Senior Security Consultant | £75k-£85k Total Compensation | MSP
Our client is seeking a Senior Security Engineering Consultant to join a high-performing Security Operations team, delivering hands-on engineering and advisory services across SOC tooling, automation, and detection engineering.
This is a practical, technically deep role focused on helping customers modernise and automate their SOC capabilities — from SIEM and SOAR implementation through to vulnerability management, exposure management, and cloud security health assessments.
What You’ll Be Doing:
Deliver
* Lead Professional Services engagements across SOAR, SIEM, XDR, vulnerability and exposure management platforms
* Conduct Azure and cloud security health checks and configuration reviews
* Design and build SOAR playbooks, integrations, and automation frameworks
* Develop custom log parsers, normalisation logic, and correlation rules
* Deploy and optimise SIEM and XDR platforms in customer environments
* Build and tune vulnerability management workflows (e.g., Rapid7, Tenable, Qualys)
* Conduct CTEM-style exposure assessments (e.g., Cymulate, XM Cyber)
* Produce high-quality technical documentation and customer deliverables
Collaborate
* Work closely with internal SOC Engineering teams to share improvements and align best practice
* Support onboarding and escalations for customer environments
* Contribute to roadmap planning, design workshops, and internal innovation projects
* Mentor engineers and analysts within the wider team
Improve
* Identify automation opportunities across tooling and processes
* Develop reusable playbooks, connectors, and integration frameworks
* Enhance delivery templates, labs, and testing environments
Experience Required:
Essential Experience
* Minimum 1 year in a SOC environment or 3+ years in infrastructure/networking with strong security exposure
* Experience triaging and investigating security alerts
* Strong understanding of attacker behaviours, TTPs, and malware execution chains
* Ability to identify indicators of compromise (suspicious processes, logons, network connections, file changes)
* Hands-on experience with at least one major SIEM, EDR, or XDR platform
* Familiarity with Windows event logs, authentication logs, and process analysis
* Understanding of DNS, HTTP, SMB, LDAP
* Operational knowledge of Windows, macOS, and Linux
* Ability to interpret logs across multiple sources
* Awareness of MITRE ATT&CK
* Experience using ticketing platforms (ServiceNow, JIRA, Salesforce, etc.)
Desirable
* Experience with Microsoft Sentinel, Google SecOps, or similar SIEM platforms
* Experience with Defender, CrowdStrike, SentinelOne, or other XDR solutions
* Ability to query using KQL, CQL, S1QL, XQL, or similar
* Exposure to threat intelligence workflows
* Scripting or coding capability (advantageous but not essential)
* Strong Azure and cloud security experience (highly desirable)
Please apply now for immediate consideration!