Vacancy detail

SOC Solutions Engineer

£85000 GBP

Onsite WORKING

Location: Central London, Greater London – United Kingdom Type: Permanent

Senior SOC Solutions Engineer – IBM QRadar Specialist

Location: UK-wide (with preference for London, Bristol, Manchester) Clearance: Must hold or be eligible for SC Clearance Work Type: Full-time, with 24/7 on-call rotation

A high-performing innovation and transformation consultancy is seeking a Senior SOC Solutions Engineer to elevate its security operations capability. This is a hands-on engineering role focused on SIEM development, playbook automation, and threat modelling—delivering proactive defence across cloud and on-prem environments.

You’ll be instrumental in designing and implementing advanced detection and response strategies, working closely with cross-functional teams and contributing to continual service improvement.

Key Responsibilities

SIEM Engineering & Management

• Deploy, configure, and maintain IBM QRadar SIEM platform

• Onboard and normalize diverse log sources across hybrid environments

• Develop and tune analytical rules for threat detection and behavioural analysis

Playbook Development & Automation

• Design incident response playbooks for scenarios including phishing, lateral movement, and data exfiltration

• Integrate playbooks with SOAR platforms (e.g., Microsoft Logic Apps, XSOAR)

• Continuously refine automation based on threat intelligence and incident feedback

Threat Detection & Response

• Monitor and investigate security alerts and anomalies

• Lead incident response activities and collaborate with threat intelligence teams

• Enrich detection logic with contextual threat data

Threat Modelling & Use Case Development

• Conduct threat modelling using MITRE ATT&CK, STRIDE, or Kill Chain frameworks

• Translate models into actionable SIEM use cases and detection rules

• Prioritize engineering efforts based on risk and business impact

Reporting & Collaboration

• Produce dashboards and reports on security posture and incident trends

• Collaborate with IT, DevOps, and compliance teams to ensure secure configurations

• Mentor junior analysts and engineers

• Maintain documentation including runbooks, playbooks, and incident response plans

• Support contractual reporting requirements and monthly reporting packs

Additional Duties

• Support pre-sales activities and solution scoping for new opportunities

• Demonstrate SOC tools and capabilities to stakeholders

• Drive continual service improvement through recommendations and change initiatives

Required Skills & Experience

• Proven expertise in IBM QRadar SIEM

• Strong understanding of log formats, parsing, and normalization

• Experience with SIEM query languages (KQL, SPL, AQL)

• Scripting skills (Python, PowerShell) for automation and enrichment

• Deep knowledge of threat detection, incident response, and cyber kill chain

• Familiarity with MITRE ATT&CK, NIST, and CIS frameworks

• Understanding of network traffic flows and vulnerability management

• Exposure to ethical hacking and penetration testing

• Knowledge of ITIL disciplines (Incident, Problem, Change Management)

• Experience with ServiceNow Security Suite

• Cloud experience (AWS and/or Azure)

• Excellent communication, presentation, and analytical skills

• Ability to work independently and participate in 24/7 on-call rotation

Qualifications

• 3–5 years in IT security, ideally in SOC/NOC environments

• Relevant certifications preferred: ISC2 CISSP, GIAC, SC-200, IBM QRadar Certified Specialist, Splunk Admin/Power User, Chronicle Security Engineer

• Proficiency in Microsoft Office (Excel, Word)

This is a career-defining opportunity to shape the future of cyber defence within a consultancy that values technical excellence, innovation, and mission impact

Reference: AMC/BCO/SOC1

#brco