Security (SOC) Engineer

Security (SOC) Engineer Manchester/Remote (On site once a month) £35K- £55K (depending on experience) + Great Benefits A SOC Engineer is required for our medical client who are based in Manchester. The successful candidate will be responsible for delivering hands-on technical expertise to support in defending the organisation\’s systems from attack whilst ensuring they operate seamlessly and are secure, enabling the team to deliver effective cybersecurity. You will work within the Security Operations Centre (SOC), supporting the engineering lead in configuring, implementing, and maintaining the tools that support all SOC functions. You will assess, implement, configure, and optimise our technical security controls, tools, and data feeds to maintain and continuously improve the visibility across our environments. You will also lead initiatives to improve the security posture and respond to incidents, problems and change requests from a security operations perspective. Essential skills- Practical experience working within a SOC (Security Operations Centre) or in a cyber security focused role – Ideally 1- 2 years working as an engineer. Knowledge of security tools and technologies (e.g., SIEM, IDS/IPS, EDR/XDR, Email protection, DLP, SOAR, Cloud Security etc.) Knowledge of Cyber Security domains (e.g., Identity and access Management, Network Security, Incident Response etc)Desirable skills Ideally you will come from an Infrastructure engineering background. Relevant industry qualifications and certifications (CompTIA Security+, CEH, GCIH, GCIA CISSP etc) Experience with Microsoft O365 Security solutions and network security operations. Knowledge of Security best practices and regulatory compliance frameworks (e.g., NIST, ISO27001, PCI-DSS etc) Knowledge of the following security products are ideal: ▪ SEIM (Rapid7 IDR, MS Sentinel, SPLUNK) ▪ SOAR (Rapid7 ICON, MS Sentinel) ▪ Endpoint Detection and Response (Microsoft Defender) ▪ Email Security (Proofpoint, Mimecast) ▪ Vulnerability Management (Rapid7 IVM, Nessus, Tenable) Proficiency with scripting and automation (e.g., Powershell, Python) Understanding of Zero-Trust Architecture within a hybrid cloud environment. Working knowledge of cyber threat actors, TTPs (Tactics, Techniques, and Procedures), and IOCs (Indicators of Compromise). Knowledge of security auditing and security incident response processes