- Portsmouth - hybrid (2-3 days on-site per week)
- Permanent
- Up to £78,500 + bonus
This is a prime opportunity to design and engineer the core platforms behind a rapidly growing Security Operations Centre (SOC), blending hands-on technical work with automation and solution design. You’ll collaborate with analysts, architects, and customers to build reliable, scalable systems that accelerate threat detection and response, all in a collaborative culture that invests in your growth, wellbeing, and career progression.
Job Title: Senior Security Engineer
Job Type: Permanent
Salary: Up to £78,500 (DOE) + Bonus
Working arrangement: Hybrid
Office Location: Portsmouth
As a Senior Security Engineer, you will: - Design, deploy, and maintain core SOC technologies (SIEM, EDR, SOAR, threat intelligence, and logging infrastructure).
- Develop and optimise detection use cases, correlation rules, and analytics content.
- Build and maintain automation workflows and integrations using automation platforms or custom scripting.
- Engineer secure log ingestion pipelines across hybrid cloud and on-prem environments.
- Support client onboarding, threat hunting, detection engineering, and process improvements.
- Mentor junior engineers and maintain documentation, diagrams, and standards.
Required Experience/Skills: - 5 years’ experience in a SOC, security engineering, or cyber operations role.
- Strong hands-on experience with SIEM or EDR platforms (e.g., Microsoft Sentinel, Splunk, Defender, CrowdStrike, Elastic).
- Expertise in building and tuning detection rules, dashboards, and automation playbooks.
- Proficiency in scripting or automation (KQL, PowerShell, Python, or similar).
- Knowledge of log management, APIs, data normalisation, and cloud security (Azure, AWS, or M365).
- Solid understanding of network, system, and identity security fundamentals.
- Excellent problem-solving skills and a passion for continuous improvement.
- Experience with SOAR platforms (e.g., Microsoft Sentinel Automation, Cortex XSOAR, Splunk SOAR).
- Knowledge of MITRE ATT&CK mapping and detection engineering frameworks.
- Infrastructure-as-Code experience (Terraform, Bicep, or ARM templates).
- Exposure to threat hunting, vulnerability management, or integrations with ServiceNow/ITSM tools.
Services offered by Computappoint Limited are those of an Employment Business and/or Employment Agency in relation to this vacancy. 