At a Glance
- Tasks: Join our SecOps team to monitor, analyse, and automate security operations.
- Company: Be part of a rapidly growing tech company focused on innovative security solutions.
- Benefits: Flexible working options, competitive salary, and opportunities for professional growth.
- Other info: Dynamic team environment with a focus on collaboration and continuous learning.
- Why this job: Make a real impact in cybersecurity while leveraging cutting-edge technology and AI.
- Qualifications: 3+ years in SOC or SecOps, strong Python skills, and cloud security experience.
The predicted salary is between 55000 - 65000 £ per year.
Requirements:
- 3+ years of experience in a SOC or SecOps Engineering role, with a strong background in both alert triage and security engineering.
- Proficiency in Python: Ability to write clean code to automate workflows or interact with security APIs.
- Cloud Fluency: Experience with security monitoring and incident response in cloud environments (AWS/GCP/Azure).
- Infrastructure as Code: Familiarity with managing security configurations through Git-based workflows.
- Framework Knowledge: Strong understanding of attack vectors and the MITRE ATT&CK framework.
- Education: A degree in a cyber-related field or relevant certifications (e.g., CompTIA Security+, CySA+, GCIH) is beneficial.
We are looking for engineers who are masters of automation but remain grounded in analyst fundamentals. You should have a keen interest in leveraging AI and Large Language Models (LLMs) to reduce SOC toil - using AI to summarise complex alerts, auto-generate YARA-L detections, or build intelligent playbooks to stay ahead of modern threats.
What the job involves:
- Active Monitoring: Monitor security alerts and events generated by the SecOps platform and integrated cloud security tools.
- Triage & Analysis: Perform deep-dive analysis of security incidents and anomalies, accurately distinguishing between true positives and false positives.
- Prioritisation: Manage the incident queue, prioritising alerts based on severity, potential impact, and business criticality.
- Detection as Code: Design and maintain sophisticated detection logic using YARA-L. Manage the lifecycle of these rules and configurations using IaC principles for version control.
- SOAR Extension: Lead the automation of response playbooks. You will write and extend SOAR capabilities using Python, creating custom integrations and “Managers” to connect SecOps with internal APIs.
- Tool Optimisation: Identify opportunities for automation to streamline operations and contribute to the continuous tuning and maintenance of SOC tools.
- End-to-End Investigation: Investigate incidents thoroughly, leveraging logs from platforms, endpoints, and applications mapped to the Unified Data Model (UDM).
- Incident Lifecycle: Lead containment, eradication, and recovery efforts in collaboration with Security and Technology teams.
- Documentation: Maintain comprehensive records of incident details, findings, and remediation steps to ensure a high standard of auditability.
- Group Collaboration: Work closely with the Group SOC team to align on global security standards and coordinate response efforts during cross-entity incidents.
- Threat Hunting: Stay informed about the latest cyber threats and cloud-specific vulnerabilities, conducting proactive threat-hunting activities using available telemetry.
Security Operations Engineer (Engine by Starling) in London employer: Engine by Starling
As a Security Operations Engineer at our innovative company, you'll be part of a dynamic team that values collaboration and continuous learning in a fast-paced environment. We offer flexible working arrangements, competitive benefits, and opportunities for professional growth, all while leveraging cutting-edge technology to stay ahead of cyber threats. Join us in our mission to redefine security operations and make a meaningful impact in the industry.
StudySmarter Expert Advice🤫
We think this is how you could land Security Operations Engineer (Engine by Starling) in London
✨Tip Number 1
Network like a pro! Attend industry meetups, webinars, or local tech events. Chatting with folks in the field can lead to job opportunities that aren’t even advertised yet.
✨Tip Number 2
Show off your skills! Create a GitHub repository showcasing your Python projects or any automation scripts you've developed. This gives potential employers a taste of what you can do and sets you apart from the crowd.
✨Tip Number 3
Don’t be shy about reaching out! If you see a role that excites you, drop us a message through our website. Even if you don’t tick every box, we love hearing from passionate candidates who want to join our team.
✨Tip Number 4
Prepare for interviews by brushing up on the MITRE ATT&CK framework and recent cloud security trends. Being able to discuss these topics confidently will show us you’re serious about the role and ready to tackle modern threats.
We think you need these skills to ace Security Operations Engineer (Engine by Starling) in London
Some tips for your application 🫡
Show Off Your Experience:Make sure to highlight your 3+ years in a SOC or SecOps role. We want to see how you've tackled alert triage and security engineering, so don’t hold back on those details!
Code Like a Pro:Since proficiency in Python is key, include examples of your clean code that automates workflows or interacts with security APIs. We love seeing practical applications of your skills!
Cloud Knowledge is Key:If you’ve got experience with AWS, GCP, or Azure, shout about it! Mention any security monitoring or incident response work you've done in cloud environments to catch our eye.
Don’t Sweat the Small Stuff:Remember, you don’t need to tick every box to apply! If you’re excited about working with us, just go for it. We’re open to discussions about flexible working, so reach out if you have questions!
How to prepare for a job interview at Engine by Starling
✨Know Your Stuff
Make sure you brush up on your SOC and SecOps knowledge. Be ready to discuss your experience with alert triage and security engineering, as well as your familiarity with the MITRE ATT&CK framework. They’ll want to see that you can not only talk the talk but also walk the walk.
✨Show Off Your Python Skills
Since proficiency in Python is a must, prepare to demonstrate your coding abilities. Think of examples where you've used Python to automate workflows or interact with security APIs. Maybe even bring a small project or script to showcase your skills!
✨Cloud Knowledge is Key
With cloud environments being a big part of the role, make sure you’re up to speed on security monitoring and incident response in AWS, GCP, or Azure. Have some real-world examples ready to discuss how you've tackled security challenges in these environments.
✨Be Ready to Discuss Automation
They’re looking for engineers who are masters of automation, so come prepared to talk about how you've leveraged AI and automation in your previous roles. Share specific instances where you’ve reduced SOC toil or improved efficiency through automation.
