Senior Security Engineer

The Role

The Senior Security Engineer is responsible for the day-to-day operation, maintenance, and optimisation of security platforms supporting a financial services client in a regulated environment.

This is a hands-on engineering role where you will ensure security tooling is fully operational, integrated, and performing as expected. You will work closely with the 24/7 Security Analyst team, supporting investigations, resolving platform issues, and driving improvements across detection and response capabilities.

This role is client-aligned with ~3 days onsite in London.

Key Responsibilities

* Maintain and configure security platforms including SIEM, XDR/EDR, vulnerability and cloud security tooling

* Perform lifecycle activities including patching, upgrades, and configuration changes

* Ensure security platforms are fully integrated across on-prem and cloud environments

* Monitor platform health, performance, and availability, resolving issues proactively

* Support service transitions, upgrades, and controlled change activities

* Act as escalation point for platform issues raised by the Security Analyst team

* Provide engineering support during complex incidents and investigations

* Implement platform-level changes to support incident response and remediation

* Support detection engineering including rule deployment, tuning, and validation

* Resolve data quality, alerting, and detection gaps impacting operational effectiveness

* Support automation and SOAR initiatives (e.g. Sentinel, Logic Apps)

* Collaborate with SOC providers to maintain SIEM configuration and log ingestion

* Maintain accurate engineering documentation, runbooks, and platform records

* Ensure all platforms meet regulatory, audit, and compliance requirements

* Contribute to governance, reporting, and continuous improvement initiatives

Experience & Knowledge

Essential:

* Strong experience in security engineering and platform management

* Experience supporting SOC tooling and security operations environments

* Hands-on experience with Microsoft Defender and Microsoft Sentinel

* Strong understanding of SIEM, XDR, and security platform integrations

* Experience in hybrid (on-prem and cloud) environments

* Strong troubleshooting skills across platforms, integrations, and data pipelines

* Experience with scripting/automation (PowerShell, Python or similar)

* Strong understanding of networking, cloud, and infrastructure fundamentals

* Experience in regulated environments (e.g. financial services)

* Strong documentation and communication skills

Desirable:

* Experience with vulnerability and scanning tools (e.g. Qualys)

* Familiarity with exposure management and BAS tools (XM Cyber, AttackIQ)

* Knowledge of DLP, email security, and cloud security platforms

* Awareness of PAM and data security tools (e.g. CyberArk, Varonis)