Role
* Serve as the technical lead on engagements focused on SOC tools architecture, deployment and integration.
* Design, implement and optimise tools such as SIEM, SOAR, EDR, NDR, threat intelligence platforms and case management systems.
* Lead client workshops to assess current-state SOC tooling and recommend improvements or transformation roadmaps.
* Oversee end-to-end delivery of security tools engineering projects, from requirements gathering through deployment and validation.
* Integrate SOC tooling with cloud platforms (AWS, Azure, GCP), log sources and other enterprise systems.
* Establish automation and orchestration pipelines to improve detection, response and remediation workflows.
Skills
* 8+ years in Cyber Security, with 5+ years in SOC or security engineering roles.
* Deep expertise in security technologies such as:
* SIEM: Splunk, Microsoft Sentinel, Exabeam, LogRhythm etc.
* SOAR: Palo Alto XSOAR, Splunk SOAR, IBM Resilient etc.
* EDR/NDR: CrowdStrike, SentinelOne, Darktrace, Vectra etc.
* Strong experience in scripting (e.g. Python, PowerShell) and automation/integration of SOC tools.
* Familiarity with MITRE ATT&CK, threat detection engineering and response workflows.
* Demonstrated client-facing experience in a consulting or pre-sales engineering capacity.
* Strong communication skills for both technical and executive-level audiences.