will offer an interview to all candidates who declare they have a disability and meet the minimum essential criteria for the role. Please opt in during the application process.

To be successfully appointed to this role, it is a requirement to obtain Security Check (SC) clearance. To obtain SC clearance, the successful applicant must have resided continuously within the United Kingdom for the last five years, along with other criteria and requirements.

Identity, nationality (single or dual) or immigration status, employment history going back three continuous years, and unspent criminal record check (known as Disclosure and Barring Service).