Senior SOC Engineer Job in Scotland

1634 IT & Software Developer jobs in the UK

Company Size

50-200

Company Type

Services

Exp Level

Senior

Job Type

Full-Time

Language

English

Visa sponsorship

Requirements

Must:

- Eligible for, or already holding, SC Clearance. - Proven expertise in IBM QRadar and SIEM engineering. - Strong knowledge of log formats, parsing, and normalisation. - Proficiency in SIEM query languages such as KQL, SPL, and AQL. - Scripting experience with Python or PowerShell for automation. - Deep understanding of threat detection, incident response, and the cyber kill chain. - Familiarity with frameworks including MITRE ATT&CK, NIST, and CIS. - Strong communication, analytical, and presentation skills. - Solid understanding of network traffic flows, vulnerability management, and penetration testing principles. - Knowledge of ITIL processes (Incident, Problem, Change Management). - Ability to work independently and thrive in a 24/7 on-call environment. - 3-5 years' experience in the IT security industry, ideally in a SOC/NOC environment. - Cybersecurity certifications preferred (e.g., ISC2 CISSP, GIAC, SC-200, IBM QRadar Certified Specialist, Splunk Certified Admin/Power User, Google Chronicle Security Engineer). - Hands-on experience with ServiceNow Security Suite. - Familiarity with cloud platforms (AWS and/or Microsoft Azure). - Proficiency in Microsoft Office products, particularly Excel and Word.

Technologies

ITIL

Responsibilities

1. SIEM Engineering & Management - Deploy, configure, and maintain the QRadar SIEM platform. - Onboard and normalise log sources across on-premises and cloud environments. - Develop and optimise analytical rules for threat detection, anomaly detection, and behavioural analysis. 2. Playbook Development & Automation - Design and implement incident response playbooks for scenarios such as phishing, lateral movement, and data exfiltration. - Integrate playbooks with SOAR platforms (e.g., Microsoft Logic Apps, XSOAR) to streamline triage and automate response. - Refine playbooks based on threat intelligence and incident insights. 3. Threat Detection & Response - Monitor and analyse security alerts and events to identify potential threats. - Conduct investigations and coordinate incident response activities. - Collaborate with threat intelligence teams to enhance detection logic. 4. Threat Modelling & Use Case Development - Lead threat modelling exercises using frameworks such as MITRE ATT&CK, STRIDE, and Cyber Kill Chain. - Translate threat models into actionable detection use cases and SIEM rules. - Prioritise detection engineering based on business risk and impact. 5. Reporting & Collaboration - Produce reports and dashboards to communicate security posture and incident trends. - Partner with IT, DevOps, and compliance teams to enforce secure configurations. - Provide mentorship to junior analysts and engineers. - Maintain documentation of security procedures, incident response plans, runbooks, and playbooks. - Contribute to monthly reporting packs in line with contractual obligations. 6. Additional Contributions - Support pre-sales teams with technical requirements for new opportunities. - Demonstrate SOC tools and capabilities to clients. - Participate in continual service improvement initiatives, recommending changes to address recurring incidents.

Description

We are a leading organisation seeking a Senior SOC Engineer to strengthen our security operations capability and drive continuous improvement across detection, response, and automation. This pivotal role requires deep expertise in IBM QRadar, with a strong focus on playbook development, analytical rule creation, and threat modelling. You will play a key role in building and optimising detection and response strategies, ensuring robust protection against evolving threats. This is a permanent position based in Glasgow, Scotland, with a hybrid working arrangement, offering a competitive salary of £60,000 GBP.

Something wrong or incorrect with this job? Tell us in the chat 💬 on the right ➡️

IT & Software developer jobs in the UKSecurity Engineer jobs in the UKSecurity Engineer jobs London

You can find Cyber Security Engineer salaries in the UK here.

How many Cyber Security Engineer jobs are in the UK?

Currently, there are 1634 Security openings. Check also: IAM jobs, SAML jobs, Cisco jobs, Splunk jobs - all with salary brackets.

Is the UK a good place for Cyber Security Engineers?

The UK is one of the best countries to work as a Cyber Security Engineer. It has a vibrant startup community, growing tech hubs and, most important: lots of interesting jobs for people who work in tech.

Which companies are hiring for Cyber Security Engineer jobs in the UK?

Core-Asset Consulting, ApplianSys, u-blox, Serac Group, Mas & Pas Limited, BAE Systems, Leidos among others, are currently hiring for Security roles in the UK.

The company with most openings is Ocho as they are hiring for 61 different Cyber Security Engineer jobs in the UK. They are probably quite committed to find good Cyber Security Engineers.