Acumen Cyber is a 24/7 Security Operations Centre (SOC) that keeps modern businesses safe from ever-evolving cyber threats. Working shoulder-to-shoulder with world-class technology partners - including Elastic, Recorded Future, SentinelOne and CrowdStrike - we design, build and run security programmes that let our clients focus on what matters most: growing their business with confidence.
What you’ll do
As a SOC Engineer you’ll be on the front line of threat detection and response. Your day-to-day will include:
* Continuously monitoring SIEM and other security tooling to identify suspicious activity in real time.
* Triaging, analysing and responding to alerts from multiple sources (e.g. SentinelOne EDR, CrowdStrike Falcon, network IDS/IPS).
* Leveraging threat-intel feeds (Recorded Future, public CERT advisories, dark-web monitoring) to enrich investigations and improve detection logic.
* Leading end-to-end incident response: containment, eradication, root-cause analysis, lessons learned and reporting.
* Developing and fine-tuning detection rules, playbooks and automation scripts in Elastic, SOAR and EDR platforms.
* Collaborating closely with customers, partners and internal engineering teams to harden environments, close control gaps and share best practices.
* Proactively hunt for threats using log data, endpoint telemetry and threat-intelligence.
* Staying ahead of the curve - researching new tactics, techniques and procedures (TTPs) and feeding them back into our SOC strategy.
What you'll bring
* Hands-on skill with at least one SIEM (Elastic preferred; Splunk, Sentinel etc. are also welcome).
* Practical exposure to EDR platforms - ideally SentinelOne, CrowdStrike, or Defender for Endpoint.
* Solid grasp of TCP/IP, common protocols and core security controls (firewalls, IDS/IPS, NAC, VPN).
* Incident investigation know-how: containment, eradication, root-cause analysis and reporting.
* Sharp analytical mindset and clear communication - able to brief both technical and non-technical audiences.
* Right to work in the UK and ability to pass BPSS / SC vetting.
* Certifications such as GCIH, GCIA, GCFA, OSCP or Elastic Certified Analyst.
* Experience crafting Kibana visualisations and tuning Elastic detection rules.
* Familiarity with SOAR platforms plus scripting (Python, PowerShell) for automation.
* Knowledge of cloud-native security controls (AWS Security Hub, Azure Sentinel, Google Chronicle).
* MITRE ATT&CK mapping, purple-team or threat-hunting exercises.
* Prior work in a 24 × 7 SOC with formal shift hand-offs.
* Impact from day one – You’ll help shape the detection & response capabilities that protect hundreds of thousands of endpoints and critical workloads.
* Cutting-edge tech stack – Direct access to Elastic, Recorded Future, SentinelOne, CrowdStrike and other market-leading tools.
* Continuous growth – Paid training budget, certification support and dedicated research time so you can stay one step ahead of attackers.
* People-first culture – Small, highly skilled teams, zero red-tape and leadership that actually listens.
* Competitive package – Salary dependent on experience, on-call allowance, generous holiday and other benefits.
Logistics
* Location: Glasgow HQ.
* Hours: Full-time, 37.5 hrs / week. SOC operates 24 × 7; shift rotation and on-call premiums apply.
* Eligibility: You must have the right to work in the UK and be able to pass BPSS and/or SC vetting.
Ready to defend the future?
Click “Apply” on our LinkedIn job listing, attach your CV, and include a brief note about your proudest incident-response win. We review applications on a rolling basis and aim to get back to every candidate within five business days.
Seniority level
* Seniority level
Entry level
Employment type
* Employment type
Full-time
Job function
* Job function
Engineering and Information Technology
* Industries
Computer and Network Security
Referrals increase your chances of interviewing at Acumen Cyber by 2x
Get notified about new Engineer jobs in Glasgow, Scotland, United Kingdom.
Airdrie, Scotland, United Kingdom 3 weeks ago
Glasgow, Scotland, United Kingdom 5 days ago
Clinical Engineer - Associate Practitioner Clinical Technologist
Glasgow, Scotland, United Kingdom 5 days ago
Glasgow, Scotland, United Kingdom 2 weeks ago
Glasgow, Scotland, United Kingdom 3 weeks ago
Glasgow, Scotland, United Kingdom 7 months ago
Glasgow, Scotland, United Kingdom 1 week ago
Clinical Engineer – Practitioner Clinical Technologist – Renal Dialysis
Glasgow, Scotland, United Kingdom 5 days ago
Glasgow, Scotland, United Kingdom 3 weeks ago
Glasgow, Scotland, United Kingdom 1 week ago
Greenock, Scotland, United Kingdom 1 month ago
Glasgow, Scotland, United Kingdom 1 week ago
Clinical Engineer – Practitioner Clinical Technologist – Renal Dialysis
Glasgow, Scotland, United Kingdom 6 days ago
Glasgow, Scotland, United Kingdom 6 days ago
Glasgow, Scotland, United Kingdom 6 days ago
Renfrew, Scotland, United Kingdom 1 week ago
Renfrew, Scotland, United Kingdom 1 month ago
Glasgow, Scotland, United Kingdom 2 weeks ago
Bellshill, Scotland, United Kingdom 2 weeks ago
Glasgow, Scotland, United Kingdom 1 month ago
Stirling, Scotland, United Kingdom 3 weeks ago
Irvine, Scotland, United Kingdom 3 weeks ago
Glasgow, Scotland, United Kingdom 3 weeks ago
Industrial Process Engineer - New Product Introduction
Glasgow, Scotland, United Kingdom 2 weeks ago
Glasgow, Scotland, United Kingdom 1 week ago
Glasgow, Scotland, United Kingdom 1 month ago
Glasgow, Scotland, United Kingdom 1 day ago
Glasgow, Scotland, United Kingdom 2 days ago
Glasgow, Scotland, United Kingdom 5 hours ago
Glasgow, Scotland, United Kingdom 1 week ago
Irvine, Scotland, United Kingdom 2 weeks ago
Glasgow, Scotland, United Kingdom 2 weeks ago
Glasgow, Scotland, United Kingdom 2 weeks ago
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr