The DigitalXRAID Security Operations Centre provides around the clock protective monitoring solutions to a client base that spans multiple industry verticals. Utilising industry-leading detection technology, our team of experienced SOC team members work to provide assurance detection and incident response capabilities to organisations of all sizes. DigitalXRAID are looking for a Security Operations Engineer to join their CREST certified Security Operations Centre and Incident Response team based in Doncaster, United Kingdom. This role is UK office hours (Mon - Fri 9am-530pm) with requirements to work in the office two days per week. There is also the potential to be on-call in this role as the Security Operations Centre covers clients 24x7x365. The successful candidates will work in the Security Operations Centre on both reactive and proactive security engagements with regards to Security Information & Event Management (SIEM), Intrusion Detection Systems (IDS), Cyber Threat Intelligence (CTI), Threat Mining (TM) and Endpoint Protection & Detection (EDR) Role Responsibilities You will work alongside the SOC team to ensure the effective delivery of the following: Provide around the clock protective monitoring through the use of industry leading security tools Provide advice and guidance to client targets of cyber attacks and malicious activity to a high standard. Provide incident reporting capabilities ensuring that all information is provided in a timely, accurate and effective manner. Provide support to other SOC team members during security incidents and Threat Mining engagements. Assistance with onboarding process - deployment of SIEM, EDR and Vulnerability Management tools Serve as a technical point of escalation and provide mentoring for Junior Security Operations Center (SOC) team members. Responsible for Engineering solutions, deploying security tooling, investigating incidents, analysing attack methods, researching new defense techniques and tools, developing security policy, and documenting procedures for SOC. Prepare reports, summaries, and other forms of communication that may be both internal and client facing. Ensure compliance to SLA, process adherence and process improvisation to achieve operational objectives Malware analysis and other attack analysis to extract indicators of compromise. Perform data security event correlation between various systems. Assistance with firewall management. Creation of new detection and automation rules. Delivery Demos to prospective clients and be involved with scoping engagements Key Skills The successful candidate will exhibit the following key skills and/or traits: Excellent communication skills and comfortable in a client facing role. A keen interest in cyber security and associated industries. A heightened awareness of current affairs in the cyber security industry. Proven ability to effectively communicate when under pressure (high pressure situations may arise during ongoing incidents or attacks). • Proven ability to adapt to difficult situations (high pressure situations may arise during ongoing incidents or attacks). Ability to commute to the office a few times per month to collaborate with peers. Industry certifications would be highly advantageous if the candidate has any of the following (Microsoft SC-200, AZ-500, SC-100 ) Experience in any of the following technologies would be advantageous - MS Sentinel, MS Defender, USM Anywhere, SentinelOne, Tenable IO