SOC Engineer

About Ekco

Founded in 2016 Ekco is now one of the fastest growing cloud and security solution providers in Europe! 

We specialise in enabling companies to progress along the path of cloud maturity, cybersecurity, managing transformation and driving better outcomes from our customers’ existing technology investments.

We are the people who power your possible.

We have over 1000 highly talented and supportive colleagues (and counting) across a number of regional offices in Ireland, the Netherlands, Malaysia and UK.

The Role

As a SOC Engineer your primary objective is to configure, implement, and maintain the critical infrastructure that supports Security Operations Center (SOC) functions. Your role ensures the seamless operation, scalability, and security of the SOC’s underlying systems, enabling the team to deliver effective cybersecurity services to clients.

Reporting to the regional Head of SOC, the role of SOC Engineer will play a crucial role in deploying, maintaining and monitoring customer SOC tools and underlying infrastructure.

Day to day your role will involve

• Assist in provisioning and configuring tools and systems for new clients, ensuring smooth integrations into SOC workflows

• Consult with key stakeholders within and outside the organisation. Includes discussion of cybersecurity reports or assessments, specifically Azure/Microsoft 365, and reviewing then planning the implementation of enhanced security controls taking a risk-based approach

• Install, manage, and troubleshoot security tools such as SIEMs, EDR, and log management systems.

• Implement, deliver, and maintain Microsoft Sentinel Security Incident and Event Monitoring (SIEM) platform. Involves the technical implementation of cloud-based and on-premises data sources, continuous alert-based tuning using Kusto Query Language (KQL), and setting up automated actions where appropriate

• Implementation of Security Automation/Orchestration Response (SOAR) tooling. Configuring automated/orchestrated alert enrichment, alert management, and automated response.

• Manage user accounts, roles, and permissions across SOC systems to maintain security and compliance

• Collaborate with SOC analysts and fellow engineers following feedback from incident investigations to ensure SOC specific infrastructure supports the team going forward to respond to incidents effectively

• Attend Client meetings/calls as part of general cyber security consulting, and where required by SOC Leadership

• Evaluate and recommend enhancements or new security technologies/tools to improve SOC capabilities

• Aiding investigation efforts where asked, to assist SOC Analysts in understanding detections and the information presented to them

• Configure, maintain, and optimize SOC-related infrastructure, including servers, virtual environments, and cloud platforms

• Act as a key contributor to SOC continuous improvement criteria as required, identifying gaps in existing processes, proposing and documenting working solutions to close gaps

• Create custom, ad hoc and monthly reporting solutions for SOC customers as required. Assist in the development of internal SOC reporting solutions

• Assist Senior Engineers with the development, testing, and implementation of new SOC solutions across a variety of platforms/toolsets

• Performing other miscellaneous duties as assigned by SOC Leadership

About You

• Have a minimum of 2 years experience working in an SOC Engineering role

• Practical experience in managing and working with hardware infrastructure

• Working knowledge in the following areas:

• Security Incident and Event Monitoring (SIEM)

• Security Orchestration and Automated Response (SOAR)

• Endpoint Detection and Response (EDR)

• Cloud platforms such as Azure, GCP, AWS

• Maintain a strong commitment to customer service by prioritizing a customer-first approach

• Adhere to security configuration best practices in all aspects of daily duties

• Keen problem solving / troubleshooting skills

• Strong analytical skills and a logical approach to resolving issues

• A can-do attitude

• Excellent written and verbal communication skills. You should be able to communicate technical details clearly at all levels

• The ability to adjust and adapt to changing priorities in a dynamic environment

• A pro-active approach to addressing issues and requests and the ability to multitask

• The ability to learn new technologies and concepts quickly

• Great organisational skills and attention to detail

• Adaptability to do a range of work, including the complex, non-routine, mundane and multi-environment

• Able to work under direction, use discretion and determine when to escalate issues

• Effective communication, teamwork and task-time management skills

Desirable

• Prior experience working with one or more of the following SIEM or EDR tools – E.g. Microsoft Sentinel, Microsoft Defender for Endpoint, SentinelOne, CrowdStrike

• Prior experience working for a MSSP

• Prior experience working with SOAR technologies

• Expertise in securing cloud-based infrastructures and tools.

• Experience with scripting/coding languages e.g. Python, PowerShell

Benefits/Perks

• ☀️ Time off - 25 days leave + public holidays
• 🎂 x1 day Birthday leave per year
• 💰 Company Pension Scheme (employer contribution 5%) + flexible salary sacrifice
• 📞 Employee Assistance Programme (EAP) - access to dedicated mental health, emotional wellbeing and general advice
• 🏃‍♀️ EkcOlympics - a global activity for fun!
• 📚 Learning & development - Unlimited access to Pluralsight learning platform

• 🌱 A lot of responsibilities & opportunities to grow (also internationally)

Why Ekco

• ⭐️ Microsoft’s 2023 Rising Star Security Partner of the year
• 🚀 VMware & Veeam top partner status
• 🏅 Ranked as 4th fastest growing technology company in the Deloitte Fast50 Awards
• 🌈Ekco are committed to cultivating an environment that promotes diversity, equality, inclusion and belonging
• 🎉 We recognise the value of internal mobility and encourage opportunities for internal development & progression
• ✨ Flexible working with a family friendly focus are at the core of our company values