SOC Operations Engineer - EDR & NDR Platforms in Devon, Plymouth

Beazley Security is a global cybersecurity firm committed to helping clients enable advanced cyber defenses that reduce risk with quantifiable results. We are comprised of top talent from private industry, government, intelligence, and law enforcement who are specialists in threat detection, incident response, digital forensics, offensive security, risk management, and cyber resilience. As a subsidiary of specialty insurance giant, Beazley, we have been at the forefront of cyber insurance management and breach response activities for business clients in the US, UK, and Europe since 2017.

As Beazley Security, the company will have an expanded scope, leveraging nearly two decades of cyber incident experience, a strong services division, and a business strategy focused on growth, to realise our goals and deliver benefits to clients. We are committed to upholding our core values of Belonging, Integrity, Service, Accountability, and Curiosity, which are essential to creating a strong and inclusive workplace culture, as well as delivering world-class cybersecurity solutions to our clients worldwide.

The SOC Operations Engineer is responsible for the operational management, optimisation, and lifecycle maintenance of Beazley Group's core Endpoint Detection and Response (EDR) and Network Detection and Response (NDR) platforms. Working within the IT Security function and in close collaboration with the Beazley Security MDR SOC, this role ensures these detection technologies remain effective, resilient, and optimally tuned to support rapid threat detection and response. The position bridges engineering with supporting day-to-day SOC operations.

The individual in this role will be responsible for owning the platforms, coordinating upgrades and enhancements, improving alert fidelity, and assisting the SOC teams with advanced investigations, containment support, and continuous improvement.

Responsibilities:

• Platform Ownership & Maintenance: Act as the technical owner for SOC systems and operations, ensuring full operational coverage and integration across the enterprise estate. Maintain the physical and virtual infrastructure (appliances, sensors, collectors), planning upgrades, hardware refreshes, and configuration changes as required. Oversee policy, sensor deployment, and version control across all EDR/NDR agents and connectors. Validate data flow and health between endpoints, appliances, and the central XDR platform leveraged by the SOC. Coordinate with the SOC, vendors, and IT infrastructure teams to schedule upgrades, patching, and feature enablement.
• Detection Engineering & Optimisation: Tune detection logic, behavioural models, and response policies to reduce false positives and improve threat visibility. Implement target NDR model optimisation, device tagging, and subnet labelling enhancements to support faster investigations. Maintain EDR platform configuration baselines and analytics dashboards. Support integration and data quality within the Beazley Security XDR platform to ensure reliable event correlation. Document all configuration changes, tuning decisions, and engineering work in line with IT Security change management processes.
• SOC & Incident Support: Collaborate closely with the Beazley Security SOC, ensuring they have the right visibility, alert quality, and context to perform effective first-line detection and triage. Serve as part of the escalation group for security cases from the centralized SOC, assisting with containment and isolation activities during incidents where necessary. Provide subject-matter expertise on EDR and NDR telemetry sources during investigations and post-incident reviews. Contribute to root-cause analysis and recommend platform-level improvements following any potential incidents.
• Proactive Threat Hunting & Intelligence Alignment: Partner with the Threat Intelligence team and MDR organisation to proactively hunt for malicious activity and validate emerging TTPs within Beazley's environment. Feed newly identified patterns back into SOC detection content and threat models.
• Governance, Reporting & Continuous Improvement: Produce operational and executive reporting across all managed detection platforms. Participate in recurring technical optimisation sessions and quarterly business reviews with vendors. Track detection efficacy, platform uptime, and configuration drift metrics as part of the IT Security KPI set. Continuously assess opportunities for automation, enrichment, and process improvement.

Key Interfaces:

• Internal: Head of IT Security, SOC Manager, Incident Response, Infrastructure, Cloud, and Networking teams.
• External: Beazley Security MDR SOC.

Qualifications:

• Minimum 3 years' experience in security operations, cyber engineering, or platform management.
• Hands-on experience administering and optimising leading NDR and EDR platforms.
• Strong understanding of endpoint telemetry, network analytics, and SOC workflows.
• Experience planning and performing platform upgrades, integrations, and lifecycle management.
• Familiarity with MITRE ATT&CK and threat-hunting principles.
• Ability to collaborate effectively with SOC analysts, infrastructure teams, and vendors.
• Excellent documentation, analytical, and communication skills.

Desirable Skills:

• Experience working within hybrid SOC models (internal + managed service).
• Exposure to Identity Threat Detection & Response (ITDR) solutions.
• Certifications such as CySA+, GCIA, or equivalent.
• Scripting or query language capability (SQL, PowerShell, Python).

Personal Attributes:

• Highly organised and proactive, with strong ownership of assigned technologies.
• Analytical thinker who thrives on improving systems and processes.
• Collaborative and approachable, able to bridge operations, engineering, and intelligence teams.
• Calm under pressure, with a methodical and disciplined approach to incident support.

Beazley Security offers:

• Remote work opportunity.
• Competitive salary with a bonus structure.
• Flexible working arrangements to support balance.
• Generous parental leave to support your family.
• Private healthcare for peace of mind.
• A strong pension scheme to help secure your future.
• A lifestyle allowance to enhance your well-being.
• Life insurance and long-term disability coverage for added security.
• Opportunities to grow through career advancement and ongoing training.
• Access to industry conferences and events for professional development.

Beazley Security is an equal opportunity employer. We embrace diversity and are committed to creating an inclusive environment for all employees.