SOC Engineer

SOC Engineer | Liverpool |

We’re helping a leading cybersecurity firm build out a brand-new Security Operations Centre (SOC) in Liverpool — and they’re looking for talented SOC Engineers to join the founding team.

This is a fantastic opportunity to be part of something from the ground up — designing, building, and optimising a cutting-edge SOC environment based on CrowdStrike NG-SIEM (LogScale / Humio) .

The Role

As a SOC Engineer , you’ll play a key part in shaping and scaling the SOC’s technical capabilities. You will work across tooling, automation, and client onboarding — ensuring the environment runs smoothly and efficiently as the team grows.

You’ll be:

• Building, integrating, and optimising SIEM pipelines and data sources
• Developing and maintaining runbooks, playbooks, and automation workflows
• Supporting SOC Analysts with detection, triage, and response activities
• Working with CrowdStrike LogScale (Humio) to fine-tune alerting and detection logic
• Driving low MTTD and MTTR through innovation and continuous improvement

About You

You’re hands-on, proactive, and love solving technical problems.

You’re equally comfortable scripting, automating, and diving into log data to find the root cause.

You’ll bring:

• Strong scripting skills (Python, PowerShell, or Bash)
• Experience with KQL or similar query languages
• Hands-on experience with CrowdStrike, SIEM, or EDR tooling
• Exposure to threat detection, log ingestion, and alert optimisation
• Excellent analytical thinking and initiative — you don’t wait to be told what to fix

Why Join

• Be part of a greenfield SOC build — shape its tools, processes, and culture from day one
• Work with CrowdStrike’s latest SIEM technology (LogScale)
• Join a high-performance security team that values initiative, collaboration, and growth

📩 Interested?