Security Operations Support Engineer

About

Our client is a forward-thinking business with a genuine commitment to staying ahead of cyber threats. The security operations team is technically sharp, tightly run, and quietly proud of the infrastructure they protect. If you want a role where your contribution shows up directly in the metrics, this one is worth a look.

As the Security Operations Support Engineer, you’ll be the person keeping security tools and data pipelines running reliably, day in and day out. This isn’t a role where you’ll be waiting for tickets to land in a queue. You’ll be proactively monitoring alert pipelines, getting into the details of security tool integrations, and using your analytical mind to investigate issues before they become incidents.

If you enjoy a mix of independent work and cross-functional collaboration, you’ll thrive here. You’ll be working closely with SOC, IT, and cloud teams, contributing to incident response, and building out automation that takes the repetitive tasks off the team’s plate. There’s also real scope to grow: whether that’s deepening your threat detection capability, sharpening your scripting skills, or contributing to larger security integration projects, the environment supports it.

The role does include participation in on-call rotations and occasional after-hours work during incidents or maintenance windows, so you’ll need to be comfortable with that reality. In return, you get a technically strong team, meaningful work, and a hybrid setup that gives you some flexibility.

What's in it for you:

• Exposure to a broad range of security platforms and cloud environments.
• The chance to build automation that has a real operational impact.
• A technically strong, collaborative team that takes their craft seriously.
• Scope to grow into more complex incident response and detection engineering.

Minimum Requirements:

• 2 to 5 years of experience in cybersecurity, SOC, or IT operations.
• Solid understanding of networking fundamentals: TCP/IP, DNS, VPNs, firewalls.
• Working knowledge of Windows and Mac operating systems.
• Experience with security monitoring, logging, and alerting concepts.
• Ability to independently troubleshoot and resolve technical issues.
• Working knowledge of incident response processes.
• CompTIA Security+, Certified SOC Analyst (CSA), or GIAC GSEC/GCIH is advantageous.
• Experience with Splunk, Microsoft Sentinel, or Elastic Security is advantageous.
• Familiarity with cloud platforms (AWS, Azure, or GCP) is advantageous.

Key Responsibilities:

• Monitor system performance and alert pipelines to ensure reliability.
• Investigate and resolve issues related to security tools and integrations.
• Perform in-depth analysis of security alerts and escalate when necessary.
• Support and actively participate in incident response activities.
• Develop basic automation and scripts to streamline repetitive operational tasks.
• Collaborate with SOC, IT, and cloud teams to address security gaps.
• Assist with vulnerability management and remediation tracking.
• Maintain and improve technical documentation, runbooks, and processes.
• Contribute to security tool onboarding and integration projects.