Senior Security Operations Engineer in Leeds

At Netcompany, we help organisations strengthen their digital resilience through smart, secure, and sustainable solutions. We are looking for a Senior Security Operations Engineer to support a UK Government client by strengthening security monitoring and incident response across an AWS environment running Netcompany Platforms. In this role, you will help shape the monitoring strategy, improve detection and response processes, and work closely with technical teams to manage security incidents effectively in a highly secure environment.

The role involves:

• Driving the monitoring roadmap and supporting security operations.
• Ensuring that alert triage, incident investigation, and escalation processes are effective and continuously improved.
• Working across and with the infrastructure and application teams within an AWS-based platform environment.
• Providing expert guidance during containment, eradication, and recovery activities.
• Designing and enabling automated monitoring processes and recommending tools and techniques to improve threat detection and response.

This role requires SC-level security clearance and the ability to work within a secure UK government environment.

Key responsibilities:

• Manage the implementation of the monitoring roadmap.
• Support the development of the monitoring strategy, ensuring alignment with security requirements, policies, and standards.
• Monitor, triage, and investigate security alerts across protective monitoring platforms.
• Review security event data to identify incidents and support appropriate escalation.
• Lead and support the design and enablement of automated monitoring processes.
• Recommend and implement SIEM and network analysis tools, techniques, and procedures.
• Drive continuous improvement through dashboard monitoring and retrospective analysis.
• Support incident response activities, including containment, eradication, recovery, and reporting.
• Work closely with infrastructure teams on network isolation, IAM revocation, security group changes, snapshot creation, IaC-driven rebuilds, and restoration from clean backups.
• Work closely with application teams on disabling affected features, revoking application sessions, rolling back deployments, and restoring application components.
• Ensure operational blockers are escalated quickly to the Incident Response Manager.
• Support security operations within an AWS environment and across Infrastructure as Code (IaC)-managed infrastructure.

Required Experience:

• Experience in security operations, monitoring, or incident response.
• Strong knowledge of SIEM platforms and security alert triage.
• Experience analysing security event data and supporting incident escalation.
• Familiarity with AWS security services, controls, and operational practices.
• Experience working with Infrastructure as Code (IaC) tools and approaches.
• Understanding of monitoring automation and detection engineering.
• Hands-on experience with containment, eradication, and recovery activities.
• Ability to collaborate effectively with infrastructure and application teams.
• Strong communication skills and the ability to guide technical stakeholders.
• A proactive mindset with a focus on continuous improvement.
• Willingness and ability to obtain and maintain SC security clearance.
• Experience leading small monitoring or security operations teams.
• Familiarity with cloud security operations and IAM controls in AWS.
• Knowledge of IaC recovery approaches and secure rebuild patterns.
• Experience with forensic data collection and evidence handling.
• Relevant certifications such as CISSP, CISM, GCIA, GCIH, AWS Security Specialty, or similar.

Benefits:

• Private Medical Health care via Vitality.
• Pension contribution, Life Assurance.
• Professional certifications supported as part of learning and development.
• A range of retail discounts to enhance your lifestyle, encompassing restaurants, supermarkets, travel, leisure activities, and health and well-being services.
• Access to our Employee Resource Groups, which represent diverse backgrounds and provide a platform for colleagues to connect, learn, and support one another.

Netcompany is committed to providing an inclusive and barrier-free recruitment process for anyone wishing to apply for a job with us. We operate a Disability Confident Interview Scheme which means that we offer guaranteed interviews to all applicants with a disability who meet the minimum criteria for a role. Applicants are asked to opt in, so please let us know if you wish your application to be considered under this scheme.