boxxe are looking for a Support Engineer to join our SOC Team as a Platform Owner for its primary service offerings. We exist to give our customers the assurance that Security is in-hand when they partner with us.
We are on the lookout for a technical individual who thrives to learn about new cutting-edge technologies that drive the security industry forward and answer the challenges of our customers.
You will bring with you skills in scripting; confidence in using CLIs; troubleshooting undiagnosed problems, and manage through to remediation the fixing of platform and technical issues on behalf of the SOC’s technology stack.
You should have working knowledge of well-used industry standard SOC technologies such as Endpoint Detect and Respond; SIEM; Network Threat Analytics; Vulnerability Management and Patch Management; their architectures and deployment options.
You will be a core team member in acting as a bridge between our Professional Services Delivery Team and SOC Analysts in the onboarding and transition to live of new customers to our team of operational Analysts.
How you’ll fit in to the big picture
boxxe has significant growth plans for services, and one of the core focus areas for that goal, is through our Security Operations Centre.
You will work mostly within an operational capacity with varied day-to-day work, sometimes assisting on short-term delivery projects, as well as contributing daily to the ongoing maintenance and administration of systems. You will also contribute strategically to our technology stack by introducing additional features, modules or components where improvements can be made, so staying up to date with today’s Detect & Respond and Vulnerability Identification security technologies are key.
You will work with the Head of Department to continuously develop and improve the library of Standard Logging Patterns and Deployment & Setup guides for different types of deployment. Additionally, you will provide the Technical Assurance within MDR Testing and Acceptance into Service that all requirements are met by our Standard Operating Practices.
Our team exists to keep our customers secure in an increasingly sophisticated world that is more connected each day, which presents opportunity to attackers.
What you’ll be doing
- Ongoing platform management and maintenance of the Security Operations technology stack of EDR; VM; SIEM; XDR and any other core team technologies complimentary of any new service offerings
- Working with different APIs frequently to retrieve and send data between systems securely
- Where required perform Custom Log Parsing of non-native log feeds to ingest into our MDR Platform
- Where required develop integrations of non-native technologies into our MDR Platform.
- Provide assistance to Pre-Sales and Professional Services in the form of repeatable, standardised setup and install models
- Ensuring post-project transition to our Analysts occurs smoothly in conjunction with Service Delivery Managers and the Security Operations Team Leader
- Provide assistance to Line 2 Analysts in the design of Detection Rules
- Provide assistance to Line 2 Analysts in the design and implementation of Response Playbooks
- Provide assistance to Line 2 Analysts in data extraction for the purposes of enhanced customer Reporting
- Provide assistance to Line 2 Analysts where you may have working technical knowledge of a system impacted by an Incident
- Provide assistance to the Line 2 Analysts in repairing Silent Logs and technical onboarding of other feeds throughout a customer’s service contract
- Work with Change Management, Engineering and Network support colleagues to address connectivity challenges
- Any other duties commensurate with the role
What experience we think you’ll need
- Understanding of basic Python Programming
- Worked examples of utilising system or application APIs for other purposes or projects
- A Visual Explainer and Technical Thinker
- Working knowledge in the administration and configuration of SIEMs or NTAs is a must
- Working knowledge in the administration and configuration of other security technologies
- Working experience having worked for customers or clients in a Technical Consultancy or Support Engineering capacity
- A keen interest in novel security technologies
- SSCP or other Engineering specific certifications are desirable
- Demonstrated vendor competency through certifications
At boxxe we believe that business should be about more than just profits. Sustainability is a core value. We are committed to reducing our environmental impact, encouraging inclusive working environments, and trading ethically. Everyone at boxxe is responsible for considering the impact of their actions on the environment and for reducing our carbon footprint through embracing Work from Anywhere (in the UK) principles, minimising travel by using virtual technology and adopting sustainable practices.
boxxe embraces diversity. As an equal opportunity employer, we are committed to building a team that represents a variety of backgrounds, perspectives, and skills. boxxe does not discriminate based on race, religion, colour, national origin, sexual orientation, gender identity, age, marital status, veteran status, or disability status. All our employment is based on qualification, excellence, and business need.