Senior Security Engineer

The Role

The Senior Security Engineer is responsible for the day-to-day operation, maintenance, and optimisation of security platforms supporting a financial services client in a regulated environment.

This is a hands-on engineering role where you will ensure security tooling is fully operational, integrated, and performing as expected. You will work closely with the 24/7 Security Analyst team, supporting investigations, resolving platform issues, and driving improvements across detection and response capabilities.

This role is client-aligned with ~3 days onsite in London.

Key Responsibilities

• Maintain and configure security platforms including SIEM, XDR/EDR, vulnerability and cloud security tooling
• Perform lifecycle activities including patching, upgrades, and configuration changes
• Ensure security platforms are fully integrated across on-prem and cloud environments
• Monitor platform health, performance, and availability, resolving issues proactively
• Support service transitions, upgrades, and controlled change activities
• Act as escalation point for platform issues raised by the Security Analyst team
• Provide engineering support during complex incidents and investigations
• Implement platform-level changes to support incident response and remediation
• Support detection engineering including rule deployment, tuning, and validation
• Resolve data quality, alerting, and detection gaps impacting operational effectiveness
• Support automation and SOAR initiatives (e.g. Sentinel, Logic Apps)
• Collaborate with SOC providers to maintain SIEM configuration and log ingestion
• Maintain accurate engineering documentation, runbooks, and platform records
• Ensure all platforms meet regulatory, audit, and compliance requirements
• Contribute to governance, reporting, and continuous improvement initiatives

Experience & Knowledge

Essential:

• Strong experience in security engineering and platform management
• Experience supporting SOC tooling and security operations environments
• Hands-on experience with Microsoft Defender and Microsoft Sentinel
• Strong understanding of SIEM, XDR, and security platform integrations
• Experience in hybrid (on-prem and cloud) environments
• Strong troubleshooting skills across platforms, integrations, and data pipelines
• Experience with scripting/automation (PowerShell, Python or similar)
• Strong understanding of networking, cloud, and infrastructure fundamentals
• Experience in regulated environments (e.g. financial services)
• Strong documentation and communication skills

Desirable:

• Experience with vulnerability and scanning tools (e.g. Qualys)
• Familiarity with exposure management and BAS tools (XM Cyber, AttackIQ)
• Knowledge of DLP, email security, and cloud security platforms
• Awareness of PAM and data security tools (e.g. CyberArk, Varonis)