Lead Security Engineer - SOC/Sentinel/Azure/SIEM

Job DescriptionExciting opportunity to join this IT Solutions and transformation organisation. Looking to hire an experienced Lead Cyber Security Engineer. You will be responsible for handing security incidents received/escalated from the junior analysts in the team. You will aid in triaging threat intelligence from multiple sources and add contextual information to the security incident, perform additional analysis and based on the business impact will recommend the response actions and escalation path. You will also have the opportunity to support the initial implementation of new security related Microsoft technologies, including Microsoft Sentinel, MDE, MDI and Defender for Cloud.The Responsibilities• Oversee completion of day-to-day checklist(s), including log review, management report scheduling & running, alert analysis, and escalation follow up• Remain current on cyber security trends and intelligence (open source and commercial) in order to guide the security analysis & identification capabilities of the CSOC team• Provide oversight, guidance and mentoring to L2 & L3 analysts, and fulfil SOC Manager responsibilities in the absence of the SOC Manager• Manage a number of analysts as part of a virtual team of L1 and L2 analysts, including objectives setting, performance management / reviews, training & development, and BAU activities including shift cover etc.• Perform advanced event and incident analysis, including baseline establishment and trend analysis.• Support on-call arrangements as part of a Rota, to support L1 Analysts working out of hours• Support Major Incident Response activity, from a Protective Monitoring perspective, including supporting teams in identification, containment, and remediation of security related threat.• Provide timely advice and guidance on the response action plans for events and incidents based on incident type and severity.• Identify, create and implement improvements to procedures and processes, with the SOC Manager's approval.• Identify opportunities for SOC and client SIEM platform configuration improvements, use case development, monitoring rule creation, tuning & optimisation• Assist in architectural design to facilitate the onboarding of new information systems, including the assessment, parsing, onboarding of log sources, and use case and rule development.Required skillsSenior level Cyber Security and security operations experience. Expert-level knowledge of Microsoft Sentinel, including Lighthouse, and experience in managing SIEM solutions. Strong experience in onboarding, tuning, reporting, and configuring SIEM solutions. Strong familiarity with cloud security concepts and technologies (AWS, Azure, GCP).I In-depth understanding of threat intelligence and its application in security engineering. Excellent leadership and mentoring skills, with the ability to develop and motivate a team of security professionals. Deep understanding of low-level concepts including operating systems and networking. Proven experience of cybersecurity principles, threat landscapes, and attack methodologies. Commercial experience in Penetration Testing and/or Security Monitoring. Comprehensive understanding of networking and infrastructure design. Knowledge and experience of DevOps practices and principles. Strong analytical and problem-solving skills, with the ability to think critically under pressure. Excellent communication skills, both written and verbal, with the ability to translate technical concepts for non-technical audiences.