Security Operations Engineer

Join us at the Ellison Institute of Technology (EIT), where we're on a mission to translate scientific discovery into real-world impact. We bring together visionary scientists, technologists, engineers, researchers, educators, and innovators to tackle humanity's greatest challenges in four transformative areas:

• Health, Medical Science & Generative Biology
• Food Security & Sustainable Agriculture
• Climate Change & Managing CO₂
• Artificial Intelligence & Robotics

This is ambitious work that demands curiosity, courage, and a relentless drive to make a difference. At EIT, you'll join a community built on excellence, innovation, tenacity, trust, and collaboration, where bold ideas become real-world breakthroughs. Together, we push boundaries, embrace complexity, and create solutions to scale ideas from lab to society.

Your Role: At EIT, we are seeking experienced and proactive Security Operations Engineers to help protect our people, platforms, and world-class research. This is a hands-on, impactful role at the centre of our cyber-security function, combining monitoring, incident response, detection engineering, and continuous improvement of our security posture. You will work closely with IT, research computing, governance, and legal teams to ensure that security enables, not hinders scientific innovation.

Your Responsibilities: In this role, you will:

• Operate and continuously enhance security monitoring across endpoints, servers, cloud platforms, and networks.
• Tune and maintain SIEM tools (including Sophos Taegis, SentinelOne EDR, and OCI security tooling) to improve detection accuracy.
• Investigate and triage security alerts, escalating and responding appropriately.
• Act as a responder for security incidents, supporting containment, eradication, and recovery.
• Produce clear incident documentation, including reports and root-cause analysis.
• Develop and refine detection rules, automation workflows, and threat-based use cases.
• Apply threat intelligence to improve detection coverage in complex research environments.
• Support vulnerability scanning, prioritisation, and remediation tracking.
• Collaborate closely with stakeholders to embed secure practices into day-to-day operations.
• Contribute to runbooks, documentation, audits, compliance activities, and risk assessments.

Requirements: Essential Skills, Qualifications & Experience:

• Experience working in Security Operations, a SOC, or in Incident Response.
• Hands-on experience with SIEM platforms such as Azure Sentinel, Splunk, or Sophos Taegis.
• Familiarity with EDR tools including SentinelOne or CrowdStrike.
• A strong understanding of common attack techniques (MITRE ATT&CK).
• Working knowledge of Windows, Linux, identity systems, and networking.
• Experience working with cloud platforms (OCI preferred) in a security context.

Desirable Skills, Qualifications & Experience:

• Scripting or automation skills (Python, PowerShell, Bash).
• Experience in research, higher education, healthcare, or similarly open computing environments.
• Familiarity with SOAR tooling or automation platforms.
• Experience with ISO27001:2022 or similar standards.
• Relevant certifications (e.g., ISC2 CC, CompTIA Security+).

Benefits: Salary: £60,000 - £70,000 (dependent on experience) + travel allowance + bonus. Enhanced holiday + options to buy additional days. Pension, Life Assurance, Income Protection, Private Medical Insurance, Hospital Cash Plan, Therapy Services, Perk Box, Electric Car Scheme, Childcare benefit.

Working Together – What It Involves: You must have the right to work permanently in the UK with a willingness to travel as necessary. In certain cases, we can consider sponsorship, and this will be assessed on a case-by-case basis. You will live in, or within easy commuting distance of, Oxford (or be willing to relocate).