SOC Engineer | SC | 6months

Location: Remote (occasional onsite meetings)

Rate: £450 Inside IR35

Duration: 6 months

Clearance: SC Mandatory

Client: Public Sector

Support public sector client by providing immediate, hands-on assistance to the Security Operations Centre (SOC), helping to address urgent operational tasks and support capacity management as priorities are defined by Ofsted.

This initial engagement will enable the contractor to build a strong understanding of the current SOC capabilities and operating environment. As the role evolves, the contractor will support Ofsted through a broader security transformation, leveraging automation to improve SOC effectiveness and strengthen the organisation's overall security posture.

Key activities will include unlocking the full potential of Microsoft Sentinel's out-of-the-box capabilities, driving SOAR adoption, and performing a comprehensive gap analysis of existing data sources to improve detection and response.

Required Skills & Experience

Strong understanding of:

• TCP/IP, DNS, HTTP/S, and other network protocols
• Operating systems (Windows and Linux)
• Security frameworks such as MITRE ATT&CK, NIST, and ISO 27001

Hands-on experience with:

• SIEM platforms (eg Microsoft Sentinel, Splunk, QRadar)
• EDR solutions (eg CrowdStrike, Carbon Black)

Proven experience in:

• Monitoring and responding to security alerts and events from SIEM platforms
• Analysing logs and network traffic to identify anomalies and potential threats
• Investigating and triaging security incidents, escalating where appropriate
• Responding to incidents in Real Time using established playbooks
• Conducting root cause analysis and documenting findings clearly
• Supporting containment, eradication, and recovery activities
• Consuming threat intelligence feeds to identify emerging threats
• Performing proactive threat hunting to uncover hidden or advanced threats