Security Operations Engineer ITPS

Benefits
Pulled from the full job description
Annual leave
Car scheme
Company pension
Cycle to work scheme
Employee discount
Enhanced maternity leave
Enhanced paternity leave

Full job description
The Role:

This is a dynamic and challenging hybrid role that blends the strategic, proactive nature of security engineering with the fast-paced, responsive world of a Security Operations Centre (SOC). As a Security Operations Engineer, you will play a visible and meaningful role in shaping our services and response capability. One day you might be deploying and configuring a new security solution for a client, and the next you could be deep-diving into a complex incident investigation.

This position is ideal for a proactive problem-solver who thrives on variety and is eager to make a tangible impact in a growing MSP environment. You will have the opportunity to work with a modern security stack and be a trusted advisor to both our internal teams and our valued clients.

Core Responsibilities:

Project & Engineering (50%)

Tooling Enhancement: Take ownership of the continuous improvement of our security toolset, including SIEM, EDR, and other security platforms.
Deployments & Configuration: Lead and support the deployment and configuration of security solutions for our clients, ensuring they are optimised for their specific environments.
Automation: Identify opportunities to automate routine tasks and responses, improving the efficiency and effectiveness of our SOC (via scripting or SOAR tooling where appropriate).
Service Improvement: Contribute to the development and refinement of our security service offerings, documentation, and operational procedures.
Technical Leadership: Act as a subject matter expert on our core security technologies, providing guidance and mentorship to other team members.
Security Operations (50%)

Incident Response: Serve as a Tier 2/Tier 3 escalation point for complex security incidents, conducting in-depth investigations, and providing clear, actionable remediation guidance.
Threat Hunting: Proactively hunt for threats and vulnerabilities across our clients' environments, leveraging threat intelligence and your analytical skills.
Alert Triage & Analysis: Analyse and respond to alerts from security platforms, distinguishing between false positives and genuine threats.
Client Communication: Liaise with clients during security incidents, delivering clear, timely, and professional updates that instil confidence.
On-Call Support: Participate in our compensated on-call rotation, averaging one week per month, to provide expert out-of-hours support for critical security escalations.
What You'll Bring (Experience & Skills)

We are looking for a combination of practical experience and a strong desire to learn. While the list below is comprehensive, we don't expect candidates to meet every single requirement. If you are passionate about security and meet many of the criteria, we strongly encourage you to apply.

Required Experience:

Proven experience in a Security Operations role (SOC Analyst, Incident Responder, or similar).
Hands-on experience with SIEM platforms, with a strong preference for Microsoft Sentinel.
Demonstrable expertise with EDR/XDR technologies such as MDE, Acronis, CrowdStrike and others.
Familiarity with DNS/proxy security tools like Cisco Umbrella.
A solid understanding of the broader Microsoft Security stack, including Defender suite, Conditional Access, and Azure AD.
Experience with incident response methodologies and digital forensics.
A good understanding of networking fundamentals (TCP/IP, DNS, DHCP, etc.).
Desirable Experience:

Previous experience working for a Managed Service Provider (MSP) or in a consulting capacity is highly advantageous.
Experience with scripting and automation (e.g., PowerShell, Python).
Understanding of detection engineering, threat hunting, and alert tuning principles
Knowledge of vulnerability management tools and processes.
Key Soft Skills:

Exceptional Communication: You can clearly explain complex concepts to technical and non-technical audiences alike, both in writing and conversation.
Collaborative Mindset: You enjoy working as part of a team and are always willing to share your knowledge and support your colleagues.
Strong Prioritisation: You can effectively manage multiple tasks and priorities in a fast-paced environment, from long-term projects to urgent incidents.
Professionalism & Stakeholder Management: You are comfortable and professional when interacting with external clients, inspiring confidence and trust.
Analytical & Inquisitive: You have a curious mind and a passion for problem-solving, with a keen eye for detail.
Desirable Certifications:

We value continuous learning and recognise the commitment it takes to achieve industry certifications. We appreciate candidates with any combination of the following or equivalent qualifications. Don't be discouraged if you don't hold all of them; your practical experience is just as important.

Microsoft: SC-200 (Security Operations Analyst), AZ-500 (Azure Security Engineer), MS-500 or equivalent.
Hands-On Technical: Blue Team Level 1/2 (BTL1/2) or GIAC certifications (e.g., GCED, GCIA, GCIH).
Industry Standard: CompTIA Security+, CySA+, or CASP+.
Other Relevant Certs: Cloud or network security certifications (e.g., CCSP, CCNP Security) are also welcomed.
You must live within commutable distance of County Durham as this role requires you to be office based 3 days per week

Pay Band - £competitive - depending on skills, qualifications and experience

Working Hours: 8:30am - 5:00pm Monday to Friday, 3 days office/2 days home

Who are ITPS?

We're experts in solving complex business problems through intelligent and secure IT implementation that protects and transforms organisations, helping them to grow. We embrace innovation and drive change, bringing new ideas, new technologies and new ways of thinking as a trusted IT partner.

With 26 years of experience, we partner with companies across the public and private sector to deliver data centre, cyber security, cloud, data and analytics, network services and managed services solutions.

Our highly accredited and experienced engineering teams combined with our strategic relationships with partners such as Microsoft and Cisco, mean that our customers trust us to simplify the complexity of IT and deliver benefits that make them more agile, competitive and resilient. Our vision is a world in which technology makes lives easier, society fairer and our planet greener.

Employee Benefits:

A clearly defined training and progression plan
27 days annual leave & your birthday off work
Annual pay reviews
Hybrid/flexible working (3 days office/2 days home)
Enhanced sick pay benefit (4 months full pay)
Enhanced maternity leave benefit (4 months full pay)
Enhanced paternity leave benefit (2 weeks full pay)
Salary Sacrifice pension scheme match funded by the company up to 7%
Salary sacrifice schemes - Cycle to Work, Tech & Home Scheme and Electric Car Lease Scheme
Perkbox membership and Costco card
Fresh fruit, snacks, soft drinks and a commercial coffee machine provided
Job Types: Full-time, Permanent

Pay: From £40,000.00 per year

Schedule:

Monday to Friday
Application question(s):

Will you now, or in the future require visa sponsorship to work in the UK?
Do you live within easy commuting distance of County Durham as the role is office based?
Work authorisation:

United Kingdom (required)
Work Location: In person