Senior SOC Engineer

Company: Claranet
Apply for the Senior SOC Engineer
Location: Leeds
Job Description:

To ensure the client’s security platforms are reliable, correctly configured, and continuously improved, enabling the analyst team to detect, investigate, and respond effectively.

Objectives & Key Results

The key objectives will be to:

  • Maintain platform health and availability across all supported security tooling, meeting agreed service levels
  • Complete lifecycle maintenance activities (patching, upgrades, configuration changes) on schedule and within change control requirements
  • Resolve platform issues escalated by the analyst team promptly, minimising impact on detection and response capability
  • Support the Senior Security Engineer (Team Leader) in implementing platform improvements and engineering changes
  • Maintain accurate, up-to-date engineering documentation for all supported platforms
  • Ensure platform configurations meet the client’s regulatory and compliance requirements
  • Partner with the 24/7 analyst team to operationalise detections and response playbooks
  • Complete a minimum of 40 hours of professional training per year, aligned to client requirements

Duties and Responsibilities

Platform Maintenance & Configuration

  • Maintain and configure security platforms including SIEM (e.g. Microsoft Sentinel), XDR/EDR (e.g. Microsoft Defender), vulnerability management (e.g. Qualys), exposure management (e.g. XM Cyber), breach and attack simulation (e.g. AttackIQ), email security (e.g. Egress Defend/Prevent), DLP and compliance (e.g. Microsoft Purview), and cloud security (e.g. Netskope)
  • Maintain and configure infrastructure and web application scanning platforms
  • Perform patching, upgrades, and lifecycle maintenance in line with change control and regulatory requirements
  • Ensure platforms are correctly integrated with the client’s environment, including log sources, identity systems, and cloud infrastructure
  • Monitor platform performance and health, identifying and resolving issues before they affect operational capability
  • Maintain and update platform configurations in response to changes in the client’s environment, threat landscape, or vendor updates
  • Support service transitions, upgrades, and controlled change activities across the security platform estate
  • Respond to platform issues, misconfigurations, and tooling failures escalated by the Senior Security Analyst team
  • Provide engineering support during complex investigations where platform-level data, configuration, or access is required
  • Support the analyst team during major incidents and high priority situations, providing technical depth and platform expertise
  • Make technical changes to support incident remediation where platform-level action is required, for example adjusting configurations to contain a threat, correcting a misconfiguration contributing to an incident, or enabling additional telemetry
  • Participate in handovers and status reporting to maintain continuity between the business-hours engineering team and the 24/7 analyst team

Detection & Tooling Support

  • Support detection rule deployment, tuning, and validation in collaboration with the analyst team and the client’s SOC provider
  • Ensure alerting configurations in Microsoft Sentinel and Defender are aligned to operational requirements and detection use cases
  • Investigate and resolve recurring detection gaps, false positives, or data quality issues raised by analysts
  • Partner with the analyst team to operationalise advanced detections and response playbooks
  • Track vendor product updates and assess their impact on platform configuration and service delivery

Additional Information

  • You may be required to obtain UK security clearance (NPPV/SC)
  • Some travel may be required for customer engagement and collaboration

Growth & Development

You’ll be part of a team that values continuous development, with opportunities to progress into architectural, strategic, or leadership roles. Ongoing development is supported through certifications, complex project work, and involvement in shaping future SOC capabilities.

#J-18808-Ljbffr…

Posted: July 10th, 2026