Senior SOC Engineer

About Us:

ACE Money Transfer is a UK-based company headquartered in Manchester, United Kingdom. The company is an online remittance service provider for customers from the UK, Canada, Australia, and the European Union, including Switzerland. The company is a parent company in a group of companies with a diversified portfolio, including digital wallet services in the UK and real estate, advertising businesses, and software solutions in Pakistan.

Job Overview:

The Senior SOC Engineer Level 3 is a highly skilled technical role within the Security Operations Center, possessing approximately 4+ years of progressive experience in security operations and engineering. This role focuses on the advanced technical aspects of security monitoring, incident response, tool management, automation, and threat analysis. The individual is expected to handle complex security challenges, contribute to the strategic direction of the SOC's technical capabilities, and mentor junior team members. They are proactive in identifying and implementing improvements to the SOC infrastructure and processes.

Responsibilities:

Advanced Security Tooling Management:

• Lead the deployment, configuration, optimization, and maintenance of complex security tools and platforms, including SIEM, SOAR, advanced endpoint protection, network security appliances, and cloud security solutions.
• Serve as a subject matter expert for several key security technologies within the SOC.
• Develop and implement advanced troubleshooting methodologies for security tool issues.
• Architect and implement integrations between various security tools and platforms.

Advanced Rule and Alert Engineering:

• Design, develop, and implement sophisticated security rules, alerts, and correlation logic based on advanced threat intelligence, behavioral analysis, and organizational risk profiles.
• Conduct in-depth analysis of false positives and implement strategies for their reduction.
• Develop and maintain comprehensive documentation for advanced detection rules and logic.

Automation and Orchestration Leadership:

• Lead the design, development, and implementation of complex security automation and orchestration workflows using SOAR platforms and custom scripting to significantly improve incident response efficiency and accuracy.
• Identify and implement opportunities for automation across various SOC processes.
• Manage and maintain the SOAR platform and its integrations.

Threat Hunting and Analysis:

• Proactively conduct advanced threat hunting activities based on threat intelligence, anomaly detection, and behavioural analysis.
• Perform in-depth forensic analysis of security incidents to identify root causes and attacker tactics, techniques, and procedures (TTPs).
• Develop custom scripts and tools for advanced security analysis.

Incident Response Leadership (Technical Focus):

• Lead the technical aspects of handling complex and critical security incidents, providing expert guidance and support to Level 1 and Level 2 analysts.
• Develop and refine incident response playbooks and procedures for advanced attack scenarios.
• Conduct post-incident analysis and contribute to the development of preventative measures.

Vulnerability Management Expertise:

• Provide expert guidance on vulnerability assessment and management processes.
• Integrate vulnerability data with other security tools for enhanced correlation and prioritization.
• Develop and implement strategies for automated vulnerability remediation.

Security Architecture and Design Input:

• Contribute to the design and implementation of security architectures and solutions within the organization.
• Provide security engineering expertise and guidance to other IT teams.

Continuous Improvement and Innovation:

• Research and evaluate emerging security technologies and trends.
• Identify and champion opportunities for innovation and improvement within the SOC's technical capabilities.
• Participate in security research and development projects.

Qualifications:

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Minimum of 4 years of progressive experience in a Security Operations Center (SOC) environment with a strong and demonstrable focus on security engineering and advanced technical responsibilities.
• Expert-level understanding of security technologies and concepts, including SIEM, SOAR, EDR, NDR, firewalls, WAF, vulnerability management, threat intelligence platforms, and cloud security.
• Extensive hands-on experience in the implementation, configuration, optimization, and troubleshooting of complex security tools.
• Advanced scripting and automation skills (e.g., Python, PowerShell, Bash) with experience in developing complex automation workflows.
• Deep understanding of networking protocols, security principles, and common attack vectors.
• Proven experience in threat hunting, digital forensics, and malware analysis (desirable).
• Strong understanding of various operating systems (Windows, Linux, macOS) and their security mechanisms.
• Excellent analytical, problem-solving, and critical thinking skills with the ability to handle complex technical challenges independently.
• Exceptional documentation and technical communication skills, capable of explaining complex technical concepts to both technical and non-technical audiences.
• Experience with cloud security architecture and implementation (AWS, Azure, GCP).
• Knowledge of security frameworks and compliance standards (e.g., NIST, ISO 27001, PCI DSS).

Job Type: Full-time

Work Location: In person