Security Operations Engineer

At the Ellison Institute of Technology (EIT), we are on a mission to translate scientific discovery into real world impact. We bring together visionary scientists, technologists, engineers, researchers, educators and innovators to tackle humanity's greatest challenges in four transformative areas: Health, Medical Science & Generative Biology; Food Security & Sustainable Agriculture; Climate Change & Managing CO2; Artificial Intelligence & Robotic systems.

This is ambitious work that demands curiosity, courage, and a relentless drive to make a difference. At EIT, you will join a community built on excellence, innovation, tenacity, trust, and collaboration, where bold ideas become real-world breakthroughs.

At EIT we are seeking experienced and proactive Security Operations Engineers to help protect our people, platforms, and world-class research. This is a hands-on, impactful role at the center of our cyber-security function, combining monitoring, incident response, detection engineering, and continuous improvement of our security posture.

Your Responsibilities:

• Operate and continuously enhance security monitoring across endpoints, servers, cloud platforms, and networks
• Tune and maintain SIEM tools (including Sophos Taegis, SentinelOne EDR, and OCI security tooling) to improve detection accuracy
• Investigate and triage security alerts, escalating and responding appropriately
• Act as a responder for security incidents, supporting containment, eradication, and recovery
• Produce clear incident documentation, including reports and root-cause analysis
• Develop and refine detection rules, automation workflows, and threat-based use cases
• Apply threat intelligence to improve detection coverage in complex research environments
• Support vulnerability scanning, prioritisation, and remediation tracking
• Collaborate closely with stakeholders to embed secure practices into day-to-day operations
• Contribute to runbooks, documentation, audits, compliance activities, and risk assessments

Essential Skills, Qualifications & Experience:

• Experience working in Security Operations, a SOC, or Incident Response
• Hands-on experience with SIEM platforms such as Azure Sentinel, Splunk, or Sophos Taegis
• Familiarity with EDR tools including SentinelOne or CrowdStrike
• A strong understanding of common attack techniques (MITRE ATT&CK)
• Working knowledge of Windows, Linux, identity systems, and networking
• Experience working with cloud platforms (OCI preferred) in a security context

Desirable Skills, Qualifications & Experience:

• Experience with scripting or automation (Python, PowerShell, Bash)
• Experience in research, higher education, healthcare, or open computing environments
• Familiarity with SOAR tooling or automation platforms
• Experience with ISO27001:2022 or similar information security standards

Security-related Benefits:

• Competitive salary and bonus, enhanced holiday
• Private medical insurance and income protection
• Dental and life insurance; company pension
• Employee assistance programs and well-being benefits
• Bike-to-work scheme and other benefits

You must have the right to work permanently in the UK with a willingness to travel as necessary. In certain cases, sponsorship can be considered, assessed on a case-by-case basis. You will live in, or within easy commuting distance of, Oxford (or be willing to relocate).