Senior SOC Engineer

Nomios' mission is to build a ‘secure and connected’ future. Organisations across Europe depend on us to help secure and connect their digital infrastructures.

In support of our continued UK growth, we are seeking a Senior SOC Engineer to join our Security Operations team. This role presents a great opportunity to shape the direction of a modern, technology focused SOC that values engineering excellence, deep technical capability and a culture of innovation. You will work with a broad and diverse customer base that relies on Nomios to deliver meaningful and effective security outcomes.

As a Senior SOC Engineer at Nomios, you'll lead the design, deployment, and ongoing improvement of the technologies that underpin our SOC, including SIEM, XDR, SOAR, scripting, and automation. From building custom log parsers and response workflows to developing platform architecture, you’ll drive meaningful enhancements to our detection and response capabilities.

You’ll play a central role in security orchestration and automation, helping reduce time to detect and respond by refining playbooks and building intelligent workflows. You’ll also lead customer onboarding in collaboration with SOC Operations, ensuring secure, efficient deployments aligned with our model. Working directly with SIEM/XDR platforms and custom tooling, you’ll have access to dedicated SOC infrastructure: lab environments for malware analysis, detection testing, threat intel development, and proof of concepts.

You’ll be part of a high-performing team that values hands-on expertise, technical leadership, and continuous growth. Our SOC culture is built by engineers who’ve progressed through roles in security operations, threat intelligence, and engineering. You’ll benefit from cyber ranges, training labs, and the freedom to shape your development path.

As part of a leading MSSP, you'll gain exposure to a wide range of industries, from government and defence to healthcare, telecoms, legal, and manufacturing, broadening your knowledge of real-world security practices. Whether you’re a seasoned Senior Engineer or ready to step up, this role offers ownership, impact, and the chance to help shape the mission.

Key Responsibilities

Build

• Mentor and guide SOC engineers and analysts, supporting their technical development and helping them grow within a high-performance team.

• Design, develop and maintain automation across key SOC workflows, improving efficiency, response speed and consistency.

• Create and manage log parsing and data normalisation across a variety of internal and external sources, ensuring high quality telemetry across the estate

• Architect and implement SIEM and XDR environments tailored to both internal use and customer-facing deployments.

• Deploy, manage and continually enhance core SOC technologies, including SIEM, XDR, SOAR, vulnerability management and custom automation scripts, all supported by our dedicated in-house infrastructure and lab environments.

Investigate

• Act as a senior escalation point during complex engineering incidents across both internal systems and managed customer environments.

• Work with the wider engineering team to document, maintain and improve internal wikis and deployment guides, ensuring consistent and high quality engineering delivery across the team.

Improve

• Collaborate directly with the Head of Security Operations, Lead SOC Analyst and engineering team on the ongoing development and execution of the SOC’s engineering maturity roadmap.

• Continuously assess and deliver automation and process improvements, both internally and across customer environments, to enhance detection, response and operational efficiency.

• Apply lessons learned from incidents, threat intelligence and emerging attack techniques to refine and improve engineering output, ensuring the SOC remains agile, proactive and threat-driven.

We hire result-orientated, smart, and high-energy individuals who bring a can-do attitude and a willingness to go the extra mile and deliver exceptional outcomes. You should be organised and rigorous, with excellent analytical skills. Good communication with customers and internal stakeholders is vital, as is the ability to work as part of a dynamic team.

Required technical skills include:

• Expert Knowledge of SOAR – including developing custom automation and integrations.

  Preferred vendors: Palo Alto Cortex XSOAR, Logic Apps, Siemplify, Jupyter Notebooks

• Good Knowledge of Cloud Environments & Architecture – including developing custom automation and integrations via API with proficiency in at least one scripting language (preferably Python or GO).

  Preferred vendors: Azure, AWS, GCP

• Expert Knowledge of SIEM Architecture and Design – Including familiarity in SIEM deployment and architecture of at least one cloud environment (GCP, AWS, Azure, IBM)

  Preferred vendors: Microsoft Sentinel, Google SecOps, XSIAM

• Expert Knowledge of EDR/XDR – including configuration and deployment/maintenance

  Preferred vendors: CrowdStrike, Microsoft Defender, Palo Alto XDR, SentinelOne

• Intermediate Knowledge of VM – including deployment, automation of reporting

  Preferred vendors: Rapid 7, Tennable

• Intermediate Knowledge of CTI – including ingestion methodologies, and common ingestion and parsing methods (STIX/TAXII)

  Preferred vendors: Mandiant

Additional requirements include:

• 3-5 years’ experience working within a Security Operations Centre (SOC) as a security engineer.

• Proven experience in SOC automation, log source parsing and configuration of security toolsets.

• Fluent in English with excellent written and oral communication skills

• Eligible for SC or DV clearance is highly preferred.

• Ability to use initiative and work independently

• Strong team player

Job Specifics

• Location: This is a hybrid role, requiring attendance at our Basingstoke office (free hot & cold drinks, breakfast items, snacks, lunches, and regular takeaway Fridays are provided to all staff in the office!)

• Hours: Full-time, Monday-Friday, 9:00am-5:30pm

Why would you choose to come and work with us?

We invest in our people. You will get to work in a dynamic, fast-paced environment where you are free to use your initiative in support of our strategic objectives. You will work alongside high calibre sales, technical, and operational experts as part of a supportive, tight-knit team, within which every individual has an important part to play and makes a real difference. Nomios offers a highly competitive salary and commission scheme along with industry-leading benefits.

Ready to make an impact? Apply now!

Nomios is an equal opportunity employer and is committed to creating and sustaining an environment in which everyone is provided with an equal opportunity to grow and develop, and no individual will be unjustly discriminated against. This includes, but is not limited to, discrimination because of age, disability, gender reassignment, marriage and civil partnership, pregnancy and maternity, race, religion and belief, sex and sexual orientation.