SOC Engineer – Remote (UK)
Salary: £60,000
A leading security services provider is looking for a Senior SOC Engineer to help shape the future of a modern, engineering‐driven Security Operations Centre. This is an exciting opportunity to influence technical direction, work with cutting‐edge tooling, and contribute to a culture that values deep technical capability, innovation, and continuous improvement.
About the Role
As a Senior SOC Engineer, you will take ownership of designing, deploying, and enhancing the technologies that underpin the SOC, including SIEM, XDR, SOAR, automation, and scripting. You will build custom integrations, develop workflows, and drive engineering excellence across detection and response capabilities.
You'll collaborate with SOC Operations on customer onboarding, deliver secure and efficient deployments, and work hands‐on with dedicated lab environments that support malware analysis, detection testing, and threat intelligence development.
This role suits someone who enjoys autonomy, technical leadership, and solving complex security challenges, while contributing to a high‐performing, growth‐focused team.
Key Responsibilities
Build
* Mentor and support SOC engineers and analysts in developing their technical skills.
* Develop automation across SOC workflows to improve response speed and consistency.
* Create and maintain log parsing and data normalisation for diverse data sources.
* Architect and implement SIEM and XDR environments for internal and customer use.
* Deploy and enhance SOC technologies including SIEM, XDR, SOAR, vulnerability management, and custom automation scripts.
Investigate
* Act as a senior escalation point for complex engineering issues across internal and managed environments.
* Maintain internal documentation, wikis, and deployment guides to drive consistency and quality.
Improve
* Collaborate on the SOC engineering maturity roadmap with senior leadership.
* Identify opportunities for automation and process improvements across tools and customer estates.
* Apply lessons learned from incidents, threat intel, and emerging attack techniques to enhance engineering output.
Required Skills & Experience
Technical Expertise
* Expert SOAR experience, including custom automation and integrations (e.g., XSOAR, Logic Apps, Siemplify).
* Strong cloud experience (Azure, AWS, or GCP) with at least one scripting language (Python or Go).
* Expert SIEM architecture & deployment knowledge (Sentinel, Google SecOps, XSIAM, etc.).
* Expert EDR/XDR experience, including configuration and maintenance (CrowdStrike, Defender, SentinelOne, etc.).
* Intermediate vulnerability management knowledge (Rapid7, Tenable).
* Intermediate threat intelligence ingestion and parsing (STIX/TAXII).
Additional Requirements
* 3–5 years' experience in a SOC environment as a security engineer.
* Proven experience in SOC automation, log source parsing, and security tool configuration.
* Strong communication skills and ability to work effectively with customers and internal teams.
* Eligible for SC/DV clearance.
* A proactive problem‐solver who can work independently and as part of a team.
You must have full right to work in the UK for this role and No sponsorship is offered for this role.