SOC Engineer

Overview of the role 

Phoenix enables digital transformation in the workplace, empowering UK organisations to innovate and transform with cloud and hybrid infrastructures, data, AI, security, and collaboration tools.  

We are seeking a SOC Engineer who will play a pivotal role in onboarding, deploying, and optimising the technologies and processes that underpin our managed security services. 

What will you be doing? 

• Lead customer onboarding activities, integrating new environments and configuring detection baselines, automation, and playbooks. 

• Deploy, tune, and optimise detection rules and correlation logic to reduce false positives and improve alert fidelity. 

• Configure and enhance log ingestion pipelines, enrichment workflows, dashboards, and reporting to support SOC operations and customer visibility. 

• Develop, maintain, and improve customer SOPs, runbooks, and playbooks to ensure consistent and effective response processes. 

• Work closely with Detection Engineering teams to contribute new detections, refine existing analytics, and validate detection logic. 

• Support CI/CD processes for detection content, ensuring safe, controlled deployment of rules, scripts, and automation updates. 

• Assist in developing and improving SOAR playbooks, validating automated actions, and ensuring operational reliability. 

• Maintain structured repositories of detection queries, SOPs, and operational documentation to keep SOC content accurate and up to date. 

• Troubleshoot detection and workflow issues, collaborating with internal teams and customers to resolve technical challenges. 

• Partner with architects, analysts, and service managers to improve SOC onboarding processes, tooling, and detection standards. 

Why you should apply? 

At Phoenix, our philosophy is simple – we aim to be the UK’s leading IT solution and managed service provider and that means we recognise that it’s our people who are the heart of everything we do. 

We do this by providing the encouragement, support and skill development that you need to be the very best you can be at work. We are proud of our culture, so much so that we have developed our Culture Blueprint which you can read here. 

What are we looking for? 

The right person for this role will have a good blend of both technical ability and customer facing skills with an excellent ability to be able to translate technical terminology to non-technical audiences. You will have developed this through significant experience working in a fast-paced MSSP environment. 

Key Skills: 

• Strong skills in designing, tuning, and validating detection logic (MITRE ATT&CK aligned). 

• Hands-on experience with SIEM, XDR, SOAR, and log ingestion/detection configuration. 

• Background in SOC operations such as analysis, detection engineering, IR, or threat hunting. 

• Ability to design and validate automated workflows and SOAR playbooks. 

• Experience using CI/CD pipelines and version control (Azure DevOps, GitHub, GitLab). 

• Skilled in producing clear SOPs, runbooks, playbooks, and operational documentation. 

• Experience supporting customer onboarding and tailoring detections to specific environments. 

• Strong communication and collaboration skills across technical and non‑technical teams. 

• Proactive, accountable, and able to deliver reliable, high‑quality outcomes. 

Practical stuff 

Where is the role based? 
This role can be fully remote with quarterly visits to the office. 

How many interviews? 
Following a screen with the Recruitment Team you can expect a two-stage interview process. 

What about security clearance? 
SC clearance is required for this role which means you will need to have lived in the UK continuously for at least 5 years and have no criminal record. 

What are the benefits? 
You can read about the benefits on offer here 😊 

*Important* BPSS Check 

As part of our recruitment process due to the nature of the work we do, all employees are required to undertake a Baseline Personal Security Standard (BPSS) check. While some employees require further security clearance, the BPSS check is a must-have requirement and all offers of employment are conditional pending the passing of this check 

Have you made it this far? 
 
If you’re still reading, we think there’s a strong chance you might be our kind of person. 
 

Here’s the thing, though — research suggests that 60% of women and underrepresented people might have already talked themselves out of applying. Even if you don’t check every box above, we want to encourage you to introduce yourself. 
 
We believe a diversity of perspectives and experiences makes a team stronger — and the stronger our team, the more successful we will be.