At a Glance
- Tasks: Investigate security incidents and improve detection processes using the CybaOps platform.
- Company: Join a dynamic, growth-focused tech company with a collaborative culture.
- Benefits: Competitive salary, hybrid work model, and opportunities for professional development.
- Other info: Supportive team environment with clear paths for career progression.
- Why this job: Dive into real investigations and make a tangible impact from day one.
- Qualifications: Experience in security operations and a passion for improving processes.
The predicted salary is between 50000 - 70000 € per year.
Detect, investigate, respond and help build the platform that does it better next time.
Location: UK (Hybrid)
Salary: GBP 50,000 - 70,000
Reports to: Head of Security Operations
Type: Permanent, Full-Time
About The Role
CybaVerse operates a lean, automation-driven security operations function built on our CybaOps platform. We do not run a traditional tiered SOC. There is no conveyor belt of copy‑paste alerts, no rigid escalation chain, and no ceiling on what you can get involved in. As a Security Operations Engineer you will work directly within the operations function, handling real investigations, contributing to detection improvement, and getting hands‑on with the tooling that powers the service. You will be expected to think, not just triage. When you spot something that should be automated or improved, you will have the space to say so and help fix it. This role suits someone who has a solid grounding in security operations, is hungry to develop beyond alert handling, and wants to work in an environment where quality of thinking matters more than time‑on‑console. We are not looking for someone to sit in a queue. We are looking for someone who wants to understand what they are seeing, improve how we see it, and get better every week.
What You Will Be Doing
- Investigating security alerts and incidents across endpoint, network, cloud, and identity environments using the CybaOps platform
- Conducting structured threat investigations: building timelines, identifying root cause, and producing clear, client‑ready findings
- Contributing to detection improvement: identifying gaps, raising tuning recommendations, and helping write or refine SIEM rules
- Supporting incident response activity, including containment actions and post‑incident documentation
- Performing threat hunting across client environments based on intelligence or anomaly‑driven hypotheses
- Working with threat intelligence feeds to enrich investigations and identify emerging attacker behaviour
- Documenting findings to a high standard for both internal records and client‑facing outputs
- Collaborating with the Head of Security Operations and wider team to improve processes, runbooks, and automation workflows
- Supporting onboarding of new clients including log source validation and initial detection tuning
Essential
- Hands‑on experience in a security operations or incident response role, whether in‑house, MSSP, or consultancy
- Solid understanding of the attack lifecycle and common attacker techniques, with working knowledge of MITRE ATT&CK
- Practical experience with SIEM platforms: log analysis, query writing, alert investigation
- Ability to investigate across multiple data sources and piece together a coherent picture of what happened
- Clear written communication – you can explain a technical finding to someone non‑technical without losing accuracy
- Genuine curiosity about how things work and why attacks succeed
Desirable
- Experience with EDR platforms (CrowdStrike, SentinelOne, Microsoft Defender or similar)
- Exposure to SOAR tooling or any scripting/automation for operational tasks (Python, PowerShell)
- Familiarity with cloud environments: Azure, AWS, or GCP log sources and common misconfigurations
- Experience with network traffic analysis or IDS/IPS alert investigation
- Any threat intelligence or CTI exposure: indicator enrichment, threat actor research
- Relevant certifications such as BTL1, SC‑200, CySA+, CEH, or GCIH – useful context but not a barrier
How We Work
The team is small and the work is varied. You will not spend years in a defined lane before being allowed to do anything interesting. From early on you will be handling real investigations, contributing to how we improve, and working alongside senior practitioners who will invest time in your development. We use automation to handle the repetitive so that the team can focus on the work that requires judgement. If you have ideas about how to do something better, we want to hear them.
What You Will Not Find Here
- A rigid tier‑1 alert queue with no room for independent thinking
- A siloed role with a narrow remit and no path to grow
- A culture where junior team members are seen and not heard
What You Will Find Here
- Real investigations from day one, not filtered‑down leftovers
- A team that values quality of thinking over volume of tickets closed
- Genuine support for your development and clear progression into more senior work
- A company in active growth with interesting clients and a product that is actively evolving
Compensation And Package
GBP 50,000 - 70,000 Salary is dependent on experience. We will assess the full range based on what you bring to the role.
Security Operations Engineer - Hybrid in Portsmouth employer: CybaVerse
CybaVerse is an exceptional employer that fosters a dynamic and innovative work culture, where Security Operations Engineers are empowered to engage in real investigations from day one. With a strong emphasis on personal development and the opportunity to contribute to meaningful improvements in security operations, employees can expect a supportive environment that values quality thinking over quantity. Located in the UK with a hybrid working model, CybaVerse offers competitive salaries and a chance to be part of a growing company that prioritises employee growth and collaboration.
StudySmarter Expert Advice🤫
We think this is how you could land Security Operations Engineer - Hybrid in Portsmouth
✨Tip Number 1
Network like a pro! Get out there and connect with folks in the security ops field. Attend meetups, webinars, or even just chat with people on LinkedIn. You never know who might have the inside scoop on job openings or can put in a good word for you.
✨Tip Number 2
Show off your skills! If you've got hands-on experience with SIEM platforms or threat hunting, make sure to highlight that in conversations. Share examples of how you've tackled real investigations or improved processes. It’s all about demonstrating your value!
✨Tip Number 3
Don’t be shy about asking questions during interviews. This role is all about critical thinking and curiosity, so show them you’re eager to learn and improve. Ask about their current challenges and how you could help tackle them.
✨Tip Number 4
Apply through our website! We love seeing candidates who are genuinely interested in joining us. Tailor your approach to reflect our values and the unique aspects of the role. Let’s make sure you stand out from the crowd!
We think you need these skills to ace Security Operations Engineer - Hybrid in Portsmouth
Some tips for your application 🫡
Show Your Passion for Security:When writing your application, let your enthusiasm for security operations shine through. We want to see that you're not just looking for a job, but that you're genuinely excited about tackling real investigations and improving processes.
Be Clear and Concise:Make sure your written communication is spot on. We value clarity, so explain your technical skills and experiences in a way that's easy to understand. Remember, you might be talking to someone who isn't as technical as you!
Highlight Your Curiosity:We love candidates who are curious about how things work. In your application, share examples of how you've gone beyond the basics to understand security incidents or improve detection methods. Show us your investigative mindset!
Apply Through Our Website:Don't forget to apply through our website! It’s the best way for us to receive your application and ensures it gets into the right hands. Plus, it shows you’re keen to join our team at CybaVerse!
How to prepare for a job interview at CybaVerse
✨Know Your Stuff
Make sure you have a solid understanding of security operations and the attack lifecycle. Brush up on common attacker techniques and be ready to discuss how you've applied this knowledge in past roles. This will show that you're not just familiar with the theory but can also think critically about real-world scenarios.
✨Show Your Curiosity
Demonstrate your genuine curiosity about security by asking insightful questions during the interview. Inquire about the tools they use, their approach to threat hunting, or how they handle incident response. This will highlight your eagerness to learn and improve, which is exactly what they're looking for.
✨Be Ready to Discuss Automation
Since the role involves improving processes and automation, come prepared to talk about any experience you have with scripting or automation tools. If you've identified areas for improvement in previous roles, share those examples to illustrate your proactive mindset.
✨Communicate Clearly
Practice explaining technical concepts in simple terms. You might be asked to describe a complex finding, so being able to communicate clearly and effectively is crucial. This skill will not only help you in the interview but is essential for client-facing documentation as well.
