SOC Engineer

Posted 17 hours 7 minutes ago by Computappoint

£80,000 Annual
Any
Not Specified
Other
London, United Kingdom
Job Description

  • 6 month FTC
  • Central London - 2 days on-site per week
  • Up to £80,000 (pro rata)
This is a fantastic opportunity to play a pivotal role in maturing and strengthening the security operations capability of a globally recognised law firm. you'll be at the forefront of SIEM engineering, detection content development, and security automation helping to protect one of the most complex and internationally active legal organisations in the world.

Job Title: Information Security Operations Engineer (SOC)
Job Type: Fixed-Term Contract (6 months)
Working Arrangement: Hybrid - 2 days in the office per week
Office Location: Central London

The Role
As a SOC Engineer, you will:
  • Enhance and optimise the firms SIEM platform, improving performance, coverage, and detection fidelity.
  • Identify and onboard new log sources across cloud, on-prem, network, endpoint, and identity platforms.
  • Design and implement advanced detection use cases aligned to MITRE ATT&CK and the cyber kill chain.
  • Build and tune correlation rules, anomaly detections, dashboards, and alerting workflows.
  • Implement SOAR automation to streamline incident response activities.
  • Support SOC analysts and provide SME-level expertise during complex security incidents.
  • Maintain high-quality documentation across data models, use cases, and SIEM architecture.
What We re Looking For
  • Previous experience working within a law firm
  • Hands-on experience with leading SIEM platforms such as Microsoft Sentinel, Splunk, Exabeam, QRadar, or Elastic.
  • Strong understanding of log formats (JSON, syslog, CEF, XML) and ingestion technologies.
  • Solid knowledge of MITRE ATT&CK, threat hunting, and detection engineering principles.
  • Proficiency in Scripting languages including Python, PowerShell, and PowerApps.
  • Familiarity with SOAR platforms and security automation workflows.
  • Relevant professional certifications such as GIAC (GCIA, GCDA, GMON), Microsoft SC-200/SC-100, CISSP, or SSCP are highly desirable.
  • A Level 4 or higher qualification in a computing subject, or equivalent professional experience.
Services offered by Computappoint Limited are those of an Employment Business and/or Employment Agency in relation to this vacancy.

Computappoint do not use AI to filter or assess candidates, we use experienced and dedicated recruiters, who want to match the best people to roles.