An exciting opportunity has arisen at an award-winning Microsoft Partner for a SOC Engineer. The business is a fast-growing, industry-leading Managed Security Service Provider (MSSP), delivering security operations services into public sector and government clients, as well as mid and large enterprise organisations.

This is a fantastic opportunity for a SOC Engineer to continue their development within an established Microsoft Partner. The organisation places a strong emphasis on developing its people, offering ongoing support for training and industry certifications. You will gain exposure to cutting-edge Microsoft security technologies while working across security operations and cyber defence in a customer-facing MSSP environment.

This is a predominantly remote role; however, you must be based in the UK to be considered. Due to the nature of the clients supported, candidates must be eligible for SC and NPPV3 security clearance.

• Create, maintain, and optimise Microsoft Sentinel analytics rules, Logic Apps, and playbooks to support incident detection and response.
• Support and enhance integrations between Microsoft Sentinel and other security and IT systems to improve visibility and automation.
• Leverage APIs and automation to streamline SOC workflows and increase operational efficiency.
• Design and deploy automated workflows to support routine SOC activities such as alert enrichment, notifications, and evidence gathering.
• Work closely with SOC analysts, security engineers, and customer stakeholders to improve detection capability and overall security posture.
• Monitor, maintain, and continually improve SOC tooling and automation to ensure effectiveness and reliability.
• Provide operational support within an MSSP environment, responding to security incidents for public sector customers in line with agreed SLAs.

• Hands-on experience with Microsoft Sentinel within a SOC or MSSP environment.
• Experience building and maintaining automation using Azure Logic Apps and Sentinel playbooks.
• Working knowledge of API integrations to support security tooling and workflows.
• Strong written and verbal communication skills, with the ability to work with both technical teams and customers.
• Solid technical understanding of IT and cloud security, including: Microsoft 365, Defender XDR, Entra ID (Azure Active Directory) and Azure Portal.