SOC Solutions Engineer

SOC Solutions Engineer

£85000 GBP

Onsite WORKING

Location : Central London, Greater London - United Kingdom Type : Permanent

Senior SOC Solutions Engineer - IBM QRadar Specialist

Location : UK-wide (with preference for London, Bristol, Manchester) Clearance : Must hold or be eligible for SC Clearance Work Type : Full-time, with 24 / 7 on-call rotation

A high-performing innovation and transformation consultancy is seeking a Senior SOC Solutions Engineer to elevate its security operations capability. This is a hands-on engineering role focused on SIEM development, playbook automation, and threat modelling-delivering proactive defence across cloud and on-prem environments.

You'll be instrumental in designing and implementing advanced detection and response strategies, working closely with cross-functional teams and contributing to continual service improvement.

Key Responsibilities

SIEM Engineering & Management Deploy, configure, and maintain IBM QRadar SIEM platform

Onboard and normalize diverse log sources across hybrid environments

Develop and tune analytical rules for threat detection and behavioural analysis

Playbook Development & Automation Design incident response playbooks for scenarios including phishing, lateral movement, and data exfiltration

Integrate playbooks with SOAR platforms (e.g., Microsoft Logic Apps, XSOAR)

Continuously refine automation based on threat intelligence and incident feedback

Threat Detection & Response Monitor and investigate security alerts and anomalies

Lead incident response activities and collaborate with threat intelligence teams

Enrich detection logic with contextual threat data

Threat Modelling & Use Case Development Conduct threat modelling using MITRE ATT&CK, STRIDE, or Kill Chain frameworks

Translate models into actionable SIEM use cases and detection rules

Prioritize engineering efforts based on risk and business impact

Reporting & Collaboration Produce dashboards and reports on security posture and incident trends

Collaborate with IT, DevOps, and compliance teams to ensure secure configurations

Mentor junior analysts and engineers

Maintain documentation including runbooks, playbooks, and incident response plans

Support contractual reporting requirements and monthly reporting packs

Additional Duties Support pre-sales activities and solution scoping for new opportunities

Demonstrate SOC tools and capabilities to stakeholders

Drive continual service improvement through recommendations and change initiatives

Required Skills & Experience Proven expertise in IBM QRadar SIEM

Strong understanding of log formats, parsing, and normalization

Experience with SIEM query languages (KQL, SPL, AQL)

Scripting skills (Python, PowerShell) for automation and enrichment

Deep knowledge of threat detection, incident response, and cyber kill chain

Familiarity with MITRE ATT&CK, NIST, and CIS frameworks

Understanding of network traffic flows and vulnerability management

Exposure to ethical hacking and penetration testing

Knowledge of ITIL disciplines (Incident, Problem, Change Management)

Experience with ServiceNow Security Suite

Cloud experience (AWS and / or Azure)

Excellent communication, presentation, and analytical skills

Ability to work independently and participate in 24 / 7 on-call rotation

Qualifications 3-5 years in IT security, ideally in SOC / NOC environments

Relevant certifications preferred : ISC2 CISSP, GIAC, SC-200, IBM QRadar Certified Specialist, Splunk Admin / Power User, Chronicle Security Engineer

Proficiency in Microsoft Office (Excel, Word)

This is a career-defining opportunity to shape the future of cyber defence within a consultancy that values technical excellence, innovation, and mission impact

Reference : AMC / BCO / SOC1

#brco

TPBN1_UKTJ