Sr. SOC Engineer

So, whats the job?Red Team (70%)

• You'll lead the Vulnerability Management Program, providing strategic guidance to regional technology teams to address cyber risks.
• You'll initiate and execute Red Teaming Exercises across global Business Units, testing security controls and delivering actionable feedback.
• You'll manage the External Attack Surface Platform, assess risks, coordinate remediation efforts, and report on enterprise-wide security posture.
• You'll perform regular penetration tests to identify and exploit weaknesses in the external attack surface.
• You'll establish a Counter-Adversary capability in the Global SOC, maintaining sandboxes, identifying attacker TTPs, and performing advanced threat hunting.
• You'll manage Threat Intelligence feeds and respond to Zero-Day vulnerabilities by configuring alerts and defining automated response actions.
• You'll track and ensure completion of security improvements discovered during critical incidents or P1 investigations.
• You'll document and maintain a robust Incident Response Plan, aligning with best practices and evolving threat landscapes.
• You'll stay ahead of the curve through research on emerging threats, new defensive technologies, and evolving industry standards.

Blue Team (30%)

• You'll lead and facilitate Security Incident Response Drills and Tabletop Exercises, enhancing organizational readiness.
• You'll serve as the technical escalation point for complex detections across the enterprise security stack.
• You'll collaborate with the Global SOC to optimize and evolve defensive control strategies.
• You'll support ISO27001 and SOC 2 audits, providing technical evidence and ensuring compliance.
• You'll assist with the deployment of standard security tools, ensuring consistent implementation across regions.
• You'll manage security vendors, attend QBRs, and drive improvements in their services.
• You'll create and maintain Blue Team playbooks, ensuring up-to-date CrowdStrike Fusion SOAR automations.
• You'll ensure all security tools are fully integrated into the NextGen SIEM, with reliable log ingestion and correlation.
• You'll conduct proactive threat hunting using CrowdStrike Query Language and develop Fusion Workflows to detect IOCs, alert teams, and automate responses.
• You'll perform daily health checks to validate the functionality and reliability of all deployed security tools.

And what are we looking for?

• Youll have major experience in Red teaming, along with pen testing
• Youll have experience with security incident management and network monitoring in medium to large-scale enterprise environments.
• Youll bring over 6 years of general Information Security experience, with proven exposure to both strategic and hands-on roles.
• Youll have strong communication skills and demonstrated success collaborating across business and technical teams in large organisations.
• Youll have a solid understanding of core security technologies, including endpoint protection, data loss prevention, network security, and identity access controls.
• Youll ideally have experience working with tools like CrowdStrike, Netskope, and Vectra or similar EDR, SASE, and NDR platforms.
• Youll be familiar with SIEM technologies, with working knowledge of log correlation, threat detection, and rule creation.
• Youll have experience in scripting (e.g., Python, PowerShell) and developing or integrating security tooling via APIs to automate tasks or enhance capabilities