careers

Cyber Security Engineer (SOC)

Apply Now

Description

Location – Chester, England (Hybrid)
Salary – £45,000 – £60,000 (DoE) + On-Call (£300 per week)

Protos Networks seeks a Cyber Security Engineer to join our security operations team. The primary responsibilities of this role will be to support the Security Operations Centre (SOC) from an engineering and operational perspective. The role will include handling SOC incidents, being a point of escalation for analysts, developing and improving SOC processes, and helping design, deploy, and support critical security systems for Protos and our customers. The successful candidate must have SOC experience and a strong understanding of information systems, security technologies, and incident response procedures.

This varied role covers several functions within the security operations team. As part of a rapidly growing managed security services provider (MSSP), the successful candidate will work on various systems and interact daily with customer IT teams and other internal departments (such as penetration testers and network security engineers). This role is perfect for a mid-level SOC analyst or security engineer looking to move into a senior position and work closely with the Technical Director to grow and develop our SOC and MDR offerings.

Benefits:

  • Fully funded training and support.
  • Competitive salary with incremental increases linked to development.
  • Private health care.
  • Additional holidays for birthdays and length of employment.

Responsibilities

  • Monitoring customer systems via our SOC systems.
  • Triage security alarms and determine appropriate actions.
  • Hunt for threats and vulnerabilities in customer systems.
  • Be an escalation point for analysts for alarms, incidents and technical issues.
  • Document and report customer incidents.
  • Respond to customer inquiries promptly.
  • Design and deploy security solutions, including SIEM, EDR, XDR, SOAR and vulnerability management tools.
  • Support internal SOC systems, automation and workflows.
  • Research and implement new security measures.
  • Look for, recommend and implement
  • Have a firm grasp of security industry trends.
  • Participate in regular team and customer meetings.
  • Create and maintain customer security documentation (i.e. playbooks and IR plans).
  • Draft monthly customer SOC reports and SOC bulletins.
  • Perform forensic analysis on customer systems after an incident.
  • The configuration of APIs, orchestration and automation flows.
  • Advise customers and partners on security best practices.
  • Carry out vulnerability scans and assist with security testing activities.
  • Assisting the sales team in carrying out demonstrations and setting up customer trials
  • Support other organisational functions, including network operations and offensive security teams, as required.

Skills & Experience

Technologies and Skills:

  • Experience using, supporting and deploying SIEM, SOAR, EDR, XDR and vulnerability management tools such as USM Anywhere, CrowdStrike Falcon and Tenable VM.
  • A solid understanding of IP networks and protocols such as TCP/IP, DNS, HTTP(S) and DHCP.
  • Working knowledge of operating systems including Microsoft Windows, macOS, Linux (all flavours), Android and iOS.
  • Experience working with Active Directory and Azure/Entra ID environments.
  • Knowledge of cloud technologies, including Microsoft Azure, Microsoft Intune and Amazon Web Services.
  • System security hardening and secure configuration.
  • REST APIs and coding languages such as Python, Perl and Bash.
  • Digital forensics and incident response.
  • Knowledge of industry standards and frameworks such as NIST SP 800-61r2, MITRE ATT&CK, ISO27001 and Cyber Essentials.
  • Understanding and creating detailed technical documentation.
  • Prioritising personal well-being to avoid stress and professional burnout.
  • Ability to support and mentor junior security analysts.
  • Engaging in industry news, bulletins, training platforms like Hack the Box and building a professional peer network.
  • Eagerness to learn, develop and progress in the cyber security industry.
  • Ability to work independently without supervision.
  • Knows when to make decisions and when to escalate incidents.
  • Ability to build strong customer relationships and to confidently advise customers and other IT organisations.
  • Attention to detail when writing documentation, detailing processes or entering data.
  • Analyse workloads to assign priorities in terms of urgency and importance.

Experience, Licences and Certifications (desirable):

  • Previous experience working in a SOC (mandatory)
  • Security certifications including GIAC/SANS certifications, Practical Malware Research Professional (PMRP), Security Blue Team Level 1 or 2, Cisco Certified CyberOps Associate, and CompTIA Security+.
  • UK Cyber Security Council chartered member status in incident response (highly desirable).
  • Microsoft or AWS certifications (AWS knowledge is highly-desirable).
  • Networking certifications such as CCNA or CompTIA Network+.
  • Degree in Cyber Security.
  • 3 years’ experience in an information security role.
  • Experience working in an MSSP environment (highly desirable).

How to Apply

If you’d like to apply, please send us your CV and a covering email to [email protected]