SOC Engineer - SIEM

Location: London (2 days per week in office)

Contract: 6 Month Fixed-Term Contract

A leading international professional services firm is seeking an experienced SOC Engineer to join its Information Security team on a 6-month fixed-term basis.

This is an excellent opportunity for a security professional with strong SIEM engineering expertise who enjoys building and enhancing security monitoring capabilities rather than purely operating within a traditional analyst function.

Working closely with the Information Security Operations Manager and wider security team, you will play a key role in driving the maturity of the organisation's SIEM platform, improving detection capabilities, onboarding new log sources, and supporting security operations across a global environment.

Key Responsibilities

  • Enhance and optimise SIEM performance, coverage and detection capability
  • Onboard and integrate new log sources across cloud, infrastructure, endpoint, identity and application platforms
  • Develop and maintain parsers, connectors and ingestion workflows
  • Build, test and tune detection use cases aligned to MITRE ATT&CK methodologies
  • Create and improve correlation rules, dashboards and alerting mechanisms
  • Support SOC investigations through advanced querying, enrichment and data analysis
  • Implement automation and orchestration capabilities to improve incident response processes
  • Produce and maintain technical documentation relating to SIEM architecture, data models and detection content
  • Collaborate with internal technology teams and third-party vendors to improve security visibility and monitoring

Required Experience

  • Strong hands-on experience administering and engineering enterprise SIEM platforms such as Microsoft Sentinel, Splunk, QRadar, LogRhythm, Exabeam, ArcSight or Elastic
  • Experience onboarding and integrating diverse log sources
  • Strong understanding of log formats including JSON, Syslog, XML and CEF
  • Experience building and tuning correlation rules, detections, searches and dashboards
  • Knowledge of SOAR technologies and security automation
  • Good understanding of infrastructure, networking, cloud platforms, endpoint security and identity technologies
  • Experience with Scripting and automation using Python and/or PowerShell
  • Strong understanding of cyber security frameworks including MITRE ATT&CK and threat hunting methodologies

Desirable Experience

  • Experience within highly regulated environments
  • Knowledge of Microsoft Defender and SentinelOne
  • Experience with DLP technologies
  • Exposure to cloud services including Azure, AWS or GCP
  • Threat intelligence and threat hunting experience
  • Relevant industry certifications such as SC-200, SC-100, CISSP, SSCP, GIAC or equivalent

What's on Offer?

  • Opportunity to make a genuine impact on the maturity of a global security operation
  • Exposure to enterprise-scale security tooling and projects
  • Collaborative and supportive security team
  • Flexible hybrid working arrangement
  • International professional services environment

Please note that this position requires attendance in the London office two days per week and is offered as a fixed-term employment contract rather than a day-rate consultancy engagement.

Apply Now
Apply Now

Job Details

Company
Precise Placements Ltd
Location
London, United Kingdom
Hybrid / Remote Options
Employment Type
Any
Salary
GBP 60,000 - 80,000 Annual
Posted