Senior SOC Engineer

We’re looking for a senior SOC engineer to lead the design, delivery, and evolution of Microsoft-based security platforms within a fast-paced MSSP environment. This role combines hands-on engineering, customer engagement, and technical leadership to deliver high-quality, scalable security services.

You will take ownership of SOC-aligned platform engineering across the full lifecycle—from customer onboarding and solution design through to optimisation, maintenance, and continual improvement. You’ll work closely with internal teams and customers to ensure security platforms are resilient, efficient, and aligned to evolving threat landscapes.

A key part of the role is leading complex deployments and providing technical direction across SIEM, EDR, SOAR, and supporting technologies. You’ll oversee platform health through proactive lifecycle management, including patching, upgrades, and service transitions, while driving improvements in detection, automation, and performance.

You’ll also act as a senior escalation point, mentoring engineers and helping to build capability across the team. Alongside delivery, you’ll contribute to pre-sales activities, shaping solutions and supporting bids, demos, and customer discussions.

• Lead the design and implementation of SOC security platforms across customer environments
• Own end-to-end delivery, including onboarding, configuration, optimisation, and handover
• Manage platform lifecycle activities to maintain performance, stability, and operational readiness
• Drive continual improvement through enhancements to detection, automation, and scalability
• Act as a senior technical escalation point and mentor for the engineering team
• Maintain high-quality documentation, standards, and repeatable delivery practices
• Support pre-sales and stakeholder engagement with technical insight and solution design

You’ll bring strong experience working in SOC or security engineering environments, with deep expertise in Microsoft security technologies and platform engineering.

• Strong hands-on experience with Microsoft Sentinel, Defender XDR, and Azure security services
• Proven ability to design and operate SIEM, EDR, SOAR, and log management solutions at scale
• Expertise in KQL for detection engineering, tuning, and performance optimisation
• Experience building and maintaining automation using Logic Apps and related tooling
• Solid understanding of telemetry pipelines, integration patterns, and security architecture
• Familiarity with frameworks such as MITRE ATT&CK and modern detection practices
• Strong troubleshooting and problem-solving skills across complex, integrated environments

Experience in MSSP environments and working across multi-tenant platforms is highly desirable, particularly where you’ve contributed to service development, standardisation, and platform evolution.

You’re a confident communicator who can translate complex technical concepts into clear, actionable insights for both technical and non-technical audiences. You’re comfortable leading engineering delivery, making decisions under pressure, and balancing customer needs with operational constraints.

You thrive in collaborative environments, working closely with SOC analysts, detection engineers, sales teams, and optimisation specialists to deliver effective security outcomes. You also take an active role in mentoring others, supporting continuous learning and capability growth within the team.

• You may be required to obtain UK security clearance (NPPV/SC)
• Some travel may be required for customer engagement and collaboration

You’ll be part of a team that values continuous development, with opportunities to progress into architectural, strategic, or leadership roles. Ongoing development is supported through certifications, complex project work, and involvement in shaping future SOC capabilities.