SOC Engineer

The Digital

XRAID Security Operations Centre provides around the clock protective monitoring solutions to a client base that spans multiple industry verticals. Utilising industry-leading detection technology, our team of experienced SOC team members work to provide assurance detection and incident response capabilities to organisations of all sizes.

Digital

XRAID are looking for a Security Operations Engineer to join the Security Operations Centre and Incident Response team based in Doncaster, United Kingdom. This role is UK office hours (Mon - Fri 9am-530pm) with requirements to work in the office two days per week. There is also the potential to be on-call in this role as the Security Operations Centre covers clients 24x7x365.

You will work alongside the SOC team to ensure the effective delivery of the following:

• Provide around the clock protective monitoring using industry leading security tools
• Provide advice and guidance to client targets of cyber-attacks and malicious activity to a high standard.
• Provide incident reporting capabilities ensuring that all information is provided in a timely, accurate and effective manner.
• Provide support to other SOC team members during security incidents and Threat Mining engagements. Assistance with onboarding process - deployment of SIEM, EDR and Vulnerability Management tools
• Serve as a technical point of escalation and provide mentoring for Junior Security Operations Centre (SOC) team members.
• Responsible for Engineering solutions, deploying security tooling, investigating incidents, analysing attack methods, researching new defence techniques and tools, developing security policy, and documenting procedures for SOC.
• Prepare reports, summaries, and other forms of communication that may be both internal and client facing.
• Ensure process adherence and process improvisation to achieve operational objectives
• Malware analysis and other attack analysis to extract indicators of compromise. Perform data security event correlation between various systems.
• Creation of new detection and automation rules.
• Delivery Demos to prospective clients and be involved with scoping engagements

The successful candidate will exhibit the following key skills and/or traits:

• Excellent communication skills and comfortable in a client facing role.
• A keen interest in cyber security and associated industries.
• A heightened awareness of current affairs in the cyber security industry.
• Proven ability to effectively communicate when under pressure (high pressure situations may arise during ongoing incidents or attacks).
• Proven ability to adapt to difficult situations (high pressure situations may arise during ongoing incidents or attacks).
• Ability to commute to the office a few times per month to collaborate with peers.
• Industry certifications would be highly advantageous if the candidate has any of the following (Microsoft SC-200, AZ-500, SC-100)
• Experience in any of the following technologies would be advantageous - MS Sentinel, MS Defender, USM Anywhere, Sentinel One, Tenable IO