Role
As a Security Delivery Engineer, you’ll be responsible for delivering, onboarding, and continuously improving security services across live customer environments. You’ll take ownership of engineering activity throughout the full service lifecycle, from customer onboarding and transition through to BAU improvement, service optimisation, and engineering‑led escalations. This is a hands‑on role where you’ll help ensure security platforms are implemented correctly, maintained to a high standard, and continually improved through continuous improvement activity. You’ll also support clean, effective handovers into SOC operations where required. Acting as the link between delivery, engineering, and live SOC operations, you’ll help make sure our security services are stable, scalable, and operationally effective for our customers.
Responsibilities
- BAU Security Engineering: Deliver core Security Engineering across live environments, ensuring security, stability, and performance; maintain and optimise detections, alerts, enrichment, and automation across SIEM, EDR/XDR, and cloud platforms; review vulnerabilities and security posture, providing prioritised remediation guidance; support SOC investigations with engineering expertise; create and maintain documentation, standards, and runbooks.
- Delivery & Onboarding Engineering: Lead engineering for onboarding, transitions, and service changes, ensuring consistent, secure delivery; deploy and configure SIEM, EDR/XDR, cloud security, logging, and integrations to agreed designs; tune detections, alerts, and automation to ensure production readiness; implement SOAR playbooks and automation for SOC operations.
- Engineering Escalations: Act as escalation point for complex or recurring service issues; investigate root causes of incidents, instability, and detection failures, implementing fixes; partner with SOC and Engineering Leads to reduce repeat escalations.
- Continuous Improvement (CI): Drive continuous improvements across live environments, onboarding, and platforms; identify enhancements to detection quality, automation, efficiency, and resilience; embed lessons learned into standards, templates, and service patterns; support the maturity and scalability of ANS security services.
- Service Readiness & Handover: Ensure structured handover to SOC, including docs, detections, runbooks, and escalation paths; validate monitoring, alerting, and response meet service levels pre‑BAU; provide early‑life support post‑onboarding or major changes.
- Customer Engagement: Engage customers during onboarding, changes, and escalations with clear technical guidance; collaborate with Architects, Engineering Leads, and Customer Success to align delivery; support sales opportunities.
Qualifications & Experience
- Strong experience with Linux, Windows, and virtualised environments.
- Hands‑on experience with Azure, Microsoft 365, and AWS security.
- Practical experience operating and improving SIEM and XDR platforms (e.g., Microsoft Sentinel, Defender, Carbon Black).
- Scripting and automation skills (PowerShell, Python, Bash).
- Strong understanding of incident response, alerting, logging, and engineering escalation workflows.
- Ability to balance BAU engineering, delivery work, and CI improvement.
- Network Defence.
- NIST CVSS Vulnerabilities and scoring system.
- OS‑specific log data.
- IPTables.
- Knowledge of secure development principles and OWASP top 10.
Soft Skills
- Clear and concise communication skills.
- Strong emotional intelligence.
- Willingness to develop with continual learning.
- Logical problem‑solving abilities.
- Accuracy and attention to detail.
- Good time‑management skills.
- Skilled in discussing complex security issues in understandable business terms.
- Proactive approach and work ethic.
- Customer‑facing skills.
Essential
- Candidate must be capable of achieving HMG Security Clearance.
