Senior Security Engineer

• Portsmouth - hybrid (2-3 days on-site per week)
• Permanent
• Up to £78,500 + bonus

This is a prime opportunity to design and engineer the core platforms behind a rapidly growing Security Operations Centre (SOC), blending hands-on technical work with automation and solution design. You'll collaborate with analysts, architects, and customers to build reliable, scalable systems that accelerate threat detection and response, all in a collaborative culture that invests in your growth, wellbeing, and career progression.Job Title: Senior Security Engineer Job Type: Permanent Salary: Up to £78,500 (DOE) + Bonus Working arrangement: Hybrid Office Location: PortsmouthAs a Senior Security Engineer, you will:

• Design, deploy, and maintain core SOC technologies (SIEM, EDR, SOAR, threat intelligence, and logging infrastructure).
• Develop and optimise detection use cases, correlation rules, and analytics content.
• Build and maintain automation workflows and integrations using automation platforms or custom scripting.
• Engineer secure log ingestion pipelines across hybrid cloud and on-prem environments.
• Support client onboarding, threat hunting, detection engineering, and process improvements.
• Mentor junior engineers and maintain documentation, diagrams, and standards.

Required Experience/Skills:

• 5 years' experience in a SOC, security engineering, or cyber operations role.
• Strong hands-on experience with SIEM or EDR platforms (e.g., Microsoft Sentinel, Splunk, Defender, CrowdStrike, Elastic).
• Expertise in building and tuning detection rules, dashboards, and automation playbooks.
• Proficiency in scripting or automation (KQL, PowerShell, Python, or similar).
• Knowledge of log management, APIs, data normalisation, and cloud security (Azure, AWS, or M365).
• Solid understanding of network, system, and identity security fundamentals.
• Excellent problem-solving skills and a passion for continuous improvement.
• Experience with SOAR platforms (e.g., Microsoft Sentinel Automation, Cortex XSOAR, Splunk SOAR).
• Knowledge of MITRE ATT&CK mapping and detection engineering frameworks.
• Infrastructure-as-Code experience (Terraform, Bicep, or ARM templates).
• Exposure to threat hunting, vulnerability management, or integrations with ServiceNow/ITSM tools.

Services offered by Computappoint Limited are those of an Employment Business and/or Employment Agency in relation to this vacancy.