We are seeking a Deployment Engineer to work within our Security Operation Centre (SOC) environment to support the delivery of managed security services through security toolsets and by SIEM technology. What will you be doing?

• SIEM Solutions - you will collaborate with stakeholders to define SIEM requirements and then design and implement SIEM solutions to meet the security needs of our customers. You will also support the development and assist with the deployment of Security Orchestration, Automation, and Response (SOAR) playbooks to streamline Incident Response processes.
• SOC Infrastructure - you will ensure the continuous operation and health of SOC infrastructure, including servers, networks, and security appliances as well as configure and fine-tune ingestion tools to optimise performance and detection capabilities.
• Documentation / Admin - you will manage individual ticket queues within the SOC, ensuring that Service Level Agreements (SLAs) are met and ensure that all incidents are accurately logged and tracked, and that appropriate remediation actions are taken., We do this by providing the encouragement, support and skill development that you need to be the very best you can be at work. We are proud of our culture, so much so that we have developed our Culture Blueprint which you can read
What are we looking for? The right person for this role will have experience scoping, designing, and deploying SIEM technologies, maintaining SOC infrastructure, managing Threat Intelligence sources, and supporting the deployment of SOAR playbooks. This role requires a strong understanding of SOC operations, excellent problem-solving skills, and the ability to collaborate effectively with various teams.


• Experience with scoping, designing and deploying SIEM tools preferably Microsoft Sentinel.
• Experience with Microsoft Azure
• Detailed knowledge of communication protocols (HTTP, DNS, TCP/UDP) as well as the various techniques utilised by malware within an operating system for persistence and data collection.
• Practical experience with scripting languages (e.g., Python, Perl, Bash, PowerShell).
• Understanding of virtualisation technologies (e.g. VMware) and cloud environments (e.g. Azure, AWS)
  
  At Phoenix, our philosophy is simple - we aim to be the UK's leading IT solution and managed service provider and that means we recognise that it's our people who are the heart of everything we do., Strong foundation in security domains such as web security, cloud services security, identity/access management, web application firewalls and intrusion detection
Practical stuff Where is the role based? This role can be fully remote with quarterly visits to the office. How many interviews? Following a screen with the Recruitment Team you can expect a two-stage interview process. What about security clearance? SC clearance is required for this role which means you will need to have lived in the UK continuously for at least 5 years and have no criminal record. What are the benefits? You can read about the benefits on offer
• Important BPSS Check
As part of our recruitment process due to the nature of the work we do, all employees are required to undertake a check. While some employees require further security clearance, the BPSS check is a must-have requirement and all offers of employment are conditional pending the passing of this check Have you made it this far? If you're still reading, we think there's a strong chance you might be our kind of person. Here's the thing, though - research suggests that 60% of women and underrepresented people might have already talked themselves out of applying. Even if you don't check every box above, we want to encourage you to introduce yourself. We believe a diversity of perspectives and experiences makes a team stronger - and the stronger our team, the more successful we will be. Phoenix Software