SOC Deployment Engineer

We are seeking a Deployment Engineer to work within our Security Operation Centre (SOC) environment to support the delivery of managed security services through security toolsets and by SIEM technology.

What will you be doing?

• SIEM Solutions - you will collaborate with stakeholders to define SIEM requirements and then design and implement SIEM solutions to meet the security needs of our customers. You will also support the development and assist with the deployment of Security Orchestration, Automation, and Response (SOAR) playbooks to streamline Incident Response processes.
• SOC Infrastructure - you will ensure the continuous operation and health of SOC infrastructure, including servers, networks, and security appliances as well as configure and fine-tune ingestion tools to optimise performance and detection capabilities.
• Documentation / Admin - you will manage individual ticket queues within the SOC, ensuring that Service Level Agreements (SLAs) are met and ensure that all incidents are accurately logged and tracked, and that appropriate remediation actions are taken.

Do you have experience in Virtualization?, The right person for this role will have experience scoping, designing, and deploying SIEM technologies, maintaining SOC infrastructure, managing Threat Intelligence sources, and supporting the deployment of SOAR playbooks. This role requires a strong understanding of SOC operations, excellent problem-solving skills, and the ability to collaborate effectively with various teams., * Experience with scoping, designing and deploying SIEM tools preferably Microsoft Sentinel.

• Experience with Microsoft Azure
• Detailed knowledge of communication protocols (HTTP, DNS, TCP/UDP) as well as the various techniques utilised by malware within an operating system for persistence and data collection.
• Practical experience with scripting languages (e.g., Python, Perl, Bash, PowerShell).
• Understanding of virtualisation technologies (e.g. VMware) and cloud environments (e.g. Azure, AWS)
• Strong foundation in security domains such as web security, cloud services security, identity/access management, web application firewalls and intrusion detection, SC clearance is required for this role which means you will need to have lived in the UK continuously for at least 5 years and have no criminal record.

At Phoenix, our philosophy is simple - we aim to be the UK's leading IT solution and managed service provider and that means we recognise that it's our people who are the heart of everything we do. We do this by providing the encouragement, support and skill development that you need to be the very best you can be at work. We are proud of our culture, so much so that we have developed our Culture Blueprint which you can read here.