Cyber Operations Engineer

We are partnering with a large enterprise organisation undergoing continued investment in its cyber defence and security operations capabilities. As part of this expansion, the organisation is seeking an experienced Cyber Operations Engineer with strong SOAR experience to support the optimisation and operational effectiveness of enterprise security tooling and automated response capabilities.

This role will work closely with security monitoring teams, cyber engineering, and technology operations teams to ensure security controls are configured effectively and that security orchestration and automation capabilities are continuously improved to support faster detection and response to threats.

Key Responsibilities

• Manage and continuously improve the configuration and effectiveness of enterprise security platforms across multiple security domains.
• Design, implement, and maintain SOAR playbooks and automation workflows to improve incident response efficiency and reduce manual intervention.
• Work closely with security monitoring teams to enhance automated response capabilities and orchestration across security tools.
• Collaborate with cyber engineering and architecture teams to identify gaps in existing security tooling and implement improvements.
• Translate threat intelligence, incident learnings, and recurring operational issues into automated response workflows and control improvements.
• Contribute to the development of automation playbooks, operational runbooks, and security configuration standards.
• Support the rollout and operationalisation of new security technologies, ensuring integration into existing detection and response processes.
• Provide support during internal and external audits by documenting control implementations and operational procedures.

Required Experience

• 8+ years of experience within IT or cybersecurity roles.
• Strong experience working with SOAR platforms, including the creation and optimisation of security automation playbooks.
• Demonstrable experience improving detection and response processes through automation and orchestration.
• Experience working closely with SOC teams and technology operations to operationalise security controls.

Desirable Experience

• Experience integrating SOAR platforms with SIEM, EDR, identity, and cloud security tooling.
• Knowledge of threat frameworks such as MITRE ATT&CK.
• Experience with scripting or automation languages such as Python, PowerShell, or Bash.
• Experience working in large enterprise or regulated environments.