Security Operations Engineer - SOC Tier 2 Analyst
On site
Reading, United Kingdom
Full Time
03-04-2025
Job Specifications
Overview
Our team sits at the heart of Microsoft’s AI & High Performance Computing business – shaping and delivering the next generation of supercomputing. As a Security Operations Engineer - SOC Analyst, you will help develop, operate, and maintain security services supporting the evolving needs of one of our largest and most significant customers.
As a Security Operations Engineer - SOC Tier 2 Analyst you support a managed security service for Microsoft working on a long-term cloud integration program. The Security Operations Engineer is responsible for executing a managed cyber security service and will make sure this meets customer contractual requirements and is targeting “goal” zero for all cybersecurity incidents. As a Tier 2 Analyst you will play a critical role in identifying, analysing, and mitigating complex security incidents and breaches within the organizations network and systems. You will work with a wide range of teams to ensure the overall safety and security of the environment and work closely with key stakeholders.
This role will allow you to develop your security and technical skills. You will have the opportunity to impact both Microsoft’s strategy and the world-wide mission of one of the largest and most forward-leaning customers. The customer’s scenarios will be lighthouses for their markets and present an opportunity for Azure and Microsoft to learn and grow, create transformative technology offerings, and advance competitive advantages. Our team values collaboration, craftsmanship, and continuous learning. As a member of the team, you will be able to shape and grow a positive and productive engineering culture.
Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.
Responsibilities
Incident Triage: Investigate and triage security alerts escalated from Tier 1 SOC analysts, determine severity and potential impact of the incident, and follow the triage process until closure.
Threat Analysis: Conduct in-depth analysis of security events to identify malicious activities, tactics, techniques, and procedures used by threat actors. Security Incident Handling: Assisting with the containment, eradication, and recovery process in response to security incidents.
Vulnerability Assessment: Participating in vulnerability assessment and management activities to identify and remediate security weaknesses.
Security Tool Management: Managing and configuring security tools, specifically Microsoft Sentinel and the Microsoft Defender suite including Defender for Cloud and Microsoft 365 Defender.
Threat Intelligence: Utilizing threat intelligence feeds and sources to stay up-to-date with the latest threats and vulnerabilities.
Collaboration: Collaborating with other members of the SOC team, as well as external and internal stakeholders.
Continuous Improvement: Contributing to the improvement of SOC processes, procedures, and documentation, including the creation and upkeep of Analytics Rules,
Playbooks/Notebooks/Workbooks within Microsoft Sentinel.
Leadership: Mentor SOC Tier 1 Analysts to improve detection/analytical capabilities within the
SOC and monitor SOC Tier 1 Analyst performance.
Qualifications
Required Qualifications:
Bachelor's Degree in Statistics, Mathematics, Computer Science or related field
OR Experience in software development lifecycle, large-scale computing, modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology.
Relevant certifications such as Certified Incident Handler (GCIH), Certified SOC Analyst (CSA), Certified Threat Intelligence Analyst (CTIA)
Relevant Microsoft certifications such as Azure Security Engineer Associate (AZ-500), Security Administrator Associate (MS-500), Identity and Access Administrator Associate (SC-300).
Proven experience in a SOC environment, preferably with a focus on Microsoft Defender suite and Microsoft Sentinel.
Other Qualifications
Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings:
Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud Background Check upon hire/transfer and every two years thereafter.
Preferred Qualifications
Master's Degree in Statistics, Mathematics, Computer Science
OR related field
OR Experience in software development lifecycle, large-scale computing, modeling, cyber security, and anomaly detection.
CISSP CISA CISM SANS GCIA GCIH OSCP Security+
Experience reading and/or writing code (e.g., sample documentation, product demos).
In-depth knowledge of security operations center concepts, processes, technologies, tools (technical skills and hands-on experience with various security solutions such as SIEMs (e.g., IBM QRadar), SOARs (e.g., Microsoft Sentinel, Defender suite), XDRs (e.g., CrowdStrike Falcon), threat intelligence platforms (e.g., Recorded Future), vulnerability scanners (e.g., Qualys)), frameworks, standards, and regulations AND OR proficiency in Kusto Query Language (KQL).
Understanding of advanced cybersecurity concepts, threat landscape, and attack methodologies AND OR experience with the creation, configuration and use of Playbooks, Notebooks and Workbooks.
Demonstrated experience in conducting in-depth incident analysis, threat hunting, and forensic investigations.
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form .
Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.
#MSFTNSBE25
#azurecorejobs
About the Company
Microsoft Innovation Center provides students, customers and partners with a comprehensive set of programs and services. The goal of these centers is to foster innovation and growth in local software economies. MIC provides access to world-class resources for students, software developers, IT professionals, academic researchers and entrepreneurs. Primary areas of focus include: A. Building skills and intellectual capital through training courses, employment programs and mentoring experiences. B. Fostering industry partners... Know more
Related Jobs
- Company Name
- Norton Blake
- Job Title
- Security Engineer
- Job Description
- Security Engineer – Azure Focus | Permanent Role My client, a dynamic, award-winning energy group is looking for a hands-on Security Engineer with deep Azure expertise to help evolve and enhance their security operations. This role is ideal for someone who thrives in fast-paced environments and wants to contribute to cutting-edge security strategy and delivery. The Role: As a Security Engineer, you'll take ownership of critical security functions, with a primary focus on cloud (Azure) infrastructure. You’ll be responsible for the maturity and performance of SIEM, SOC, and EDR capabilities, as well as proactively responding to incidents, enhancing compliance, and integrating innovative security technologies. Key Responsibilities: Perform SOC operations including incident triage, threat detection, and response Advance and manage SIEM and EDR systems to optimise threat monitoring in Azure Lead incident response efforts, including root cause analysis and remediation Conduct security testing across applications and networks to identify vulnerabilities Monitor and act on emerging threats with up-to-date threat intelligence Enforce secure coding practices and monitor DevOps pipelines Evaluate, test, and deploy new security technologies Support compliance and audit efforts through evidence gathering and process improvement Carry out risk assessments on corporate environments Manage security awareness programs and execute social engineering campaigns Experience & Skills Required: Experience working with compliance standards like NIST2, SOC2, ISO 27001 Strong hands-on experience managing Azure cloud infrastructure Proven expertise in IAM, vulnerability management, SIEM configuration, and security testing Understanding of networking fundamentals (DNS, WAF, ingress) Familiarity with GIT, version control, and SDLC pipelines Background in CPSM (Cloud Platform Security Management) is advantageous
- Company Name
- Lorien
- Job Title
- Security Architect
- Job Description
- Lorien are currently engaged with a leading Digital services business that offer innovative infrastructure solutions. They have a number of data centres strategically located across the UK and support into the 1000's of clients across various services within Cloud, connectivity and compute services. This role would report into the Head of Cyber Security, the individual will be accountable for the design, development and ongoing maintenance of the organisations security infrastructure. Safeguarding the organisation against cyber threats is a top priority for the business due to the solutions they provide for their clients. Additionally, you will: Conduct risk assessments and vulnerability analysis Develop and maintain security blueprints, standards and guidelines Integrate and deploy security solutions across systems and networks Lead incident response efforts and provide expert troubleshooting Evaluate, recommend, and implement security tools and technologies. Experience: Demonstrative experience in Cyber Security and leading on security architecture Cloud Security, Firewalls, Network security protocols, VPN's and encryption DDoS, Access controls, systems logging, intrusion detection and prevention. Risk Management - analysing and assessing security risks effectively Able to design solutions and troubleshoot complex security issues Explain security concepts to non technical stakeholders and collaboration across multi functional teams Desirable Certification - CISSP, CISM or GIAC - or relevant Disaster recovery Business continuity Knowledge of UK information security laws and standards - NIS2/GDPR Knowledge of security standards - Cyber essentials plus, ISO27001, PCI-DSS, NIST CSF, ISO The salary on the role is paying up to £90,000 with additional benefits including 4x basic salary death in service benefit Unlimited learning and development through the company LMS Private medical (Bupa) Health cash plan 33 days annual leave including bank holidays plus birthday off Annual well-being day Complementary breakfast onsite The company have a 3 days per week in the office and 2 days a week from home policy. If the role is of interest, please apply. Please note: Our client does not offer sponsorship and candidates must be based in the UK within a commutable distance from the office. Carbon60, Lorien & SRG - The Impellam Group STEM Portfolio are acting as an Employment Business in relation to this vacancy.
- Company Name
- SBS
- Job Title
- Cloud Cyber Security Manager
- Job Description
- Company Description SBS is a global financial technology company that’s helping banks and the financial services industry to reimagine how to operate in an increasingly digital world. SBS is a trusted partner of more than 1,500 financial institutions and large-scale lenders in 80 countries worldwide, including Santander, Societé Generale, KCB Bank, Kensington Mortgages, Mercedes-Benz, and Toyota FS. Its cloud platform offers clients a composable architecture to digitize operations, ranging from banking, lending, compliance, to payments, and consumer and asset finance. With 3,400 employees in 50 offices, SBS is recognized as a Top 10 European Fintech company by IDC and as a leader in Omdia’s Universe: Digital Banking Platforms. SBS is headquartered in Paris, France. Job Description Location: Yate, Bristol Permanent, fulltime £60,000-£80,000 per annum (dependant of experience) Hybrid: Minimum of 2 days in the office per week Are you passionate about information & cyber security and looking for your next challenge in a dynamic, fast-growing environment? Our Managed Services function is expanding, and we’re searching for a Cloud Cyber Security Manager to join our team and make a real impact. In this hands-on role, you'll work across teams, ensuring security is embedded into everything we do. You’ll be at the heart of monitoring, protecting, and enhancing our security posture while collaborating with key stakeholders across the business. This is an opportunity to be part of a forward-thinking, security-first culture where your expertise will help drive continuous improvement in a rapidly evolving landscape. What will the role involve? Proactively monitor, detect, and respond to security threats – be the first line of defence in keeping our systems safe. Conduct internal security and compliance audits to ensure processes are followed, and security controls are effective. Collaborate with stakeholders to advocate for and implement best-in-class security practices. Support projects and business initiatives, ensuring security is at the forefront. Mentor and guide junior analysts, sharing your expertise to strengthen our security capabilities. Key Responsibilities: Investigate and respond to security alerts, document findings and collaborate with relevant teams. Lead internal audits to ensure compliance with ISO 27001 and our security policies. Identify vulnerabilities across networks, operating systems, applications, and databases, ensuring risks are addressed effectively. Stay ahead of emerging cyber threats, driving improvements in our security strategy and processes. Provide operational security support to Managed Services teams. Engage with customers and external auditors to demonstrate the strength of our security controls. Ensure changes introduced through CAB do not introduce security risks. Generate and deliver security reports for customers and maintain security packs for project teams. This is your chance to make a real impact in a company that values innovation, collaboration, and security excellence. If you’re ready to take your career to the next level, apply today! Qualifications What are we looking for? Experience securing cloud environments (AWS preferred). A background as a Cyber Security Officer or similar role within a large organisation. Strong knowledge of vulnerability assessment tools & techniques. A solid understanding of networking technologies, security best practices, and OS hardening. Awareness of cyber threats and adversarial techniques used to compromise systems. It would be a bonus if you also had: Security certifications – CompTIA Security+, CISSP, AWS/Cloud certifications are a plus! Experience with Rapid7 InsightVM & InsightIDR or securing enterprise databases. Familiarity with UK financial sector regulations and banking IT operations. Additional Information What are we offering? At SBS, we’re committed to supporting our employees in every aspect of their lives, from health and wellbeing to financial security and lifestyle perks. Here’s a snapshot of the benefits you'll enjoy as part of our team: Competitive salary: £60,000-£80,000 per annum Health & Wellbeing: Private Medical Insurance, access to Peppy (Menopause, Fertility, Baby, Men’s health, Women’s health Support), Health Cash Plan, Dental Insurance, Eye Care Vouchers, Flu Vaccinations Finance & Protection: Life Assurance, Critical Illness Cover, Pension Plan, Long Service Awards, Payroll Giving, Fleet car provider Leisure & Lifestyle: 25 days annual leave, Cycle to Work Scheme, Holiday Trading, Travel Insurance As part of our hiring process, new employees will be required to pass a confidential consumer credit check and DBS check. This is a straightforward credit check for CCJs, bankruptcy and a criminal record check, however if you wish to know more about what is or is not acceptable please ask our recruitment team. At our organization, we are committed to fighting against all forms of discrimination. We foster a work environment that is inclusive and respectful of all differences. All of our positions are open to people with disabilities.
- Company Name
- Fyxer AI
- Job Title
- CyberSecurity Engineer
- Job Description
- The basics: Your title will be CyberSecurity Engineer This role pays £45k-£65k/year (depending on experience) + equity Andy, CISO, is the hiring manager Onsite at our central London office (Holborn) What are we building? An AI Executive Assistant In 1930, the economist John Maynard Keynes predicted that we'd only be working 15 hours a week by 2030. Despite automation in agriculture and industry, that hasn't happened. Why? The service sector. Walk around the average office and you'll see people's days taken up by emails, Slack and meetings instead of real work. People in client facing roles - think sales, professional services firms, recruiters - feel this pain most acutely. Instead of advising and connecting with clients, they spend hours doing admin. Following up. Scheduling meetings, then taking notes on them. Answering questions they've been asked a thousand times. Sorting through the mess that is their inbox. We've built an AI executive assistant that looks at all your emails, messages and meetings, and uses that knowledge to answer your email, schedule meetings, take next steps from meetings and organise your inbox. We turn every employee into a top performer, effortlessly. Unlike other startups, we're a pure-play applied AI company, not a SaaS company with AI features hastily bolted on! We make use of the best techniques (fine tuned open source models, tool use, and retrieval augmented generation) and as a result, users send 53% of the email drafts we generate. How has it been going? We launched our product in March 2024. Since then we've gone from $0 to $4.5m in revenue, across thousands of paid users. We've done this with a team of just 4, without using any paid marketing until the start of November 2024. What do we value? We're very intentional about adding new people. We think a small team of exceptional people working hard at a problem they care about will always beat a larger, more unfocused team. That does mean you'll need to bring an intensity to this role that might not be asked at other companies. But it also means you will be fast tracked into more senior roles and responsibilities far earlier. We predict we'll reach $20m in revenue by the end of 2025 - there will be plenty of opportunities for you! We also believe in hiring people who want ownership and autonomy in their work, and giving it to them. We only hire product engineers. What that means is instead of just being given tickets to implement, you'll be owning a whole product: shaping the roadmap by thinking from first principles, looking at usage data and speaking to customers, then architecting and implementing your ideas. What does our ideal hire look like? We are looking for a Cybersecurity Engineer with at least 2 years of hands-on experience to support our cybersecurity initiatives and help safeguard our digital assets. You will work closely with senior engineers to detect, prevent, and respond to threats while also contributing to the development and enforcement of security best practices. This is a great opportunity for someone who has moved beyond entry-level tasks and is ready to take on more responsibility. 2+ years of professional experience in cybersecurity, IT security, or a related technical role Familiarity with cybersecurity frameworks and standards (e.g., NIST, CIS Controls, ISO 27001) Working knowledge of networking, operating systems (Windows/IOS), and security protocols Experience with one or more security tools (e.g., Splunk, Nessus, CrowdStrike, Palo Alto, Wireshark) Basic understanding of cloud security concepts (AWS, Azure, or GCP is a plus) Ability to analyse logs, spot anomalies, and investigate potential threats Strong troubleshooting and documentation skills Security certifications such as Security+, CEH, or CySA+ are preferred but not required Exposure to scripting (Python, PowerShell, Bash) for automation tasks Experience participating in tabletop exercises or incident simulations Awareness of emerging cybersecurity threats and attack techniques A bit more about what you will be doing: We're looking for a dedicated and detail-oriented Cybersecurity Engineer to join our growing team. In this role, you'll play a key part in strengthening our security posture by contributing to the development and enforcement of cybersecurity policies and procedures. You'll work closely with our IT and DevOps teams to embed security best practices into systems and software from the ground up. Your day-to-day will involve assisting in threat hunting, risk assessments, and vulnerability management including running scans, analyzing findings, and supporting remediation plans. You'll actively monitor and respond to security alerts using tools like SIEM, IDS/IPS, and endpoint protection platforms. You'll also be involved in incident response efforts, from investigation and containment to resolution. In addition, you'll help implement and maintain security controls across systems, networks, and cloud environments, support patch management cycles, and conduct regular audits of system configurations, access controls, and user permissions. This is a hands-on, collaborative role where your contributions will directly enhance the security and resilience of our infrastructure. If you have a proactive mindset and a passion for cybersecurity, we'd love to hear from you. The application process: Submit your CV (no need for a cover letter) We'll review it An initial call with someone from the Fyxer AI talent team to review your experience and motivation for joining (20 mins) Hiring Manager Interview (30 mins) Case study (45 minutes) Meet more of the team over lunch (60 mins)