SOC Deployment Engineer

Overview of the role 

Phoenix enables digital transformation in the workplace, empowering UK organisations to innovate and transform with cloud and hybrid infrastructures, data, AI, security, and collaboration tools.  

We are seeking a Deployment Engineer to work within our Security Operation Centre (SOC) environment to support the delivery of managed security services through security toolsets and by SIEM technology.   

What will you be doing? 

• SIEM Solutions – you will collaborate with stakeholders to define SIEM requirements and then design and implement SIEM solutions to meet the security needs of our customers. You will also support the development and assist with the deployment of Security Orchestration, Automation, and Response (SOAR) playbooks to streamline Incident Response processes.   

• SOC Infrastructure – you will ensure the continuous operation and health of SOC infrastructure, including servers, networks, and security appliances as well as configure and fine-tune ingestion tools to optimise performance and detection capabilities. 

• Documentation / Admin – you will manage individual ticket queues within the SOC, ensuring that Service Level Agreements (SLAs) are met and ensure that all incidents are accurately logged and tracked, and that appropriate remediation actions are taken.   

Why you should apply? 

At Phoenix, our philosophy is simple – we aim to be the UK’s leading IT solution and managed service provider and that means we recognise that it’s our people who are the heart of everything we do. 

We do this by providing the encouragement, support and skill development that you need to be the very best you can be at work. We are proud of our culture, so much so that we have developed our Culture Blueprint which you can read here. 

What are we looking for? 

The right person for this role will have experience scoping, designing, and deploying SIEM technologies, maintaining SOC infrastructure, managing Threat Intelligence sources, and supporting the deployment of SOAR playbooks. This role requires a strong understanding of SOC operations, excellent problem-solving skills, and the ability to collaborate effectively with various teams.   

Key Skills: 

• Experience with scoping, designing and deploying SIEM tools preferably Microsoft Sentinel.   

• Experience with Microsoft Azure 

• Detailed knowledge of communication protocols (HTTP, DNS, TCP/UDP) as well as the various techniques utilised by malware within an operating system for persistence and data collection.  

• Practical experience with scripting languages (e.g., Python, Perl, Bash, PowerShell).  

• Understanding of virtualisation technologies (e.g. VMware) and cloud environments (e.g. Azure, AWS)  

• Strong foundation in security domains such as web security, cloud services security, identity/access management, web application firewalls and intrusion detection 

Practical stuff 

Where is the role based? 
This role can be fully remote with quarterly visits to the office. 

How many interviews? 
Following a screen with the Recruitment Team you can expect a two-stage interview process. 

What about security clearance? 
SC clearance is required for this role which means you will need to have lived in the UK continuously for at least 5 years and have no criminal record. 

What are the benefits? 
You can read about the benefits on offer here