
Lead SOC Engineer
On-site
Full Time
#Technology
#Security
#Cloud
#Cloud Security
#Automation
#DevSecOps
#AWS
#EKS
#Splunk
#Prisma
#Kubernetes
We are looking for a dedicated Lead SOC Engineer to join our team in the United Kingdom on a full-time, on-site basis. Reporting directly to our CISO, you will play a pivotal role in shaping our security operations. Our mission is to leverage cloud-native security tools and advanced automation to shift the burden of routine tasks onto machines, allowing our human experts to focus on high-impact security challenges. You will collaborate closely with our Product Managers, SREs, and broader engineering teams to embed a DevSecOps model across the business, ensuring that every team is fully prepared for incident response.
Key outcomes
- Operationalize and mature our Security Operations strategy through the implementation of robust technical controls.
- Drive cloud security governance within AWS and EKS environments by utilizing monitoring, posture management, and vulnerability scanning tools.
- Deliver end-to-end automated solutions, including custom workflows, dashboard creation, and system configurations.
- Develop our SIEM into a centralized source of truth that provides clear visibility into security health across the business.
- Lead cyber and DLP investigations while managing forensic activities and incident response procedures.
- Build and track relevant KPIs to provide actionable insights to the CISO and other stakeholders.
- Act as a subject matter expert, providing guidance on disaster recovery, threat intelligence, and proactive security measures.
- Promote a strong culture of compliance and ensure all regulatory standards are met, including those related to the Senior Managers and Certification Regime.
Requirements
- Extensive professional experience in intrusion analysis, incident handling, malware analysis, and vulnerability assessment, ideally within the FinTech sector.
- Deep technical expertise in Splunk Cloud and ES.
- Strong proficiency with major public cloud providers, specifically AWS, and a solid understanding of the Kubernetes ecosystem.
- Proven ability to automate workflows through coding and scripting.
- Comprehensive knowledge of security concepts, including threat vectors, risk management, and the MITRE ATT&CK framework.
- Excellent communication skills with the ability to explain complex vulnerabilities and risks to senior stakeholders.
- A commitment to continuous learning, evidenced by a requirement to maintain a CPD log of 35 hours per year.
- Ability to act in accordance with all relevant conduct rules and internal compliance policies.
Preferred qualifications
- Hands-on experience working with DarkTrace and Prisma Cloud.
- Experience in serverless security and Infrastructure as Code environments.
How to apply
If you are a self-starter who is passionate about building automated, machine-led security operations, we invite you to apply. Please submit your application to be considered for this opportunity to help us secure our cloud-native infrastructure.




