The Role: As a SOC Engineer, you will:
- Enhance and optimise the firms SIEM platform, improving performance, coverage, and detection fidelity.
- Identify and onboard new log sources across cloud, on-prem, network, endpoint, and identity platforms.
- Design and implement advanced detection use cases aligned to MITRE ATT&CK and the cyber kill chain.
- Build and tune correlation rules, anomaly detections, dashboards, and alerting workflows.
- Implement SOAR automation to streamline incident response activities.
- Support SOC analysts and provide SME-level expertise during complex security incidents.
- Maintain high-quality documentation across data models, use cases, and SIEM architecture.
What We re Looking For
- Previous experience working within a law firm
- Hands-on experience with leading SIEM platforms such as Microsoft Sentinel, Splunk, Exabeam, QRadar, or Elastic.
- Strong understanding of log formats (JSON, syslog, CEF, XML) and ingestion technologies.
- Solid knowledge of MITRE ATT&CK, threat hunting, and detection engineering principles.
- Proficiency in Scripting languages including Python, PowerShell, and PowerApps.
- Familiarity with SOAR platforms and security automation workflows.
- Relevant professional certifications such as GIAC (GCIA, GCDA, GMON), Microsoft SC-200/SC-100, CISSP, or SSCP are highly desirable.
- A Level 4 or higher qualification in a computing subject, or equivalent professional experience.