Security Operations Engineer

Axis, part of AxisCLC is a national property maintenance and compliance partner, delivering essential repairs, refurbishment and building safety services across the UK. With over 110 years of combined experience, more than 2,500 colleagues and 400+ clients, we play a vital role in keeping homes and public buildings safe, compliant and performing at their best.

As part of our continued investment in technology, cyber resilience and information security, we are expanding our Group IT and Cyber Security function.

We are recruiting a Security Operations Engineer to join our Cyber Security team. Reporting directly to the Cyber Security Lead, this is a hands on, operational role focused on the day to day monitoring, management and continuous improvement of our security infrastructure across Microsoft 365 and Azure environments.

The role is fully remote with travel as required. You will work closely with our outsourced Security Operations Partner, acting as the primary internal point of contact for operational cyber security activity and incident response.

What You'll Do

• Act as the primary operational point of contact for cyber security activity across the business
• Monitor and operate Microsoft Defender for Endpoint, Defender for Cloud Apps, Defender for Office 365 and Azure Sentinel
• Investigate security alerts and suspicious activity, coordinating incident response with our Security Operations Partner
• Support the management of high and critical severity security incidents from detection through to resolution
• Provide hands on operational support to the Cyber Security Lead during major incidents
• Conduct proactive threat hunting and analyse logs and telemetry to identify indicators of compromise
• Tune detection rules to reduce false positives and improve detection effectiveness
• Identify gaps in security coverage and recommend and implement improvements to controls and processes
• Develop and maintain security automation, including Sentinel playbooks and automated workflows
• Work with the Infrastructure Team to ensure endpoints are patched and configured in line with best practice
• Maintain clear documentation, incident reports and operational procedures

Skills, Knowledge & Experience Essential

• Hands on experience operating Microsoft 365 security tools and Microsoft Azure
• Practical experience investigating security alerts and responding to incidents
• Experience working with ticketing systems to manage security incidents and requests
• Strong troubleshooting skills and the ability to remain calm under pressure
• Experience working collaboratively with third party security partners or SOC providers
• Ability to produce clear incident reports and maintain operational documentation
• Strong communication skills, with the ability to explain technical issues to non technical stakeholders
• Proven experience working in an operational Security Operations Engineer role or similar cyber security position

Desirable

• Experience supporting Cyber Essentials and/or ISO 27001
• Familiarity with Azure Sentinel and KQL (Kusto Query Language)
• PowerShell scripting experience for automation
• Understanding of the MITRE ATT&CK framework

What We Offer

• Salary of £55,000 - £65,000 depending upon experience
• Pension and life assurance
• 25 days' annual leave plus bank holidays
• Hybrid working from our Stratford, East London office
• Opportunities to develop technical skills and progress within Group IT
• Supportive, collaborative team environment within a growing cyber security function

Why Axis CLC

At Axis CLC, we deliver work that matters. Our teams support vital services across housing, education, healthcare and public infrastructure. We are committed to continuous improvement, innovation and providing our people with meaningful opportunities to grow and develop.

Our Commitment to Inclusion

Many faces, one Axis CLC. We are proud to be an equal opportunities employer and value diversity across our workforce. If you require any reasonable adjustments during the recruitment process, please let us know.