As a Security Operations Centre (SOC) Engineer, you will contribute to various key initiatives within the Precursor SOC. This is a fast-paced role that will have your skills consistently engaged and challenged to drive new solutions for our SOC customers. You will be joining an already established team who are laser focused on protecting businesses from cyber threats.
You will support the engineering team by contributing to the following areas in varying capacities:
SIEM
– Data connectors (API and Syslog), infrastructure (virtual ingestion nodes and docker containers), health and ingestion health monitoring. Detection engineering support through your deep understanding of SIEM and cyber threats. SOAR and Automation
Utilising REST APIs from vendors such as CrowdStrike, Microsoft, and Elastic to improve operational efficiency in the SOC. Design, build, and deployment of Azure Logic Apps and Function Apps. Creating CrowdStrike Fusion SOAR and Azure Sentinel playbooks. Working with other APIs of varying ranges of documentation available.
Scripting (Azure Functions)
Writing PowerShell or Python scripts for Azure Function Apps and independently troubleshooting/debugging. Diagnosing design flaws in scripts to improve script efficiency.
Cloud Infrastructure
Desirable proficiency or enthusiasm for designing and building scalable cloud infrastructure that maximises value. Automating deployment of infrastructure using Azure ARM/Bicep.
Internal Security
As the business and technical estate continues to grow, you will be expected to play an active role in technical risk reduction through the introduction of new controls or improvement of existing ones.
SOC Analysis
– Supporting the analysis team with technical overlay and potentially busy periods. Pre-Sales/Customer Success Support
– Aspects of this role are customer-facing, therefore, you will be involved in advising on technical elements during key pre-sales engagements and ensuring our customers get the most from their security technologies. To apply send CV to michael.lamb@precursorsecurity.com
#J-18808-Ljbffr
– Data connectors (API and Syslog), infrastructure (virtual ingestion nodes and docker containers), health and ingestion health monitoring. Detection engineering support through your deep understanding of SIEM and cyber threats. SOAR and Automation
Utilising REST APIs from vendors such as CrowdStrike, Microsoft, and Elastic to improve operational efficiency in the SOC. Design, build, and deployment of Azure Logic Apps and Function Apps. Creating CrowdStrike Fusion SOAR and Azure Sentinel playbooks. Working with other APIs of varying ranges of documentation available.
Scripting (Azure Functions)
Writing PowerShell or Python scripts for Azure Function Apps and independently troubleshooting/debugging. Diagnosing design flaws in scripts to improve script efficiency.
Cloud Infrastructure
Desirable proficiency or enthusiasm for designing and building scalable cloud infrastructure that maximises value. Automating deployment of infrastructure using Azure ARM/Bicep.
Internal Security
As the business and technical estate continues to grow, you will be expected to play an active role in technical risk reduction through the introduction of new controls or improvement of existing ones.
SOC Analysis
– Supporting the analysis team with technical overlay and potentially busy periods. Pre-Sales/Customer Success Support
– Aspects of this role are customer-facing, therefore, you will be involved in advising on technical elements during key pre-sales engagements and ensuring our customers get the most from their security technologies. To apply send CV to michael.lamb@precursorsecurity.com
#J-18808-Ljbffr
