Lead Incident Response Engineer PLEASE NOTE: 4 days per week required in the office. Reporting into the SecurityOperationsCentre Senior Manager, the role will take the lead across the EMEA region to develop and integrate the Incident Response (IR)/SOC security infrastructure to monitor both on premise and cloud environments. The role will serve … as a critical bridge between operations and engineering. Responsibilities: - Drive and improve continuous monitoring and incident response, serving as a senior resource in the SOC and Incident Response processes. - Configure and integrate platforms, tools, service providers, and solutions into IR/SOC systems, make recommendations as needed. - Consolidate and improve security logging and monitoring solutions on premise and … in the cloud to detect and respond to security threats in real time. - Drive efforts to automate and accelerate the detection and response processes. - Ensure integration of input from the deployed suite of security tools to SOC systems (e.g. SIEM/SOAR), including, but not limited to, IDS/IPS, End Point Protection, MDR/XDR, PAM, MFA More ❯
london (city of london), south east england, united kingdom
DGH Recruitment
Lead Incident Response Engineer PLEASE NOTE: 4 days per week required in the office. Reporting into the SecurityOperationsCentre Senior Manager, the role will take the lead across the EMEA region to develop and integrate the Incident Response (IR)/SOC security infrastructure to monitor both on premise and cloud environments. The role will serve … as a critical bridge between operations and engineering. Responsibilities: - Drive and improve continuous monitoring and incident response, serving as a senior resource in the SOC and Incident Response processes. - Configure and integrate platforms, tools, service providers, and solutions into IR/SOC systems, make recommendations as needed. - Consolidate and improve security logging and monitoring solutions on premise and … in the cloud to detect and respond to security threats in real time. - Drive efforts to automate and accelerate the detection and response processes. - Ensure integration of input from the deployed suite of security tools to SOC systems (e.g. SIEM/SOAR), including, but not limited to, IDS/IPS, End Point Protection, MDR/XDR, PAM, MFA More ❯
SC Cleared*** Required OUTSIDE I35 We are seeking a skilled and proactive SOC Engineer with strong expertise in Microsoft Sentinel and LogRhythm to join our SecurityOperations Center team. The ideal candidate will be responsible for monitoring, analyzing, and responding to security incidents, optimizing SIEM configurations, and contributing to threat detection and response strategies. This role requires … hands-on experience with both platforms and a deep understanding of cybersecurity principles and incident management. Key Responsibilities: Monitor and investigate security alerts from Microsoft Sentinel and LogRhythm . Analyze logs, network traffic, and other data sources to detect threats and suspicious activities. Develop and tune detection rules, analytics, and alerting logic in both SIEM platforms. Collaborate with incident … response teams to contain and remediate security incidents. Create dashboards, workbooks, and reports for stakeholders. Perform threat hunting activities and support continuous improvement of SOC processes. Maintain and enhance use cases, playbooks, and automation (e.g., with Logic Apps or SOAR). Ensure SIEM solutions are properly integrated with data sources (e.g., firewalls, endpoints, cloud services). Support compliance and More ❯
