Security Operations Engineer


Fully flexible hours

boxxe are looking for a Security Engineer to join our rapidly growing MSSP function and Security Operations Team. We exist to give our customers the assurance that Security is in-hand when they partner with us.

Your Mission

We are on the lookout for a technical individual who thrives to learn about new cutting-edge technologies that drive the security industry forward and answer the challenges of our customers.

You will bring with you skills in scripting; confidence in using CLIs; troubleshooting undiagnosed problems, and manage through to remediation the fixing of platform and technical issues on behalf of the SOC’s technology stack.

You should have working knowledge of well-used industry standard SOC technologies such as Endpoint Detect and Respond; SIEM; Network Threat Analytics; Vulnerability Management and Patch Management; their architectures and deployment options.

You will be a core team member in acting as a bridge between our pre-sales and SOC Analysts in the onboarding of new services through designing, implementing and transition to live service to our Analysts. You will work heavily with Project Managers to deliver solutions to meet our customer’s key needs and wants.

How you’ll fit in to the big picture

boxxe has significant growth plans for services, and one of the core focus areas for that goal, is through our Security Services.

You will work within a Service Delivery capacity, working on short time-based delivery projects, as well as contributing daily to the ongoing maintenance and administration of systems, and interacting positively with our sales teams to assure proposed solutions meet our customer’s needs. You will also contribute strategically to our technology stack and introducing additional features, modules or components where improvements can be made, so staying up to date with today’s security technologies is key.

Our team exists to keep our customers secure in an increasingly sophisticated world that is more connected each day, which presents opportunity to attackers.

You will be asked to participate in an on-call rota in order to respond to service-related platform incidents both at boxxe and customer sites.

What you’ll be doing

    • Ongoing platform management and maintenance of the Security Operations technology stack of EDR; VM; SIEM; XDR and any other core team technologies complimentary of any new service offerings.
    • Facilitate Proof-of-Concept deployments of service solutions to our prospective customers interested in our SOC services.
    • Working with different APIs frequently to retrieve and send data between systems securely
    • Where required perform Custom Log Parsing of non-native log feeds to ingest into our MDR Platform.
    • Where required develop integrations of non-native technologies into our MDR Platform using Stix-Shifter.
    • Provide working solution design knowledge and know-how to our Pre-Sales function in performing, or assuring Technical Designs, HLDs, or solution Architectural Designs are accurate.
    • Facilitate technical assistance where requested to Tender proposals.
    • Perform the technical implementation of SOC services to our customers in a timely manner, working within a project team,
    • Ensuring post-project transition to our Analysts occurs smoothly in conjunction with Service Delivery Managers and the Security Operations Team Leader.
    • Provide assistance to Line 2 Analysts in the design of Detection Rules.
    • Provide assistance to Line 2 Analysts in the design and implementation of Response Playbooks.
    • Provide assistance to Line 2 Analysts in data extraction for the purposes of enhanced customer Reporting.
    • Provide assistance to Line 2 Analysts where you may have working technical knowledge of a system impacted by an Incident.
    • Update and create Standard Operating Procedures for Line 2 Analysts to be able to follow a standardised service onboarding experience where appropriate.
    • Work alongside a nominated Line 2 Analyst during the onboarding of a new customer to ensure a fully in-scoped inventory is identified.
    • Provide Professional Service activities from time to time, such as Security Tool installation for the purposes of ongoing Administration as a service, or provide Consultancy or Advisory Services where requested.
    • Participate in an on-call Rota
    • Any other duties commensurate with the role

What experience we think you’ll need

    • Programming in Python
    • Worked with a variety of different Query Languages (e.g. KQL)
    • Worked examples of utilising system or application APIs for other purposes or projects
    • Visually articulate solution designs within Visio
    • Working knowledge in the deployment, administration and configuration of SIEMs or NTAs
    • Working knowledge in the deployment, administration and configuration of EDRs
    • Working knowledge in the deployment, administration and configuration of VM Products
    • Working experience having worked for customers or clients in a Professional Service or Consultancy capacity
    • A keen interest in novel security technologies
    • SSCP or other Engineering specific certifications are desirable
    • Demonstrated vendor competency through certifications

At boxxe we believe that business should be about more than just profits. Sustainability is a core value. We are committed to reducing our environmental impact, encouraging inclusive working environments, and trading ethically. Everyone at boxxe is responsible for considering the impact of their actions on the environment and for reducing our carbon footprint through embracing Work from Anywhere (in the UK) principles, minimising travel by using virtual technology and adopting sustainable practices.boxxe embraces diversity. As an equal opportunity employer, we are committed to building a team that represents a variety of backgrounds, perspectives, and skills. boxxe does not discriminate based on race, religion, colour, national origin, sexual orientation, gender identity, age, marital status, veteran status, or disability status. All our employment is based on qualification, excellence, and business need.

Apply now
Technology Consultancy
View company profile


Fully flexible hours