At a Glance
- Tasks: Lead the design and implementation of cutting-edge security operations technologies.
- Company: Join a growing UK-based MSSP with a focus on innovation.
- Benefits: Up to £75,000 salary, remote work, and comprehensive benefits.
- Other info: Mentorship opportunities and a culture of continuous improvement await you.
- Why this job: Shape the future of cyber security and make a real impact in a dynamic team.
- Qualifications: 5+ years in SOC engineering with strong technical skills in SIEM and EDR.
The predicted salary is between 72500 - 72500 £ per year.
We have partnered with our client, a growing UK Based MSSP, to recruit a SOC Engineering Lead to join their SOC Team. As the SOC Engineer Lead you will work hands on with the Security Operations Centre to architect, evolve and oversee technical operations. The successful candidate will be instrumental in shaping the core detection and response capabilities of the SOC, leading engineering efforts across Elastic SIEM, Microsoft Sentinel, Defender for Endpoint, CrowdStrike, and MISP, while building robust ITSM automation in JIRA.
Core role:
- Lead the technical design, implementation, and tuning of SIEM platforms (Elastic, Microsoft Sentinel).
- Engineer and operationalise endpoint detection capabilities using Defender for Endpoint, CrowdStrike, and Elastic Defend.
- Maintain and optimise threat intelligence workflows, including integrations with MISP.
- Build and maintain robust ITSM integrations and automations in JIRA for incident and change management.
- Work with the SOC leadership team to build, iterate and improve engineering to continue to deliver a world class SOC.
- Work closely with SOC analysts to ensure telemetry, detections, and playbooks align with real-world attack techniques (MITRE ATT&CK, D3FEND).
- Develop and maintain detection engineering pipelines including log onboarding, parsing, enrichment, correlation rules, and alerting logic.
- Automate repetitive tasks using scripting and infrastructure-as-code tools (PowerShell, Python, Terraform, etc.).
- Drive integration between security tooling and external systems (e.g., threat feeds, SOAR platforms, ticketing tools).
- Act as escalation point for complex detection and incident response scenarios.
- Mentor junior engineers and analysts, and contribute to a culture of continuous improvement.
What you will bring:
- Minimum 5 years of experience engineering and operating Security Operations Centre platforms.
- Deep knowledge and hands-on experience with:
- SIEM: Elastic Stack (Beats, Logstash, Kibana, Elasticsearch), Microsoft Sentinel
- EDR: Microsoft Defender for Endpoint, CrowdStrike Falcon, Elastic Defend
- Threat Intelligence: MISP (integration, automation, ingestion)
- SOAR and automation: including JIRA automations, sentinel playbooks, azure logic apps and functions, APIs and other integrations.
- ITSM: JIRA (incident, change, and service automation)
- Strong scripting and automation skills (Python, PowerShell, Bash).
- Experience implementing detection-as-code pipelines and detection content engineering at scale.
- Solid understanding of threat detection, digital forensics, and security telemetry.
- Experience integrating SOC tooling with third-party platforms and APIs.
SOC Engineering Lead in London employer: FlexIT Talent Solutions Ltd
As a leading UK-based Managed Security Service Provider, we pride ourselves on fostering a dynamic and inclusive work culture that prioritises employee growth and innovation. Our remote working model allows for flexibility while providing access to cutting-edge technology and resources, empowering our SOC Engineering Lead to make a significant impact in the field of cyber security. With competitive salaries, comprehensive benefits, and opportunities for mentorship and professional development, we are committed to supporting our team members in achieving their career aspirations.
Contact Details:
FlexIT Talent Solutions Ltd Recruitment Team
StudySmarter Expert Advice🤫
We think this is how you could land SOC Engineering Lead in London
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, attend meetups, and connect with people on LinkedIn. You never know who might have the inside scoop on job openings or can refer you directly.
✨Tip Number 2
Show off your skills! Create a portfolio or GitHub repository showcasing your projects, especially those related to SIEM, EDR, and automation. This gives potential employers a taste of what you can do beyond your CV.
✨Tip Number 3
Prepare for interviews by brushing up on real-world scenarios. Be ready to discuss how you've tackled challenges in SOC environments, especially around detection engineering and incident response. Practice makes perfect!
✨Tip Number 4
Don’t forget to apply through our website! We’ve got some fantastic opportunities waiting for you, and applying directly can sometimes give you a leg up in the process. Let’s get you that SOC Engineering Lead role!
We think you need these skills to ace SOC Engineering Lead in London
Some tips for your application 🫡
Tailor Your CV:Make sure your CV is tailored to the SOC Engineering Lead role. Highlight your experience with SIEM platforms like Elastic and Microsoft Sentinel, and don’t forget to mention your scripting skills. We want to see how your background aligns with what we’re looking for!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you’re passionate about cyber security and how your skills can help us build a world-class SOC. Be specific about your achievements and how they relate to the job description.
Showcase Your Technical Skills:In your application, make sure to showcase your technical skills clearly. Mention your hands-on experience with tools like Defender for Endpoint and CrowdStrike, and any automation projects you've worked on. We love seeing practical examples of your work!
Apply Through Our Website:Don’t forget to apply through our website! It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it gives you a chance to explore more about our company culture and values.
How to prepare for a job interview at FlexIT Talent Solutions Ltd
✨Know Your Tech Inside Out
Make sure you’re well-versed in the specific technologies mentioned in the job description, like Elastic SIEM and Microsoft Sentinel. Brush up on your hands-on experience with these tools, as you might be asked to discuss your previous projects or even solve technical problems on the spot.
✨Showcase Your Leadership Skills
As a SOC Engineering Lead, you'll need to demonstrate your ability to lead and mentor. Prepare examples of how you've guided teams in the past, especially in complex detection and incident response scenarios. Highlight any initiatives you've taken to improve processes or team performance.
✨Understand the Threat Landscape
Familiarise yourself with current cyber threats and attack techniques, particularly those related to MITRE ATT&CK and D3FEND frameworks. Be ready to discuss how you would apply this knowledge to enhance detection capabilities within the SOC.
✨Prepare for Automation Questions
Since automation is key in this role, be prepared to talk about your scripting skills and experience with tools like PowerShell and Python. Think of specific examples where you've automated tasks or improved workflows, especially in relation to ITSM integrations and JIRA automations.
