The Junior SOC Engineer supports the operation, maintenance, and improvement of SOC detection and response capabilities under the guidance of senior SOC engineers. The role focuses on developing foundational engineering skills across SIEM management, detection use cases, playbooks, and incident support.
Key Responsibilities
* Assist with the deployment, configuration, and ongoing maintenance of SIEM platforms and data feeds.
* Support onboarding, parsing, and normalisation of log sources across on‑premises and cloud environments.
* Contribute to the creation, tuning, and maintenance of SIEM detection rules and correlation searches.
* Perform basic health checks and troubleshooting of SIEM data ingestion issues.
* Assist senior engineers and analysts during investigations and incident response activities.
* Support continuous improvement of detections based on incident findings and threat intelligence.
* Support integration of playbooks with SOAR platforms.
* Help update and refine playbooks based on lessons learned and feedback from incidents.
Threat Modelling & Use Case Development
* Participate in threat modelling activities using frameworks such as MITRE ATT&CK and STRIDE.
* Assist in translating threat models and attack techniques into SIEM detection use cases.
Reporting, Documentation & Collaboration
* Assist in building SOC dashboards and reports covering alert trends, incidents, and security posture.
* Maintain documentation for SIEM configurations, detection logic, runbooks, and playbooks.
* Support preparation of operational and monthly service reports as required.
* Collaborate with SOC analysts, engineers, IT, and cloud teams to support secure configurations and logging coverage.
Technical Skills
* Hands‑on experience with SIEM platforms (querying, dashboards, alerts).
* Understanding of log formats, parsing, and data normalisation.
* Working knowledge of SIEM query languages such as SPL, KQL, or AQL.
* Basic scripting ability (Python and/or PowerShell) for automation and enrichment.
* Understanding of network traffic flows and the ability to recognise normal versus suspicious activity.
* Familiarity with vulnerability scanning and vulnerability management concepts.
* Foundational experience with SIEM technologies (e.g. Splunk/QRadar).
* Understanding of log data, alert workflows, and basic threat detection concepts.
* Awareness of common attack techniques and defensive frameworks (e.g. MITRE ATT&CK).
* Basic scripting or automation experience (Python, PowerShell – desirable).
* Good analytical skills and attention to detail.
* Clear written and verbal communication skills.
* Ability to follow defined processes and work effectively with minimal supervision.
Professional Skills
* Strong analytical and problem‑solving skills.
* Clear verbal and written communication in English.
* Ability to work effectively as part of a SOC team with minimal supervision.
* Willingness to participate in an on‑call rota as part of 24/7 SOC operations.
Education & Experience
* Experience in IT security, ideally within a SOC or NOC environment.
* Experience with ITSM tooling.
* Exposure to cloud platforms such as Microsoft Azure and/or AWS.
* Proficiency with Microsoft Office tools, particularly Excel and Word.
* Relevant certifications desirable (e.g. SC‑200, Splunk Certified Power User/Admin, GIAC, CISSP, QRadar, Chronicle).
Security Requirements
Must be eligible for, or already hold, UK SC Clearance. Willingness to participate in shift patterns and/or on‑call rotas where required. Ability to work in a secure environment and meet applicable clearance requirements.
Benefits
We offer a range of tailored benefits that support your physical, emotional, and financial well‑being. Our Learning and Development team ensures continuous growth and development opportunities for our people. Flexible work options are available.
Equal Opportunity and Accessibility
We are an equal‑opportunity employer. We believe in fair treatment of all employees and commit to promoting equity and diversity in our employment practices. We are also a proud Disability Confident Committed Employer, creating a diverse and inclusive workforce, guaranteeing an interview to applicants who declare a disability and meet the minimum requirements. If you require reasonable adjustments during the recruitment process, let us know.
#J-18808-Ljbffr