Apply now

< Back to jobs

Job Title Security Operations Engineer I
Job Location London


The Security Operations Engineer role provides daily incident response in addition to providing 24x7 support and operational availability of Kirkland's security infrastructure. Responsibilities include the monitoring and investigation of security alerts, implementation of new security technologies, day-to-day operations, and change management of all deployed security technologies.

ESSENTIAL FUNCTIONS (This list is not exhaustive and may be supplemented and changed as necessary.)

• Analyze potential infrastructure security incidents to determine if incident qualifies as a legitimate security breach.
• Monitor and correlate security event log information to identify and detect anomalous activity.
• Document and conform to processes related to security monitoring, patching and incident response.
• Implement techniques using the most advanced technologies to hunt for the unknown threats in the environment
• Appropriately inform and advise management on incidents and incident prevention.
• Participate in knowledge sharing with other analysts and develop solutions efficiently.
• Upgrade security systems by monitoring security environment; identifying security gaps, evaluating and implementing enhancements.
• Enhance department and organization reputation by delivering quality results and exploring opportunities to increase value and raise awareness of Information Security Program.
• Partner closely with IT or business teams across the Firm to implement secure solutions that reduce business risk by ensuring confidentiality, integrity, and availability.


Education, Work Experience, Skills

• Bachelor's degree required, preferably in cybersecurity or other IT-related field
• At least four (4) years in an IT-related field or at least two (2) years working in cybersecurity required. Experience in an MSSP or SOC preferred.
• Programming and scripting skills such as PowerShell, Python, etc. preferred.


• Microsoft Outlook, Word, & Excel required.
• Experience investigating security incidents using various security tools including EDR tools such as CrowdStrike, Sentinel One, etc. required.
• Experience with Security Information and Event Management (SIEM) such as LogRhythm, Splunk, etc. Experience should include event analysis, log collection/management, alert generation, investigations, and reporting preferred.
• Experience using file sandbox technology to detonate and analyze potentially malicious documents and executables preferred.
• Experience with other security-related technologies including Intrusion Prevention/Detection Systems, Firewalls, Content Filtering Technology, Vulnerability Scanning/Management Solutions preferred.

Certificates, Licensures, Registrations

• Comptia Security+, Network+, Cybersecurity Analyst
• GIAC Information Security Fundamentals or Security Essentials Certification
• Certified Information Systems Security Professional (CISSP)


This job may operate in a hybrid workplace model.