Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Enhance SIEM platforms and develop advanced detection use cases for a global legal firm.
- Company: Join a leading global legal firm focused on security innovation.
- Benefits: Competitive salary, flexible working hours, and opportunities for professional growth.
- Other info: Dynamic role with excellent career advancement opportunities in a collaborative environment.
- Why this job: Make a real impact in cybersecurity while working with cutting-edge technologies.
- Qualifications: Degree in computing or equivalent experience; strong scripting skills required.
The predicted salary is between 50000 - 65000 £ per year.
SOC Engineer required for global legal firm. You will be responsible for advancing the maturity of the SIEM platform alongside other strategic security solutions, working closely with internal teams to improve the organisation’s overall security posture. This position focuses on onboarding new log sources, optimising data pipelines, developing advanced detection use cases, and strengthening overall security monitoring and response. It’s an excellent opportunity for a security professional who enjoys building scalable, high-performing SOC environments and driving continuous improvement.
The Role
This role also involves contributing to security service improvements and core operational processes, including incident, change, and problem management, as well as supporting the design, implementation, and review of security controls. There may occasionally be a requirement to support out-of-hours changes or respond to critical security incidents.
Key Responsibilities
- SIEM Engineering & Optimisation
- Enhance and optimise SIEM performance, coverage, and detection fidelity
- Assess and improve SIEM architecture, including ingestion pipelines, parsing, and correlation logic
- Implement automation and orchestration (SOAR) to streamline response activities
- Log Source Onboarding & Integration
- Identify and onboard new log sources across cloud, network, endpoint, and application environments
- Develop custom parsers, connectors, and ingestion playbooks
- Collaborate with internal teams and vendors to ensure reliable, high-quality telemetry
- Detection Engineering
- Design and implement detection use cases aligned to MITRE ATT&CK and threat intelligence
- Build and tune correlation rules, anomaly detections, dashboards, and alerting workflows
- Continuously refine detections to reduce false positives and improve effectiveness
- SOC & Incident Response Support
- Partner with SOC analysts to validate and improve detection logic
- Support investigations through advanced SIEM queries and data analysis
- Act as a subject matter expert on complex security incidents
- Documentation & Governance
- Maintain clear documentation of data models, integrations, and detection logic
- Ensure alignment with security standards, controls, and compliance requirements
Skills & Experience
- Technical Expertise
- Hands‑on experience with SIEM platforms such as Splunk, Microsoft Sentinel, QRadar, Elastic, ArcSight, LogRhythm, or Exabeam
- Strong understanding of log formats (JSON, syslog, XML, CEF) and ingestion methods (APIs, Kafka, Event Hubs, agents)
- Experience in detection engineering, threat modelling, and attacker behaviour analysis
- Proven ability to build and tune correlation rules, dashboards, and alerts
- Familiarity with SOAR tools and automation workflows
- Security Knowledge
- Solid understanding of networking, Windows/Linux systems, cloud platforms (Azure, AWS, GCP), identity systems, and endpoint security tools
- Knowledge of MITRE ATT&CK, cyber kill chain, and threat hunting techniques
Requirements
- Degree (Level 4+) in a computing-related subject or equivalent experience
- Background across IT infrastructure and information security roles
- Relevant certifications (eg GIAC, SC-200/SC-100, CISSP, SSCP, CSIS)
- Strong Scripting skills (Python, PowerShell, PowerApps)
- Excellent communication skills with the ability to engage stakeholders at all levels
- Proactive, self‑driven approach with strong analytical capability
Desirable Experience
- Data Loss Prevention (DLP)
- Secure remote access solutions
- Network security technologies
- Threat intelligence and open-source security tools
- Experience with SaaS, IaaS, PaaS, and DaaS environments
- Business continuity and disaster recovery planning
- Knowledge of data privacy regulations
SOC Engineer – FTC employer: Barclay Simpson
Contact Detail:
Barclay Simpson Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land SOC Engineer – FTC
✨Tip Number 1
Network, network, network! Get out there and connect with professionals in the security field. Attend industry events, join online forums, and don’t be shy about reaching out on LinkedIn. We all know that sometimes it’s not just what you know, but who you know!
✨Tip Number 2
Show off your skills! Create a portfolio or GitHub repository showcasing your projects, especially those related to SIEM platforms and detection engineering. This gives potential employers a tangible look at what you can do, and we love seeing practical examples of your work.
✨Tip Number 3
Prepare for interviews by brushing up on common SOC scenarios and incident response strategies. Practice articulating your thought process when tackling complex security incidents. We want to see how you think on your feet and handle pressure!
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, we’re always looking for passionate individuals who are eager to contribute to our mission of enhancing security across the board.
We think you need these skills to ace SOC Engineer – FTC
Some tips for your application 🫡
Tailor Your CV: Make sure your CV speaks directly to the SOC Engineer role. Highlight your experience with SIEM platforms and any relevant projects you've worked on. We want to see how your skills align with what we're looking for!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're passionate about security and how you can contribute to our team. Be sure to mention specific experiences that relate to the key responsibilities in the job description.
Show Off Your Technical Skills: Don’t hold back on showcasing your technical expertise! Mention your hands-on experience with tools like Splunk or Microsoft Sentinel, and any scripting skills you have. We love seeing candidates who are technically savvy and ready to hit the ground running.
Apply Through Our Website: We encourage you to apply through our website for a smoother application process. It helps us keep track of your application and ensures you don’t miss out on any important updates from us!
How to prepare for a job interview at Barclay Simpson
✨Know Your SIEM Inside Out
Make sure you’re well-versed in the specific SIEM platforms mentioned in the job description, like Splunk or Microsoft Sentinel. Brush up on your knowledge of log formats and ingestion methods, as you might be asked to discuss how you would enhance and optimise SIEM performance.
✨Showcase Your Detection Engineering Skills
Prepare to talk about your experience with detection engineering and threat modelling. Have examples ready where you've designed detection use cases or built correlation rules, and be ready to explain how you reduced false positives in your previous roles.
✨Demonstrate Your Collaborative Spirit
This role involves working closely with internal teams, so be prepared to discuss how you’ve collaborated with others in past positions. Highlight any experiences where you partnered with SOC analysts or other stakeholders to improve security monitoring and response.
✨Be Ready for Technical Questions
Expect some technical questions related to incident response and security controls. Brush up on your knowledge of the MITRE ATT&CK framework and be ready to discuss how you would approach a critical security incident, including the tools and techniques you would use.