Security Operations Engineer

About the Client

Our client is a dynamic IT services firm operating across the EMEA region, dedicated to empowering organizations through cutting‑edge technology, digital strategy, and tailored service delivery. With a commitment to innovation, operational excellence, and client success, the company partners with businesses to streamline workflows, enhance systems, and deliver measurable results in today’s digital environment.

About the Role

The Security Operations Engineer position is a mid-to-senior level role focused on safeguarding the information systems and infrastructure of a leading IT services provider operating across the EMEA region. This remote position centers on proactive monitoring, management, and response to security incidents, ensuring the confidentiality, integrity, and availability of critical assets. The role is pivotal in maintaining robust security postures, supporting compliance initiatives, and minimizing risk exposure in a dynamic, distributed environment.

Key Responsibilities

• Continuously monitor security alerts and events across multiple platforms, including SIEM, IDS/IPS, firewalls, and endpoint protection systems, to identify and assess potential threats.
• Investigate, analyze, and respond to security incidents, coordinating containment, eradication, and recovery efforts in accordance with established incident response procedures.
• Conduct root cause analysis of security breaches and develop actionable recommendations to prevent recurrence.
• Manage and tune security monitoring tools, ensuring optimal detection capabilities and minimal false positives.
• Collaborate with IT, network, and application teams to implement security controls, vulnerability remediation, and best practices across cloud and on-premises environments.
• Develop, maintain, and update incident response playbooks, standard operating procedures, and technical documentation.
• Perform regular threat hunting activities to proactively identify and mitigate emerging risks and vulnerabilities.
• Support compliance initiatives by assisting with audits, evidence collection, and adherence to regulatory frameworks such as GDPR, ISO 27001, and NIST.
• Participate in security awareness training initiatives and contribute to the continuous improvement of the organization's security culture.
• Provide on-call support for critical security incidents and participate in periodic security drills and tabletop exercises.

Required Experience & Skills

• Demonstrated experience (3+ years) in security operations, incident response, or SOC environments within IT services or related industries.
• Proficiency with security monitoring and analysis tools such as SIEM (e.g., Splunk, IBM QRadar, or Azure Sentinel), IDS/IPS, endpoint detection and response (EDR), and vulnerability management platforms.
• Strong understanding of network protocols, firewalls, VPNs, and intrusion detection/prevention systems.
• Familiarity with cloud security principles and controls for platforms such as AWS, Azure, or Google Cloud.
• Experience conducting forensic analysis and root cause investigations using industry-standard tools.
• Solid grasp of regulatory and compliance requirements relevant to the EMEA region, including GDPR and ISO 27001.
• Excellent analytical, problem-solving, and critical thinking skills with the ability to prioritize and manage multiple incidents simultaneously.
• Effective communication skills for documenting incidents, preparing reports, and collaborating with technical and non-technical stakeholders.
• Ability to work independently in a remote, distributed team environment, demonstrating self-motivation and accountability.
• Knowledge of scripting or automation (e.g., Python, PowerShell) for security operations tasks is highly desirable.

Qualifications

• Bachelor’s degree in Computer Science, Information Security, or a related field, or equivalent practical experience.
• Industry certifications such as CompTIA Security+, GIAC (GCIH, GCIA), CEH, or CISSP are highly advantageous.
• Ongoing commitment to professional development and staying current with evolving security threats and technologies.

Tools & Technologies

• Security Information and Event Management (SIEM): Splunk, IBM QRadar, Azure Sentinel
• Intrusion Detection/Prevention Systems (IDS/IPS): Snort, Suricata, Cisco Firepower
• Endpoint Detection and Response (EDR): CrowdStrike, SentinelOne, Microsoft Defender
• Vulnerability Management: Tenable Nessus, Qualys, Rapid7
• Firewalls: Palo Alto, Fortinet, Cisco ASA
• Cloud Platforms: AWS, Azure, Google Cloud Platform (GCP)
• Scripting/Automation: Python, PowerShell, Bash
• Ticketing and Collaboration: Jira, ServiceNow, Confluence, Slack, Microsoft Teams

This Security Operations Engineer role offers the opportunity to play a critical part in protecting a diverse IT services environment across the EMEA region. The position provides exposure to advanced security technologies, complex incident response scenarios, and ongoing professional growth in a remote, flexible work setting. Success in this role will be measured by the ability to detect, respond to, and mitigate security threats efficiently, while contributing to the continuous improvement of the organization's security posture.

By applying to this position, you are granting us permission to process your CV and keep your profile on file for consideration for this and future opportunities.