Enable job alerts via email!
SOC Engineer - SC Cleared - Inside IR35
JR United Kingdom
London
On-site
GBP 60,000 - 90,000
Full time
Boost your interview chances
Create a job specific, tailored resume for higher success rate.
Job summary
A leading company is seeking a skilled SOC Engineer to support the design and optimization of a security operations capability in a critical public sector environment. The role involves hands-on engineering work, deploying Microsoft technologies, and collaborating with cross-functional teams to maintain security operations and enhance detection capabilities.
Qualifications
- Experience configuring Microsoft Security Stack solutions.
- Proficiency in KQL for developing detection logic.
- Hands-on experience with security operations in public sector environments.
Responsibilities
- Engineer and maintain security tooling like Microsoft Sentinel and Defender.
- Develop detection logic and implement SOAR playbooks.
- Collaborate with teams to enhance telemetry quality.
Skills
Job description
Social network you want to login/join with:
col-narrow-left
SR2 | Socially Responsible Recruitment | Certified B Corporation
london, United Kingdom
Other
-
Yes
col-narrow-right
4
10.06.2025
25.07.2025
col-wide
A skilled SOC Engineer is required to support the design, configuration, and optimisation of a mature security operations capability within a critical public sector environment. The successful candidate will be responsible for the deployment, tuning, and continual improvement of advanced detection and response tooling, with a focus on the Microsoft Security Stack and Azure-native technologies.
This is a hands-on engineering role with cross-functional engagement across detection teams, infrastructure, and threat response.
Key Responsibilities- Engineer and maintain security tooling, including:
- Microsoft Sentinel – connector management, rule tuning, data enrichment
- Microsoft Defender solutions (Endpoint, Identity, Cloud Apps)
- Develop and refine detection logic using KQL, and implement SOAR playbooks via Logic Apps.
- Integrate data sources from hybrid environments (cloud/on-premise) into the SIEM.
- Optimise alert fidelity and reduce false positives through rule refinement and log tuning.
- Support the SOC function by identifying and addressing detection gaps.
- Collaborate with infrastructure and operations teams to ensure telemetry quality and visibility.
- Contribute to engineering playbooks, architectural documentation, and automation pipelines.
- Support threat hunting, red/blue team simulation readiness, and post-incident forensic analysis.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
Similar jobs
job faster
