Senior Security Engineer

The Role The Senior Security Engineer is responsible for the day-to-day operation, maintenance, and optimisation of security platforms supporting a financial services client in a regulated environment. This is a hands-on engineering role where you will ensure security tooling is fully operational, integrated, and performing as expected. You will work closely with the 24/7 Security Analyst team, supporting investigations, resolving platform issues, and driving improvements across detection and response capabilities. This role is client-aligned with ~3 days onsite in London. Key Responsibilities * Maintain and configure security platforms including SIEM, XDR/EDR, vulnerability and cloud security tooling * Perform lifecycle activities including patching, upgrades, and configuration changes * Ensure security platforms are fully integrated across on-prem and cloud environments * Monitor platform health, performance, and availability, resolving issues proactively * Support service transitions, upgrades, and controlled change activities * Act as escalation point for platform issues raised by the Security Analyst team * Provide engineering support during complex incidents and investigations * Implement platform-level changes to support incident response and remediation * Support detection engineering including rule deployment, tuning, and validation * Resolve data quality, alerting, and detection gaps impacting operational effectiveness * Support automation and SOAR initiatives (e.g. Sentinel, Logic Apps) * Collaborate with SOC providers to maintain SIEM configuration and log ingestion * Maintain accurate engineering documentation, runbooks, and platform records * Ensure all platforms meet regulatory, audit, and compliance requirements * Contribute to governance, reporting, and continuous improvement initiatives Experience & Knowledge Essential: * Strong experience in security engineering and platform management * Experience supporting SOC tooling and security operations environments * Hands-on experience with Microsoft Defender and Microsoft Sentinel * Strong understanding of SIEM, XDR, and security platform integrations * Experience in hybrid (on-prem and cloud) environments * Strong troubleshooting skills across platforms, integrations, and data pipelines * Experience with scripting/automation (PowerShell, Python or similar) * Strong understanding of networking, cloud, and infrastructure fundamentals * Experience in regulated environments (e.g. financial services) * Strong documentation and communication skills Desirable: * Experience with vulnerability and scanning tools (e.g. Qualys) * Familiarity with exposure management and BAS tools (XM Cyber, AttackIQ) * Knowledge of DLP, email security, and cloud security platforms * Awareness of PAM and data security tools (e.g. CyberArk, Varonis)