SOC Solutions Engineer £85000 GBP Onsite WORKING Location:

Central London, Greater London - United Kingdom

Type:

Permanent

Senior SOC Solutions Engineer - IBM QRadar Specialist Location:

UK-wide (with preference for London, Bristol, Manchester)

Clearance:

Must hold or be eligible for SC Clearance

Work Type:

Full-time, with 24/7 on-call rotation

A high-performing innovation and transformation consultancy is seeking a Senior SOC Solutions Engineer to elevate its security operations capability. This is a hands-on engineering role focused on SIEM development, playbook automation, and threat modelling-delivering proactive defence across cloud and on-prem environments.

You'll be instrumental in designing and implementing advanced detection and response strategies, working closely with cross-functional teams and contributing to continual service improvement.

Key Responsibilities

SIEM Engineering & Management

Deploy, configure, and maintain IBM QRadar SIEM platform Onboard and normalize diverse log sources across hybrid environments Develop and tune analytical rules for threat detection and behavioural analysis Playbook Development & Automation

Design incident response playbooks for scenarios including phishing, lateral movement, and data exfiltration Integrate playbooks with SOAR platforms (e.g., Microsoft Logic Apps, XSOAR) Continuously refine automation based on threat intelligence and incident feedback Threat Detection & Response

Monitor and investigate security alerts and anomalies Lead incident response activities and collaborate with threat intelligence teams Enrich detection logic with contextual threat data Threat Modelling & Use Case Development

Conduct threat modelling using MITRE ATT&CK, STRIDE, or Kill Chain frameworks Translate models into actionable SIEM use cases and detection rules Prioritize engineering efforts based on risk and business impact Reporting & Collaboration

Produce dashboards and reports on security posture and incident trends Collaborate with IT, DevOps, and compliance teams to ensure secure configurations Mentor junior analysts and engineers Maintain documentation including runbooks, playbooks, and incident response plans Support contractual reporting requirements and monthly reporting packs Additional Duties

Support pre-sales activities and solution scoping for new opportunities Demonstrate SOC tools and capabilities to stakeholders Drive continual service improvement through recommendations and change initiatives Required Skills & Experience

Proven expertise in IBM QRadar SIEM Strong understanding of log formats, parsing, and normalization Experience with SIEM query languages (KQL, SPL, AQL) Scripting skills (Python, PowerShell) for automation and enrichment Deep knowledge of threat detection, incident response, and cyber kill chain Familiarity with MITRE ATT&CK, NIST, and CIS frameworks Understanding of network traffic flows and vulnerability management Exposure to ethical hacking and penetration testing Knowledge of ITIL disciplines (Incident, Problem, Change Management) Experience with ServiceNow Security Suite Cloud experience (AWS and/or Azure) Excellent communication, presentation, and analytical skills Ability to work independently and participate in 24/7 on-call rotation Qualifications

3-5 years in IT security, ideally in SOC/NOC environments Relevant certifications preferred: ISC2 CISSP, GIAC, SC-200, IBM QRadar Certified Specialist, Splunk Admin/Power User, Chronicle Security Engineer Proficiency in Microsoft Office (Excel, Word) This is a career-defining opportunity to shape the future of cyber defence within a consultancy that values technical excellence, innovation, and mission impact

Reference:

AMC/BCO/SOC1

#brco TPBN1_UKTJ