IT Specialist - SOC and SIEM

About the Role

The role of IT Specialist – SOC and SIEM reports to the IT Manager and is responsible for strengthening the organisation’s detection and response capabilities. You will deliver technical processes across SOC operations, SIEM optimisation, vulnerability and patch management, incident response, disaster recovery and asset and threat discovery, working closely with analysts, IT operations, engineering and risk teams. • Optimise SIEM platforms for accurate log ingestion, parsing and correlation. • Develop and tune detection rules, dashboards and automated alerts to improve threat visibility and reduce false positives. • Integrate threat‑intelligence feeds and align detection with frameworks such as MITRE ATT&CK. • Enhance SOC triage workflows and overall operational efficiency. • Automate vulnerability scanning across endpoints, servers and cloud workloads and coordinate patch deployment to minimise exposure. • Track remediation progress, verify fixes through re‑scans and produce compliance reports. • Create and maintain incident‑response and disaster‑recovery playbooks for common attack scenarios. • Plan and execute tabletop exercises and simulations to validate readiness and response times. • Provide technical support for containment, eradication and recovery during live incidents and contribute to root‑cause analysis. • Deploy continuous asset‑discovery tools to keep an accurate inventory and feed data into CMDB and SIEM. • Implement threat‑discovery solutions to proactively identify emerging risks and anomalous behaviour. • Maintain detailed records of incidents, vulnerabilities and remediation status and support audit preparation for Cyber Essentials, ISO 27001 and internal reviews. • Contribute to the development and updating of security policies, standards and operational procedures. • Reduce Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR). • Close vulnerabilities and achieve patch‑compliance within defined SLA. • Complete incident‑response and disaster‑recovery exercises with improved readiness scores. • Ensure accurate asset inventory and comprehensive threat‑discovery coverage. • Maintain audit readiness and submit successful evidence for compliance reviews.

Key Responsibilities

• ▸siem optimisation
• ▸detection rules
• ▸vulnerability scanning
• ▸incident response
• ▸asset discovery
• ▸threat intelligence

What You Bring

The appointment is conditional on obtaining the appropriate level of security clearance. The company does not sponsor Skilled Worker visas, but welcomes candidates eligible for alternative UK immigration routes. • Hands‑on experience with SIEM platforms and SOC operations in a complex enterprise environment. • Strong knowledge of detection engineering, vulnerability management, patching processes and incident‑response/disaster‑recovery frameworks. • Practical experience with asset‑discovery tools and threat‑detection methodologies. • Experience supporting security audits and maintaining compliance evidence. • Ability to interpret and apply security policies, standards and regulatory requirements. • Strong problem‑solving, analytical and communication skills for both technical and non‑technical audiences. • Proven ability to work independently and collaboratively, managing multiple priorities in a fast‑paced setting. • Industry certifications such as CISSP, CCSP or equivalent (desirable). • Experience with automation tools, vulnerability scanners and EDR/XDR platforms (desirable). • Familiarity with frameworks and standards like MITRE ATT&CK, ISO 27001 and NIST CSF (desirable). • Participation in incident‑response activities and post‑incident reviews (desirable). • Awareness of security automation and scripting (desirable). • Meticulous attention to detail in detection, configuration and documentation. • Strong analytical thinking to interpret complex alerts and prioritise remediation. • Collaborative approach with SOC, IT, engineering and risk teams. • Clear communication adapting technical information for diverse audiences. • Proactive identification and action on opportunities to improve operational resilience. • Upholds the highest standards of integrity, confidentiality and professional conduct. • Resilient and adaptable under pressure and changing priorities.

Requirements

• ▸siem
• ▸soc
• ▸cissp
• ▸edr/xdr
• ▸mitre att&ck
• ▸problem solving

Benefits

Employees enjoy a comprehensive benefits package that includes financial wellbeing programmes such as pension matching, life assurance and income protection, an employee‑ownership model with profit‑sharing and a voice in the business, private medical insurance and health cash plans, generous holiday entitlement and flexible leave, enhanced family and caring leave, continuous learning and development opportunities, and access to networks that support diversity and community impact. • Pension matching between 4.5 % and 7 % of salary and life‑assurance cover up to 4 × basic salary. • Income‑protection scheme, flexible benefits and annual bonus opportunities. • Employee‑ownership model providing profit‑sharing, stakes and a voice in senior leadership decisions. • Private medical insurance, health cash plan and menopause support through Peppy. • Minimum 33‑35 days holiday (increasing to 35 after five years) with the option to buy or sell leave. • Enhanced family leave: 26 weeks paid maternity/adoption, two weeks paid paternity/partner, shared parental leave up to 24 weeks full pay, and additional caring days. • Annual professional institution subscription, mentoring, formal training and self‑development options. • Access to employee networks supporting LGBTQ+, gender, race, disability and parent/carer communities and opportunities to contribute to social outcomes.

Work Environment

Office Full-Time