SecOps Engineer
We are looking for a Security Operations Engineer (SecOps) to play a key role in our day?to?day security operations. This position focuses on detection, analysis, and incident response, working closely with internal IT teams and a 24/7 Security Operations Center (SOC).
This is a hands?on role for a security professional who enjoys investigating alerts, responding to real incidents, and continuously improving detection and response capabilities across cloud, identity, endpoint, and collaboration platforms.
Key Responsibilities
Monitoring & Detection
- Ensure continuous monitoring of security controls and detection platforms.
- Detect, analyze, and qualify suspicious or malicious activity across cloud, on?prem, identity, and endpoint environments.
- Help maintain high?quality detection capabilities with a strong focus on low false?positive rates and actionable alerts.
Alert Analysis & Triage
- Assess and prioritize security alerts based on risk, scope, and business impact.
- Qualify incidents and provide clear, concise, and actionable diagnostics.
- Escalate appropriately to the 24/7 SOC or relevant IT teams with structured context.
Security Incident Response
- Actively participate in security incident response activities.
- Support containment, mitigation, and remediation actions in coordination with IT and security partners.
- Work closely with the 24/7 SOC and internal stakeholders during active incidents.
Security Posture & Continuous Improvement
- Contribute to security hardening and control configuration improvements.
- Improve detection rules, alert logic, and operational security workflows.
- Leverage lessons learned from incidents to strengthen the overall security posture.
Documentation & Reporting
- Clearly document security incidents, investigations, and response actions.
- Contribute to concise, risk?oriented security reporting for internal stakeholders.
Microsoft 365 Security
- Contribute to the secure operation of Microsoft 365 environments.
- Monitor and analyze alerts related to identity, email, collaboration, and endpoint usage.
- Participate in Microsoft 365–related incident response activities.
- Support configuration hardening and continuous improvement of security controls.
- Contribute to awareness initiatives around identity?based and email?driven threats.
Collaboration & Governance
- Work closely with Support, Infrastructure, Cloud, and Digital teams.
- Interface with the 24/7 SOC and external security partners.
- Participate in incident simulation and tabletop exercises.
- Contribute to security procedures, runbooks, and operational documentation.
- Operate within the group security governance framework.
Security Environment
You will work across a modern, mixed environment including:
- Azure cloud and on?premise infrastructure
- Endpoint and workload protection (EDR/XDR)
- SIEM and detection platforms
- Microsoft 365 security stack
- ZTNA, Secure Web Gateway, and DLP solutions
- Integration with a 24/7 SOC and threat intelligence services
What You Bring
Experience & Skills
- Around 5 years of experience in SecOps, SOC, or security operations roles.
- Strong understanding of cloud, hybrid, and collaborative environments.
- Solid security monitoring, detection, and incident response mindset.
- Experience working with SIEM, EDR/XDR, Microsoft 365 security, or equivalent platforms.
- Pragmatic, outcome?driven approach to security operations.
Personal Qualities
- Calm, structured, and reliable under pressure.
- Strong sense of priorities and risk?based decision making.
- Team?oriented with clear and effective communication skills.
- Continuous improvement mindset and curiosity about emerging threats.
#LI-SG1