Overview

Senior SOC Solutions Engineer at Anson McCade

Location: London (hybrid)

Salary: Up to £85,000 + 10% bonus

Do you have deep expertise in IBM QRadar and a passion for building world-class detection and response capabilities? We are looking for a Senior SOC Solutions Engineer to strengthen our cyber defence function and enhance our security operations.

This is a hands-on role where you’ll lead on SIEM engineering, playbook development, and advanced threat modelling — helping to safeguard enterprise environments against evolving threats. You’ll also work closely with stakeholders, guide junior team members, and contribute to continual service improvement.

Key Responsibilities

• Deploy, configure, and maintain the IBM QRadar SIEM platform.
• Onboard and normalise log sources across cloud and on-premise environments.
• Develop and optimise detection rules for threats, anomalies, and behaviour patterns.
• Design and implement incident response playbooks, integrating with SOAR platforms to automate triage and response.
• Conduct threat modelling (MITRE ATT&CK, STRIDE, Kill Chain) and translate into actionable use cases.
• Perform investigations, coordinate incident response, and collaborate with threat intelligence teams.
• Produce dashboards, reports, and documentation to support stakeholders and compliance needs.
• Mentor junior analysts and support pre-sales activities (requirements, demos, solution scoping).

What You’ll Bring

• Ability to obtain or already hold SC Clearance.
• Proven expertise in IBM QRadar engineering and management.
• Strong knowledge of log formats, parsing, query languages (KQL, SPL, AQL).
• Scripting ability (Python, PowerShell) for automation.
• Solid understanding of threat detection, incident response, network traffic flows, vulnerability management, and penetration testing.
• Familiarity with frameworks such as MITRE ATT&CK, NIST, CIS and ITIL processes.
• Strong analytical, communication, and presentation skills.
• Willingness to participate in a 24/7 on-call rotation.

Preferred Qualifications

• 3–5 years of IT security experience in a SOC/NOC environment.
• Security certifications (e.g. CISSP, GIAC, SC-200, IBM QRadar Specialist, Splunk Certified, Google Chronicle Security Engineer).
• Experience with ServiceNow Security Suite.
• Hands-on experience with AWS and/or Microsoft Azure.

What’s on Offer

• The chance to play a central role in shaping and optimising SOC capabilities.
• Exposure to diverse environments and advanced technologies.
• Opportunities for growth, certifications, and continuous learning.
• A collaborative and dynamic team culture focused on innovation and resilience.