SOC Platform Engineer - Public Sector

As a SOC Platform Engineer specialising in Security Platform Engineering, you will support the design, build, and integration of infrastructure and platforms that underpin modern Security Operations Centres (SOCs) across cloud, hybrid, and on-premise environments.

You will work across cloud, infrastructure, and security tooling, contributing to the delivery of scalable, secure, and high-performing monitoring platforms. This includes supporting the deployment and integration of technologies such as Google SecOps (Chronicle), SIEM platforms, cloud-native security tooling, and network security solutions.

Using your experience across cloud or infrastructure engineering with security exposure, you will help ensure platforms are reliable, integrated, and operationally effective, enabling detection and response teams to perform at scale.

This is a hands-on role suited to engineers who enjoy building and integrating systems, with exposure to client environments and the opportunity to develop further into more senior consulting and architecture responsibilities.

Key Responsibilities:

• Support the design, build, and maintenance of security monitoring platforms across cloud, hybrid, and on-premise environments

• Assist with the deployment and integration of SIEM and cloud-native security platforms, including Google SecOps / Chronicle and similar technologies

• Build and maintain log ingestion pipelines, ensuring reliable data flow across multiple systems

• Support integration of security tooling across environments, including:

o Cloud services (GCP, Azure, AWS)

o EDR/XDR platforms

o Network security technologies (e.g. firewalls such as Palo Alto)

o Identity and access management systems

• Configure and maintain data collection, parsing, and normalisation pipelines

• Work closely with SOC analysts and detection engineers to support operational use cases

• Contribute to automation of platform deployment and configuration using scripting or infrastructure-as-code

• Monitor and support platform performance and health, including ingestion pipelines and system availability

• Troubleshoot and resolve platform and integration issues with support from senior engineers where required

• Produce and maintain technical documentation (runbooks, designs, configurations)

• Support workshops and stakeholder interactions, with guidance from senior team members

• Strong background in infrastructure or cloud engineering, with experience across:

o GCP (desirable), Azure, or AWS

• Experience working with SIEM or security monitoring platforms (not necessarily as a primary role), such as:

o Google SecOps / Chronicle, Sentinel, QRadar, Splunk, Elastic or similar

o Experience supporting or building log ingestion pipelines or data integrations

• Exposure to integrating systems across:

o Cloud platforms

o Security tooling (EDR, network, identity)

• Basic understanding of SOC environments and security operations workflows

• Experience contributing to technical delivery, including implementation and configuration

• Proficiency in scripting or automation (e.g. Python, PowerShell)

• Ability to work in client-facing environments and collaborate with technical and non-technical stakeholders

This role is subject to pre-employment screening in line with the UK Government's Baseline Personnel Security Standard (BPSS). An additional range of Personal Security Controls referred to as National Security Vetting (NVS) may apply, this could include meeting the eligibility requirements for The Security Check (SC) or Developed Vetting (DV).

Preferred technical and professional experience

• Experience with modern SIEM or cloud-native security platforms, such as:

o Google SecOps / Chronicle, Microsoft Sentinel, Splunk, Elastic

• Exposure to DevSecOps practices, CI/CD pipelines, or infrastructure-as-code (e.g. Terraform)

• Experience working with security tooling integrations (EDR, SOAR, threat intelligence platforms)

• Understanding of cloud-native security services across AWS, Azure, or GCP

• Relevant certifications such as:

o SC-200, AZ-500, or cloud certifications

• Experience working in regulated or public sector environments

• Awareness of secure-by-design principles and modern security architectures

IBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.

• Tools and policies to support your work-life balance from flexible working approaches, sabbatical programs, paid paternity leave, maternity leave and an innovative maternity returners scheme
• More traditional benefits, such as 25 days holiday (in addition to public holidays), private medical, dental & optical cover, online shopping discounts, an Employee Assistance Program, life assurance and a group pension plan through salary sacrifice.