At a Glance
- Tasks: Join a dynamic team to build and optimise cyber security tools and automation.
- Company: A growing Cyber Security Operations Centre with diverse customer portfolios.
- Benefits: Competitive salary, on-call bonus, and security clearance sponsorship available.
- Other info: Work in a mature SOC with clear opportunities for career growth.
- Why this job: Make a real impact in cyber security while developing your skills in a supportive environment.
- Qualifications: Experience with SIEM platforms and strong scripting skills required.
The predicted salary is between 55000 - 65000 £ per year.
We’re seeking a hands-on SOC Engineer to join a growing Cyber Security Operations Centre supporting a diverse portfolio of customers across multiple sectors. This is a specialist SOC Engineering position focused on building, maintaining, and optimising the tools, telemetry, detections, and automation that enable SOC Analysts to identify and respond to threats effectively. This is not a generalist cyber security role.
Key Responsibilities
- Administer and optimise Microsoft Sentinel (or equivalent SIEM), including log ingestion, parsing, normalisation, and retention.
- Develop and maintain SOAR workflows and automation using Azure Logic Apps, Python, PowerShell, Bash, and KQL.
- Onboard and manage security telemetry from a range of data sources.
- Design, implement, and tune detection rules to improve alert quality and reduce false positives.
- Conduct proactive threat hunting using SIEM, EDR, and threat intelligence sources.
- Support incident investigations, containment, and response activities.
- Monitor and maintain the health of SOC tooling, sensors, agents, and log pipelines.
- Produce documentation, runbooks, and operational procedures.
Skills & Experience
- Experience engineering and supporting SIEM platforms, ideally Microsoft Sentinel.
- Strong scripting and automation skills (Python, PowerShell, Bash, KQL).
- Experience with SOAR technologies and security automation.
- Knowledge of detection engineering and threat hunting.
- Strong understanding of Windows and Linux logging.
- Good networking knowledge including TCP/IP, DNS, firewalls, and proxies.
- Experience within a SOC, NOC, or 24/7 operational environment.
- Familiarity with MITRE ATT&CK, CVEs, and vulnerability management.
- Exposure to cloud security monitoring across Azure, AWS, or Microsoft 365.
Desirable Certifications
- Microsoft SC-200
- CompTIA Security+ / CySA+
- ISC2 CC or CISSP
- GIAC GCIA
- CEH
- Cisco CyberOps or Fortinet certifications
What’s on Offer?
- Opportunity to work within a mature and growing SOC environment.
- Exposure to a wide range of customer environments and technologies.
- Security Clearance sponsorship available for eligible candidates.
- Clear opportunities to contribute to automation, detection engineering, and SOC improvement initiatives.
Location: Milton Keynes (full-time onsite)
Working Pattern: Shift rota including evenings, weekends, bank holidays on-call support.
We are an equal opportunities organisation.
SOC Engineer – 11620CA1 in Bristol employer: Proactive.IT Appointments Limited
Join our dynamic team as a SOC Engineer in Milton Keynes, where you'll thrive in a mature Cyber Security Operations Centre that values innovation and collaboration. We offer competitive salaries, on-call bonuses, and the unique opportunity for security clearance sponsorship, all within a supportive work culture that prioritises employee growth and development through exposure to diverse technologies and customer environments.
Contact Details:
Proactive.IT Appointments Limited Recruitment Team
StudySmarter Expert Advice🤫
We think this is how you could land SOC Engineer – 11620CA1 in Bristol
✨Tip Number 1
Network like a pro! Reach out to folks in the industry on LinkedIn or at local meetups. You never know who might have the inside scoop on job openings or can put in a good word for you.
✨Tip Number 2
Show off your skills! Create a portfolio or GitHub repository showcasing your projects, especially those related to SIEM, automation, and threat hunting. This gives potential employers a taste of what you can do.
✨Tip Number 3
Prepare for interviews by brushing up on common SOC scenarios and technical questions. Practice explaining your thought process when tackling problems, as this will demonstrate your hands-on experience and analytical skills.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, we love seeing candidates who are proactive about their job search!
We think you need these skills to ace SOC Engineer – 11620CA1 in Bristol
Some tips for your application 🫡
Tailor Your CV:Make sure your CV is tailored to the SOC Engineer role. Highlight your experience with SIEM platforms, especially Microsoft Sentinel, and any relevant scripting skills. We want to see how your background aligns with what we're looking for!
Show Off Your Skills:In your application, don’t just list your skills—show us how you've used them! Whether it's developing SOAR workflows or conducting threat hunting, give us examples that demonstrate your hands-on experience in a SOC environment.
Be Clear and Concise:When writing your application, keep it clear and to the point. Use bullet points where possible to make it easy for us to read. We appreciate straightforward communication, so let’s get to the good stuff quickly!
Apply Through Our Website:We encourage you to apply through our website for the best chance of getting noticed. It helps us keep track of applications and ensures you’re considered for the role. Plus, it’s super easy to do!
How to prepare for a job interview at Proactive.IT Appointments Limited
✨Know Your Tools
Make sure you’re well-versed in Microsoft Sentinel and other SIEM platforms. Brush up on your experience with log ingestion, parsing, and retention, as these are crucial for the role. Being able to discuss specific examples of how you've optimised these tools will impress the interviewers.
✨Show Off Your Scripting Skills
Since scripting is a big part of this job, be prepared to talk about your experience with Python, PowerShell, Bash, and KQL. Maybe even bring along a small project or script you've worked on that showcases your automation skills. This will demonstrate your hands-on experience and problem-solving abilities.
✨Understand Threat Hunting
Familiarise yourself with proactive threat hunting techniques and how to use SIEM and EDR tools effectively. Be ready to discuss any past experiences where you’ve identified threats or improved alert quality. Showing that you can think like an attacker will set you apart from other candidates.
✨Prepare for Scenario Questions
Expect scenario-based questions that test your knowledge of incident response and detection engineering. Think through some common incidents you might face in a SOC environment and how you would handle them. This will show your critical thinking and ability to work under pressure.
