SOC Deployment Engineer

Overview of the role

Phoenix enables digital transformation in the workplace, empowering UK organisations to innovate and transform with cloud and hybrid infrastructures, data, AI, security, and collaboration tools.

We are seeking a Deployment Engineer to work within our Security Operation Centre (SOC) environment to support the delivery of managed security services through security toolsets and SIEM technology.

What will you be doing?

• SIEM Solutions - collaborate with stakeholders to define SIEM requirements and design and implement solutions to meet customer security needs. Support the deployment of Security Orchestration, Automation, and Response (SOAR) playbooks to streamline Incident Response processes.
• SOC Infrastructure - ensure the continuous operation and health of SOC infrastructure, including servers, networks, and security appliances. Configure and fine tune ingestion tools to optimise performance and detection capabilities.
• Documentation / Admin - manage individual ticket queues within the SOC, ensuring that Service Level Agreements (SLAs) are met and that all incidents are accurately logged and tracked, with appropriate remediation actions taken.

Why you should apply?

At Phoenix, our philosophy is simple - we aim to be the UK's leading IT solution and managed service provider and that means we recognise that it's our people who are the heart of everything we do. We do this by providing the encouragement, support and skill development that you need to be the very best you can be at work. We are proud of our culture, so much so that we have developed our Culture Blueprint which you can read here.

What are we looking for?

The right person for this role will have experience scoping, designing, and deploying SIEM technologies, maintaining SOC infrastructure, managing Threat Intelligence sources, and supporting the deployment of SOAR playbooks. This role requires a strong understanding of SOC operations, excellent problem solving skills, and the ability to collaborate effectively with various teams.

Key Skills

• Experience with scoping, designing and deploying SIEM tools preferably Microsoft Sentinel.
• Experience with Microsoft Azure.
• Detailed knowledge of communication protocols (HTTP, DNS, TCP/UDP) as well as the various techniques utilised by malware within an operating system for persistence and data collection.
• Practical experience with scripting languages (e.g., Python, Perl, Bash, PowerShell).
• Understanding of virtualisation technologies (e.g. VMware) and cloud environments (e.g. Azure, AWS).
• Strong foundation in security domains such as web security, cloud services security, identity/access management, web application firewalls and intrusion detection.

Practical stuff Where is the role based?

This role can be fully remote with quarterly visits to the office.

How many interviews?

Following a screen with the Recruitment Team you can expect a two stage interview process.

What about security clearance?

SC clearance is required for this role which means you will need to have lived in the UK continuously for at least 5 years and have no criminal record.

What are the benefits?

You can read about the benefits on offer here

Important BPSS Check

As part of our recruitment process due to the nature of the work we do, all employees are required to undertake a Baseline Personal Security Standard (BPSS) check. While some employees require further security clearance, the BPSS check is a must have requirement and all offers of employment are conditional pending the passing of this check.

Have you made it this far?

If you're still reading, we think there's a strong chance you might be our kind of person. Here's the thing, though - research suggests that 60% of women and underrepresented people might have already talked themselves out of applying. Even if you don't check every box above, we want to encourage you to introduce yourself. We believe a diversity of perspectives and experiences makes a team stronger - and the stronger our team, the more successful we will be.