Security Operations Engineer in Leeds

Netcompany is one of the fastest growing technology companies in the UK, recognised for disrupting the marketplace and helping to transform the IT sector. We deliver IT Transformation and Delivery services to some of the most well-known organisations in the UK and can count 18% of the FTSE 100 as clients.

At Netcompany, we help organisations strengthen their digital resilience through smart, secure, and sustainable solutions. We are looking for a Security Operations Engineer to support a UK Government client by strengthening security monitoring and incident response across an AWS environment running Netcompany Platforms.

In this role, you will help shape the monitoring strategy, improve detection and response processes, and work closely with technical teams to manage security incidents effectively in a highly secure environment.

Key responsibilities:

• Manage the implementation of the monitoring roadmap
• Support the development of the monitoring strategy, ensuring alignment with security requirements, policies, and standards
• Monitor, triage, and investigate security alerts across protective monitoring platforms
• Review security event data to identify incidents and support appropriate escalation
• Lead and support the design and enablement of automated monitoring processes
• Recommend and implement SIEM and network analysis tools, techniques, and procedures
• Drive continuous improvement through dashboard monitoring and retrospective analysis
• Support incident response activities, including containment, eradication, recovery, and reporting
• Work closely with infrastructure teams on network isolation, IAM revocation, security group changes, snapshot creation, IaC-driven rebuilds, restoration from clean backups
• Work closely with application teams on disabling affected features, revoking application sessions, rolling back deployments, restoring application components
• Ensure operational blockers are escalated quickly to the Incident Response Manager
• Support security operations within an AWS environment and across Infrastructure as Code (IaC)-managed infrastructure

Required Experience:

• Experience in security operations, monitoring, or incident response
• Strong knowledge of SIEM platforms and security alert triage
• Experience analysing security event data and supporting incident escalation
• Familiarity with AWS security services, controls, and operational practices
• Experience working with Infrastructure as Code (IaC) tools and approaches
• Understanding of monitoring automation and detection engineering
• Hands-on experience with containment, eradication, and recovery activities
• Ability to collaborate effectively with infrastructure and application teams
• Strong communication skills and the ability to guide technical stakeholders
• A proactive mindset with a focus on continuous improvement
• Willingness and ability to obtain and maintain SC security clearance

Desirable:

• Experience leading small monitoring or security operations teams
• Familiarity with cloud security operations and IAM controls in AWS
• Knowledge of IaC recovery approaches and secure rebuild patterns
• Experience with forensic data collection and evidence handling
• Relevant certifications such as CISSP, CISM, GCIA, GCIH, AWS Security Specialty, or similar

Benefits include:

• 25 days’ holiday
• Private Medical Health care via Vitality
• Pension contribution, Life Assurance
• Professional certifications supported as part of learning and development
• A range of retail discounts to enhance your lifestyle
• Access to our Employee Resource Groups

Join Netcompany, where we proudly hold the 5th position on the esteemed UK Top 50 Best Places to Work in the Glassdoor Employees’ Choice Awards for 2024. At Netcompany, we pride ourselves on our entrepreneurial spirit and our capacity for doing things differently.