Apply now »

IT Specialist - SOC and SIEM

Location(s): 

Newcastle Upon Tyne, GB

Contract Type:  Permanent
Work Pattern:  Full Time
Market:  Various
Discipline:  Information technology
Job Ref:  13106
Recruiter Contact:  Nikki George

Location/s: Newcastle, UK
Recruiter contact: Nikki George

 

Mott MacDonald is a global engineering, management, and development consultancy with over 20,000 employees across more than 50 countries and 140+ offices. 


We work across incredible global industries, delivering exciting work that is defining our future and making an important societal impact in the communities we serve. Our people power our performance – we succeed when they do. With countless opportunities to collaborate, learn, and grow, the possibilities for excellence are as varied as every individual. 


Whether you want to grow as a subject matter expert or broaden your experience with roles across our international community, you’re surrounded by global specialists who want to combine their expertise and champion you to be your best. As a proudly employee-owned business, we benefit our clients, our communities, and each other, investing in creating the right space for everyone to feel empowered, included, and valued. Whatever your ambition, Mott MacDonald is where people come to be brilliant.

 

 

Overview of the role

As an IT Specialist in SOC and SIEM, you will play a vital role in strengthening the organisation’s detection and response capabilities. Reporting to the IT Manager – SOC and SIEM, you will deliver technical processes and controls across SOC operations, SIEM optimisation, Vulnerability & Patch Management, Incident Response & Disaster Recovery, and Asset & Threat Discovery. 

 

You will work collaboratively with SOC analysts, IT operations, engineering, and risk teams to ensure rapid detection and timely remediation of security incidents. This role requires strong technical expertise, meticulous attention to detail, and a proactive approach to improving operational resilience. 

 

We are committed to building a diverse, inclusive, and high-performing security function. In this role, you will be supported and empowered to develop your skills, contribute to innovation, and help protect the organisation.  

 

Key responsibilities and duties include:

  • Maintain and optimise SIEM platforms for accurate log ingestion, parsing, and correlation
  • Develop and tune detection rules, dashboards, and automated alerts to improve threat visibility and reduce false positives
  • Integrate threat intelligence feeds and ensure alignment with frameworks such as MITRE ATT&CK for comprehensive detection coverage
  • Support SOC operations by improving triage workflows and operational efficiency
  • Automate vulnerability scanning across endpoints, servers, and cloud workloads; coordinate patch deployment processes with IT teams to minimise exposure windows
  • Track remediation progress and verify fixes through re-scan and compliance reporting
  • Assist in developing and maintaining incident response and disaster recovery playbooks for common attack scenarios
  • Participate in planning and executing tabletop exercises and simulations to validate readiness and response times
  • Support containment, eradication, and recovery activities during live incidents, providing technical input for root cause analysis and corrective actions
  • Implement continuous asset discovery tools to maintain an accurate inventory of systems and services; ensure asset data feeds into CMDB and SIEM for correlation and reporting
  • Deploy threat discovery solutions to identify emerging risks and anomalous behaviours proactively
  • Maintain accurate records of incidents, vulnerabilities, and remediation status; support audit preparation for Cyber Essentials, ISO 27001, and internal governance reviews
  • Contribute to the development and update of security policies, standards, and operational procedures
  • Proactively identify opportunities to improve detection and response workflows and strengthen the organisation’s security posture 

 

Key performance indicators: 

  • Reduction in Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR)
  • Timely closure of vulnerabilities and patch compliance within SLA
  • Successful completion of incident response and disaster recovery exercises, with improvement in readiness scores
  • Accuracy of asset inventory and threat discovery coverage
  • Audit readiness and successful evidence submission. 

 

 

Candidate specification

Essential:

  • Demonstrable hands-on experience with SIEM platforms and SOC operations within a complex enterprise environment
  • Strong knowledge of detection engineering, vulnerability management, patching processes, and incident response/disaster recovery frameworks
  • Practical experience with asset discovery tools, threat detection methodologies, and remediation processes
  • Experience supporting or preparing for security audits and maintaining compliance evidence
  • Ability to interpret and apply security policies, standards, and regulatory requirements
  • Strong problem-solving skills, with the ability to analyse technical issues and recommend effective solutions
  • Excellent written and verbal communication skills, able to document findings and engage with both technical and non-technical stakeholders
  • Proven ability to work independently and as part of a team, managing multiple priorities in a fast-paced environment. 

 

Desirable:

  • Industry certifications such as CISSP, CCSP, or equivalent
  • Experience with automation tools, vulnerability scanners, and EDR/XDR platforms
  • Exposure to frameworks and standards such as MITRE ATT&CK, ISO 27001, NIST CSF
  • Experience participating in incident response activities and post-incident reviews
  • Awareness of automation and scripting for security operations. 

 

Personal attributes:

  • Demonstrates meticulous attention to detail in all aspects of detection, configuration, and documentation
  • Applies strong analytical thinking to interpret complex alerts and prioritise effective remediation
  • Collaborates effectively with colleagues across SOC, IT, engineering, and risk teams, building positive working relationships
  • Communicates clearly and confidently, adapting technical information for both technical and non-technical audiences
  • Proactively identifies and acts on opportunities to improve operational resilience and reduce risk
  • Maintains the highest standards of integrity, confidentiality, and professional conduct at all times
  • Adapts positively to changing priorities and remains resilient under pressure

 

Please be advised that offers for this role are conditional upon obtaining the appropriate level of Security Clearance.

 

 

UK Immigration

Mott MacDonald Ltd. are not currently offering sponsorship to candidates under the Skilled Worker visa route in the UK. This decision is as a consequence of the changes made to the Skilled Worker route by the UK Government in April 2024. We continue to welcome applications from candidates who are eligible for alternative immigration routes in the UK, that do not require sponsorship as a Skilled Worker now or in future.

 

Agile working  

At Mott MacDonald, we believe it makes business sense for you and your manager to choose how you can work most effectively to meet your client, team, and personal commitments. We offer a hybrid working policy that embraces your well-being, flexibility, and trust.

 

Equality, diversity, and inclusion 

We put equality, diversity, and inclusion at the heart of our business, seeking to promote fair employment procedures and practices to ensure equal opportunities for all. We encourage individual expression in our workplace and are committed to creating an inclusive environment where everyone feels they can contribute.

 

Accessibility

We want you to perform your best at every stage in the recruitment process. If you are disabled or need any support to enable you to apply or attend an interview, please contact us at reasonable.adjustments@mottmac.com and we will talk to you about how we can support you.

 

 

We offer some fantastic benefits including:

 

Financial wellbeing

  • We match employee pension contributions between 4.5% and 7%.
  • Life assurance equal up to 4 x your basic salary, with an option to increase the level of cover to 6 x your salary.
  • Our income protection scheme provides a financial benefit, as well as absence and return to work support due to long-term illness or injury.
  • Flexible benefits, including increased life assurance cover, critical illness insurance, payroll saving and will writing.
  • As an independently owned business we share the financial success of the business with all our colleagues in various ways including annual bonus schemes.

 

 

Employee Ownership

  • Our employee ownership model means no external investors, just us, creating a culture of shared success.
  • Our employees have a stake and a voice in our business, giving them a direct connection to our success through our personal and group performance bonuses.
  • As your career grows, so does your stake, recognising your long-term impact and contribution.
  • Your voice matters, with the opportunity to connect directly with senior leadership through formal channels to help shape our future.
  • For our senior roles you will have a direct pathway towards ownership from day one.

 

 

Health and wellbeing

  • Private medical insurance for all UK colleagues.
  • Health cash plan to support you with every day health costs and treatments.
  • Access to Peppy, providing free support from menopause experts for all UK colleagues.
  • A variety of wellbeing support is available through our comprehensive wellbeing program, including access for you and your family.
  • Ability to flex your salary to opt into a wide range of health benefits, many of which can be extended to your family too.

 

 

Lifestyle

  • A minimum of 33-35 days holiday each year, inclusive of public holidays and dependent on level, with the ability to buy or sell leave through our flexible benefits programme.
  • Holiday entitlement increased to a minimum of 35 days after 5 years’ service.
  • Variety of employee saving schemes and discounts from high-street retailers.

 

 

 Enhanced family and carers leave

  • Enhanced family leave policies, including 26 weeks paid maternity and adoption leave, and two weeks paid paternity/partner leave.
  • Our shared parental leave matches maternity leave meaning we pay up to 24 weeks at full pay.
  • Up to five additional days leave are provided for those with significant caring responsibilities, two of which are paid.

 

 

Learning and development

  • Primary annual professional institution subscription.
  • A broad range of opportunities to enhance both technical and soft skills through mentoring, formal training, and self-development options.

 

 

Networks, communities, and social outcomes

  • Join a wide range of groups including our Advanced Employee Networks which support our LGBTQ+, gender, race and ethnicity, disability, and parents/carers communities.
  • Make a difference within our communities through our social outcomes.

 

Apply now, or for more information about our application process, click here.

Apply now »