Job Description

Vacancy Name

Senior SOC Engineer (Microsoft)

Req Number

VN336

Employment Type

Full-Time

Location

Leeds/Hybrid

Position Summary

About Claranet

Founded at the beginning of the dot.com bubble in 1996, our CEO Charles Nasser had a light bulb moment to develop a truly customer-focused IT business. Since then, Claranet has grown from an Internet Service Provider (ISP) in the UK to being one of the leading business modernisation experts, who deliver solutions across 11+ countries.


At Claranet, we're experienced in implementing progressive technology solutions which help our customers solve their epic business challenges. We're committed to understanding their problems, delivering answers quickly, and making a lasting impact to their business.


We are agile, focused and experienced in business modernisation. Our approach helps customers make genuine, significant shifts in their business strategy, to deliver financial savings, boost innovation, and create a resilient business. We continually invest in our people and the latest technologies, so our customers get peace of mind knowing that they have access to the best talent and services.


In the UK we have over 500 staff working in London, Gloucester, Warrington, Leeds or as homeworkers.

Working For Claranet

Here at Claranet we pride ourselves on going the extra mile for and with our employees (yes, we really mean it). We offer an extensive benefits package that you can tailor to your needs, inclusive of a matching contribution pension scheme, healthcare, insurance, dental, discounted gyms and app supported benefit access.


But what we think makes us different is 'Team Claranet,' our dedicated internal part of the business that supports you with matters close to your heart. We proudly support local charities in each of our office locations, support employees with paid charity leave, organise key charity fundraising event per year and have a dedicated committee responsible for supporting employee's fundraising efforts.


Claranet are one of the 10 founding members of TC4RE (Technology Community for Racial Equality.) Being a part of a group of leading UK technology organisations, we are dedicated to building a more diverse and inclusive workforce.

Our Vision

Our vision is to become the most trusted technology solutions partner; renowned for being the best and brightest, having lasting impact with our customers and delivering exceptional returns to our stakeholders.

Position Summary

As a Senior SOC Engineer, you apply deep technical expertise and leadership to the design, optimisation, and delivery of our security engineering services. You lead complex project work across onboarding, deployment, and service improvement, with a focus on scalable, secure, and efficient SOC infrastructure. You act as the senior escalation point for engineering challenges, contribute to continual improvement, and support the strategic growth of the Security Operations Centre (SOC). You also represent the engineering team in pre-sales engagements and customer communications, while mentoring other engineers and contributing to internal capability development.

Duties and Responsibilities

Essential Roles & Responsibilities

Key Responsibilities

Platform Engineering Leadership

- You lead the design and delivery of SOC-aligned security solutions, supporting both customer onboarding and continuous improvement of existing environments

Lead Customer Deployment & Onboarding

- You support the full project lifecycle, including solution design, technical implementation, handover, and service documentation

Lifecycle Management

- You oversee platform lifecycle maintenance activities across all supported environments, including patching, upgrades, and service transitions, ensuring sustained performance and operational readiness

Lead Continual Improvement

- You identify, prioritise, and implement technical enhancements that improve detection accuracy, efficiency, scalability, or resilience

Escalation & Mentoring

- You provide expert-level guidance to other engineers, take ownership of complex escalations, and support the professional development of the wider engineering team

Internal Documentation & Standards

- You own the development and review of engineering artefacts, ensuring documentation remains current, accessible, and aligned to service delivery requirements

Pre-Sales & Stakeholder Engagement

- You contribute to pre-sales activities, including technical scoping, bid responses, service demonstrations, and stakeholder presentations

Essential Duties

Security Platform Deployment & Optimisation

Deploy, configure, and tune SOC technologies across SIEM, EDR, SOAR, and log pipeline tooling Develop and maintain documentation to support repeatable, high-quality delivery

Customer Engagement & Delivery

Lead the implementation of engineering workstreams, balancing customer requirements with internal standards and constraints Manage project handovers to other SOC teams and customer teams, ensuring operational readiness Oversee lifecycle maintenance (patching, upgrades, transitions) across customer environments to assure sustained platform health

Service Research & Development

Assess and evaluate new technologies and service enhancements aligned with evolving customer needs and industry direction Track vendor product roadmaps and assess the impact of version changes, feature updates, and technology alignment on SOC service delivery Support the SOC Engineering Team Lead in roadmap development and capability planning.

Documentation & Standards

Own documentation standards and review cycles for runbooks and engineering artefacts Ensure that engineering documentation supports both internal delivery and customer-facing transparency

Teams To Collaborate With

SOC Operations Teams

- You collaborate closely with analysts to ensure detection logic, alerting, and platform configurations support high-quality triage and investigation

Security Optimisation

- Collaborate with the Security Optimisation team to provide technical support and feedback for rule tuning and detection use case development

Sales & Pre-Sales

- You support pre-sales activities by providing engineering insight during customer scoping, bid responses, and solution demonstrations

Automation & Detection Engineering

- You work with platform and detection engineers to ensure delivery pipelines, tooling, and telemetry handling support current and future service needs

Position Specifications

Behavioural Competencies - Organisational & Behavioural Fit

Communication

- Able to clearly articulate and present complex engineering concepts to internal stakeholders and customers, balancing technical precision with audience relevance

Technical Leadership

- Comfortable guiding other engineers through complex technical challenges and providing structure to engineering delivery

Decision Making

- Able to make well-reasoned decisions under time pressure, based on security risk, operational impact, and technical feasibility

Adaptability

- Capable of delivering across multiple customer environments, technologies, and project types in a fast-paced MSSP setting

Customer Empathy & Commercial Awareness

- Understands the operational importance of technical design choices and balances customer needs with service feasibility

Problem Solving

- Able to troubleshoot complex issues across security platforms, data flows, and integration points, proposing defensible and scalable solution

Professionalism

- Represent the SOC Engineering team with a high standard of technical credibility and customer engagement

Collaboration & Mentoring

- the ability work with others to support and develop other engineers within the team to promote continuous development.

Critical Competencies - Technical Fit

Security Tooling & Architecture

- Deep understanding of SOC-aligned technologies across SIEM, EDR, SOAR, log pipelines, and detection tooling.

Telemetry and Log Management

- Ability to design and deliver scalable architectures for data ingestion, correlation, and automation

Networking & Infrastructure

- Strong working knowledge of networking protocols, cloud environments, and security integration patterns

Detection & Threat Context

- Familiarity with frameworks such as MITRE ATT&CK and understanding of detection engineering and threat hunting principles

Continual Improvement

- Ability to identify service improvement opportunities, propose technical changes, and evaluate the impact of emerging technologies Experience delivering complex, multiphase engineering projects and producing associated artefacts such as diagrams, implementation plans, and runbooks Tooling names, query languages, and stack-specific skills are specified in the applicable Technology Profile(s).

Key Knowledge & Skills - Senior Microsoft SOC Engineering

Strong background/experience working with Microsoft Azure, MS Sentinel, MS Defender XDR


Microsoft Security Operations (SC-200 Certification) Senior-level engineering knowledge aligned to SC-200, focused on platform deployment, configuration, systems integration, detection enablement, automation, and operational stability MS Sentinel / Microsoft XDR & Unified Defender Portal (Platform Ownership) Deep hands-on experience engineering and operating MS sentinel and preferably the new Unified Microsoft 'Unified Defender XDR' portal, supporting a production MSSP SOC environment MS Defender Suite experience Operational experience supporting / managing components of the wider MS Defender suite, including: Defender for Endpoint, Identity, Office 365, Cloud Apps, Entra ID, and Defender for Cloud Sentinel to Defender XDR Transition & Hybrid SOC Architecture Experience migrating SOC services from a Microsoft Sentinel centric model to a Defender XDR first operating model Microsoft Sentinel - SOC Engineering Strong engineering capability in Microsoft Sentinel, including data connector onboarding, ingestion optimisation, analytic rule lifecycle management, workspace architecture, and cost-aware service design for multi-tenant MSSP use cases Advanced KQL (Engineering & Detection Enablement) Expert-level KQL skills to support detection engineering, correlation logic, operational tuning, and platform performance across Sentinel and Defender data sources SOAR & Automation (Logic Apps) Proven experience designing and maintaining Logic App based automation for Sentinel and Defender integrations, focusing on reliability, security, and repeatable MSSP service delivery MSSP SOC Platform Engineering & Service Development Experience owning and evolving Microsoft security platforms as managed services, including onboarding new Microsoft Defender SKUs, standardising configurations, maintaining service health, and enabling SOC analysts through stable, well-engineered tooling

Qualifications & Experience

You may be required to hold or obtain UK Non-Police Personnel Vetting (NPPV) and/or a Security Check (SC) clearance as part of this role Experience supporting or working within a SOC environment, with an understanding of attacker techniques, incident response playbooks, and detection workflows Willingness to travel for customer engagements and internal collaboration as required

You are expected to lead and oversee the platform-specific capabilities outlined in the applicable Technology Profile(s), while mentoring others and ensuring delivery at scale.

Professional Development & Career Progression

Claranet supports structured career development for engineering staff. As a Senior SOC Engineer, you will have the opportunity to grow into roles with greater architectural, strategic, or leadership responsibility. Ongoing professional development is supported through certification pathways, participation in complex project work, and involvement in continual improvement initiatives that shape the future of the SOC.

Salary

Competitive