Ekco

About the Company

We’re Ekco: The people who power your possible

One of Europe’s leading security-first managed cloud providers. With a network of infrastructure and security specialists across Europe, we’ve perfected our approach to supporting digital transformation.

When you have friendly, experienced cloud and security specialists by your side and solutions that just work, you can take your business to the next level.

Every risk is considered. Every deadline is met.
Massive gains are delivered.

That’s what we’re here to do. We power your possible!

Listed Jobs

Company Name

Ekco

Job Title

SOC Engineer

Job Description

About Ekco

Founded in 2016 Ekco is now one of the fastest growing cloud and security solution providers in Europe!

We specialise in enabling companies to progress along the path of cloud maturity, cybersecurity, managing transformation and driving better outcomes from our customers’ existing technology investments.

We are the people who power your possible.

We have over 1000 highly talented and supportive colleagues (and counting) across a number of regional offices in Ireland, the Netherlands, Malaysia and UK.

The Role

As a SOC Engineer your primary objective is to configure, implement, and maintain the critical infrastructure that supports Security Operations Center (SOC) functions. Your role ensures the seamless operation, scalability, and security of the SOC’s underlying systems, enabling the team to deliver effective cybersecurity services to clients.

Reporting to the regional Head of SOC, the role of SOC Engineer will play a crucial role in deploying, maintaining and monitoring customer SOC tools and underlying infrastructure.

Day to day your role will involve

Assist in provisioning and configuring tools and systems for new clients, ensuring smooth integrations into SOC workflows
Consult with key stakeholders within and outside the organisation. Includes discussion of cybersecurity reports or assessments, specifically Azure/Microsoft 365, and reviewing then planning the implementation of enhanced security controls taking a risk-based approach
Install, manage, and troubleshoot security tools such as SIEMs, EDR, and log management systems.
Implement, deliver, and maintain Microsoft Sentinel Security Incident and Event Monitoring (SIEM) platform. Involves the technical implementation of cloud-based and on-premises data sources, continuous alert-based tuning using Kusto Query Language (KQL), and setting up automated actions where appropriate
Implementation of Security Automation/Orchestration Response (SOAR) tooling. Configuring automated/orchestrated alert enrichment, alert management, and automated response.
Manage user accounts, roles, and permissions across SOC systems to maintain security and compliance
Collaborate with SOC analysts and fellow engineers following feedback from incident investigations to ensure SOC specific infrastructure supports the team going forward to respond to incidents effectively
Attend Client meetings/calls as part of general cyber security consulting, and where required by SOC Leadership
Evaluate and recommend enhancements or new security technologies/tools to improve SOC capabilities
Aiding investigation efforts where asked, to assist SOC Analysts in understanding detections and the information presented to them
Configure, maintain, and optimize SOC-related infrastructure, including servers, virtual environments, and cloud platforms
Act as a key contributor to SOC continuous improvement criteria as required, identifying gaps in existing processes, proposing and documenting working solutions to close gaps
Create custom, ad hoc and monthly reporting solutions for SOC customers as required. Assist in the development of internal SOC reporting solutions
Assist Senior Engineers with the development, testing, and implementation of new SOC solutions across a variety of platforms/toolsets
Performing other miscellaneous duties as assigned by SOC Leadership

About You

Have a minimum of 2 years experience working in an SOC Engineering role
Practical experience in managing and working with hardware infrastructure
Working knowledge in the following areas:
Security Incident and Event Monitoring (SIEM)
Security Orchestration and Automated Response (SOAR)
Endpoint Detection and Response (EDR)
Cloud platforms such as Azure, GCP, AWS
Maintain a strong commitment to customer service by prioritizing a customer-first approach
Adhere to security configuration best practices in all aspects of daily duties
Keen problem solving / troubleshooting skills
Strong analytical skills and a logical approach to resolving issues
A can-do attitude
Excellent written and verbal communication skills. You should be able to communicate technical details clearly at all levels
The ability to adjust and adapt to changing priorities in a dynamic environment
A pro-active approach to addressing issues and requests and the ability to multitask
The ability to learn new technologies and concepts quickly
Great organisational skills and attention to detail
Adaptability to do a range of work, including the complex, non-routine, mundane and multi-environment
Able to work under direction, use discretion and determine when to escalate issues
Effective communication, teamwork and task-time management skills

Desirable

Prior experience working with one or more of the following SIEM or EDR tools – E.g. Microsoft Sentinel, Microsoft Defender for Endpoint, SentinelOne, CrowdStrike
Prior experience working for a MSSP
Prior experience working with SOAR technologies
Expertise in securing cloud-based infrastructures and tools.
Experience with scripting/coding languages e.g. Python, PowerShell

Benefits/Perks

Time off - 25 days leave + public holidays
x1 day Birthday leave per year
Company Pension Scheme (employer contribution 5%) + flexible salary sacrifice
Employee Assistance Programme (EAP) - access to dedicated mental health, emotional wellbeing and general advice
EkcOlympics - a global activity for fun!
Learning & development - Unlimited access to Pluralsight learning platform
A lot of responsibilities & opportunities to grow (also internationally)

Why Ekco

Microsoft’s 2023 Rising Star Security Partner of the year
VMware & Veeam top partner status
Ranked as 4th fastest growing technology company in the Deloitte Fast50 Awards
Ekco are committed to cultivating an environment that promotes diversity, equality, inclusion and belonging
We recognise the value of internal mobility and encourage opportunities for internal development & progression
Flexible working with a family friendly focus are at the core of our company values

Milton Keynes, United Kingdom

Hybrid

31-03-2025

Company Name

Ekco

Job Title

Senior CTI Analyst

Job Description

About Ekco

Founded in 2016 Ekco is now one of the fastest growing cloud solution providers in Europe!

We specialise in enabling companies to progress along the path of cloud maturity, managing transformation and driving better outcomes from our clients’ existing technology investments.

In a few words, we take businesses to the cloud and back!

We have over 1000 highly talented and supportive colleagues (and counting) across a number of regional offices in the UK, Ireland, Benelux, South Africa & Malaysia.

The role

This is a fantastic opportunity to join our fast-growing Intelligence & Exposure team where you will take ownership of delivering Ekco's Managed Cyber Threat Intelligence service, using market-leading threat intelligence tooling and sources to deliver actionable intelligence products. Working as part of the Ecko Security team, you will use your insight and experience to provide tactical, operational, and strategic intelligence to both our customers and colleagues across the wider Ekco business.

Responsibilities

Act as the subject matter expert for potential and existing Ekco MCTI customers.
Manage business-as-usual tasking for the wider MCTI team.
Triage, assess, and action alerts from our proactive intelligence monitoring platform.
Perform exploratory intelligence gathering against our customers and internal systems.
Maintain an internal library of threat actor and suspicious activity profiles.
Track new and existing tactics, techniques, and procedures (TTPs) related to threat actors targeting our customer base.
Provide threat context to support threat hunting and detection engineering functions.
Support incident responders during ongoing security events.
Apply the threat intelligence lifecycle to our existing process and products.
Produce both short- and long-form reports and presentations from our catalogue of intelligence products.
Identify potential new intelligence products and work with leadership to introduce these to service
Contribute to the Intelligence & Exposure team's continuous improvement plan.

About You

2 years' experience in cyber threat intelligence, threat hunting, or related role.
Experience producing threat intelligence products for internal and external stakeholders.
Experience with threat intelligence tools (Recorded Future, OpenCTI, MISP, etc.).
Previous experience delivering cyber threat intelligence services in an MSP/MSSP desirable but not required
Excellent knowledge of fundamental cyber security and threat intelligence concepts, including the Diamond Model and Mitre ATT&CK framework.
Clear and concise written and verbal communicator.
Ability to summarise technical concepts and findings for different audiences.
Good service mindset and understanding of client needs.
Strong attention to detail.
Ability to work effectively with both internal and external stakeholders.
Evidence of published articles/presentations/reports/etc desirable but not required.

Benefits/Perks

Time off - 25 days leave + public holidays
x1 day Birthday leave per year
Company Pension Scheme (employer contribution 5%) + flexible salary sacrifice
Employee Assistance Programme (EAP) - access to dedicated mental health, emotional wellbeing and general advice
EkcOlympics - a global activity for fun!
Learning & development - Unlimited access to Pluralsight learning platform
A lot of responsibilities & opportunities to grow (also internationally)

Why Ekco

Microsoft’s 2023 Rising Star Security Partner of the year
VMware & Veeam top partner status
Ranked as 4th fastest growing technology company in the Deloitte Fast50 Awards
Ekco are committed to cultivating an environment that promotes diversity, equality, inclusion and belonging
We recognise the value of internal mobility and encourage opportunities for internal development & progression
Flexible working with a family friendly focus are at the core of our company values

London, United Kingdom

Hybrid

02-04-2025