SOC Engineer

Our client is the global leader in e-mail security, is looking for talented and enthusiastic Senior SOC Engineer for our Security Operation Centre in central London. This role will be instrumental in helping to build and enhance our high performance 24x7 Security Operations Centre, as you will become a key part of our SOC-related experts, ensuring that the client remains an IT security centre of excellence!  Responsibilities You will be working on designing, building and deploying a unique and exciting SIEM solution , that will ensure the SOC has the best possible tooling to support the SOC and its clients. You will also work closely with other members of the SOC incident response team, to run investigations into the root cause of security events, escalating to the technical security, vulnerability and problem-management teams where necessary. You will work with various internal and external SOC-related stakeholders to make sure that the security posture is always being strengthened as we work to continually improve our security configurations, practices and processes. Requirements Above all else: A passion for real-world Information Security . You live and breathe IT security – you want to be the best. Without this you simply won’t fit in.
  •  Extensive experience (5+ years) in designing, deploying and extending enterprise-grade SIEM implementations. Ideally with LogRhythm however experience with others such as Splunk, AlienVault, ArcSight, QRadar will be considered.
  •  Extensive experience in designing / building / deploying high-volume data logging and analytics platforms that handle billions of records per day. Ideally with ELK on Linux.
  •  Deep understanding of security events & triggers, event correlation and alerting.
  •  Demonstrable experience of working in a high-performance SOC team in a multinational or cyber-security focused organization.
  •  Ability to write and understand complex regular expressions (PCRE).
  •  Experience with Red Blue team engagements.
  •  Excellent team-working skills, and a 'can do, let's get it done' attitude is crucial.
  •  A desire to keep learning, extending your skills and pushing the boundaries of your knowledge.
  Desirable: Syslog-ng, Bro and Fluentd experience. Speciality in one or more of the following Information Security domains:
  •  Cyber Intelligence Analysis, Threat Monitoring, Incident Response, Machine Learning & Artificial Intelligence, Malware Analysis, Computer Forensics, Endpoint Protection, Network Security, Infrastructure Security, Application Security, Platform Security, Identity & Access Management, Security Education & Awareness, Vulnerability Scanning & Management, and Compliance & Risk Management
  •  Familiarity with security standards such as ISO 27001, SOC2 or GPG 13
  •  Ability to write and understand scripts in languages such as Python, Ruby, Bash, etc
  •  Event Detection tools (e.g. FireEye, Palo Alto, Fortinet, Cyren, Sophos)
  •  Experience with ‘big-data’ platforms such including Hadoop, HDFS, Apache Spark etc.
  •  IDS/IPS (e.g. TippingPoint, Sourcefire, Snort, Suricata)
  •  Security related certifications, for example CISSP, GCIH, CEH, OSCP.
  •  An undergraduate or higher degree in computing or a related field
About The Client Our client are the global leader, in solutions for e-mail traffic and security management and it’s our mission, to make business email and data safer for more than 24,900 customers and millions of employees worldwide. Our cloud-based security, email archiving and email continuity services protect and deliver comprehensive low-risk email management with a fully-integrated subscription service. Our client helps reduces the complexity and cost of managing numerous point solutions traditionally used to protect email and its data.


We're here to help. Send us an email