SOC Engineer in Liverpool

SOC Engineer | Liverpool |

We\’re helping a leading cybersecurity firm build out a brand-new Security Operations Centre (SOC) in Liverpool
— and they\’re looking for talented
SOC Engineers
to join the founding team.

This is a fantastic opportunity to be part of something from the ground up — designing, building, and optimising a cutting-edge SOC environment based on
CrowdStrike NG-SIEM (LogScale / Humio)
.

The Role

As a
SOC Engineer
, you\’ll play a key part in shaping and scaling the SOC\’s technical capabilities. You will work across tooling, automation, and client onboarding — ensuring the environment runs smoothly and efficiently as the team grows.

You\’ll be:

• Building, integrating, and optimising SIEM pipelines and data sources
• Developing and maintaining
  runbooks, playbooks, and automation workflows
• Supporting SOC Analysts with
  detection, triage, and response
  activities
• Working with
  CrowdStrike LogScale (Humio)
  to fine-tune alerting and detection logic
• Driving low MTTD and MTTR through innovation and continuous improvement

About You

You\’re hands-on, proactive, and love solving technical problems.

You\’re equally comfortable scripting, automating, and diving into log data to find the root cause.

You\’ll bring:

• Strong
  scripting skills
  (Python, PowerShell, or Bash)
• Experience with
  KQL
  or similar query languages
• Hands-on experience with
  CrowdStrike, SIEM, or EDR tooling
• Exposure to
  threat detection, log ingestion, and alert optimisation
• Excellent analytical thinking and initiative — you don\’t wait to be told what to fix

Why Join

• Be part of a
  greenfield SOC build
  — shape its tools, processes, and culture from day one
• Work with
  CrowdStrike\’s latest SIEM technology (LogScale)
• Join a
  high-performance security team
  that values initiative, collaboration, and growth

Interested?