Security Engineer

Job ID:43003

Location:Greece: Athens

Position Category:Information Technology

Position Type:Employee Regular

LRQA is an award-winning provider of Cyber Security, Assurance, Incident Response and Managed Security Services provider to organisations across the world. Due to continued expansion, we are seeking a Security Engineer to support LRQA in continuing to be a renowned market leading managed provider of Managed Security and Support Services

Role Purpose

The purpose of this role is to ensure the efficient, error-free performance of the SOC Platform. You will take a supporting role in ensuring the continuous monitoring of customer environments via both SIEM and SOC Monitor infrastructure.

Working as a Security Engineer within our DSS team, you will use your expertise to facilitate the detection and response to a multitude of threats of differing capability and sophistication. You will use, administer, and maintain our SIEM, EDR, SOAR, bespoke tooling, and Threat Intelligence solutions to enable the triage of suspicious events, provide context and assessment of risk/threat to our customers.

You will develop technical solutions to improve the operational capability of the Platform and to support the wider SOC Monitor team.

You will also get involved in projects that maintain and enhance the capability of our services, and ensure we are providing innovative detection & response services to our clients. This includes threat hunting, supporting the implementation of new cutting-edge technology, malware analysis, recommending detections and getting involved in strategic cross-team projects as part of your wider role within our award-winning Security Operations Centre.

Key Role Responsibilities

• Monitor and maintain the technology stack, creating and tuning alerts where necessary.
• Support the implementation of any required upgrades to the Security Engineering technology stack.
• Ensure each customer's operational health is maintained and respond to all requests within agreed SLAs.
• Participate in knowledge transfer sessions with the wider team.
• Develop automation solutions that improve detections and increase team efficiency.
• Assist in customer onboarding activities where necessary.
• Work with our Threat Detection team to develop solutions to improve detections and operational capability.
• Maintain an awareness of the latest Defensive Monitoring technologies and trends.
• Maintain an up-to-date understanding of current threats and trends in Cyber Crime and apply this information as part of your daily duties when creating custom use cases and altering the SOC Monitor infrastructure.
• Assist both Infrastructure Support and Network Operations in a wide range of duties ranging from security best practice recommendations through to analysing suspicious activity on infrastructure devices.
• Liaise with Account and Client Service Managers across the business and assist with the presentation of SOC Monitor technology demonstrations to both current and prospective customers.
• Maintain regular written and verbal communication with customers, suppliers, and internally as required.

Role Requirements

• Demonstrable, hands-on experience with Microsoft Sentinel and Microsoft Defender (Defender for Endpoint, Defender for Identity, Defender for Cloud Apps), including deployment, configuration, and day-to-day operational management within an enterprise environment.
• Strong background in SIEM, SOAR, and EDR/EPP technologies, with a particular focus on delivering detection, investigation, and response capabilities.
• Proven ability to operate within a complex, high-performing service management enterprise environment, using Microsoft's security tools to enhance visibility, resilience, and incident response effectiveness.
• Demonstrable experience in conducting security investigations using large datasets, with knowledge of Kusto Query Language (KQL) to develop custom Sentinel queries and analytics rules.
• Skilled in building and maintaining automation solutions and integrations using Python, PowerShell, and RegEx, enabling improved detection, response, and operational efficiency within Microsoft Sentinel and Defender environments.
• Knowledge of enterprise IT infrastructure, including Windows and Linux operating systems, networking, and third-party security tools — and how these integrate with the Microsoft security ecosystem.
• Strong capability in analysing complex security data within Sentinel and Defender portals, identifying patterns, prioritizing threats, and presenting actionable recommendations as part of continuous service improvement initiatives.
• In-depth understanding of attack vectors, MITRE ATT&CK framework, and adversary behaviours, with the ability to distinguish between normal and abnormal activity using Microsoft security insights.
• Excellent communication skills, with experience in customer-facing roles and the ability to clearly convey technical findings and security risk to both technical and non-technical stakeholders, using Microsoft dashboards and reporting tools.

Desirable Qualifications

• Microsoft certifications such as AZ-500, SC-300, SC-200, SC-100
• Crowdstrike certifications such as CCFA
• LogRhythm experience

Pre-Employment Checks

If you are successful in securing a role with us, you will be subject to pre-employment checks, depending on the legal requirements and practices in your country of employment.

If eligible these checks will include right to work, identification, verification of employment history, education, and criminal records where permitted by local law.

All checks will be conducted in accordance with applicable privacy and data protection regulations.

We will involve the third party supplier to run the background checks as needed and your data will be retained for a period as needed for the recruitment purpose.

To the extent to be permitted by the applicable local law, your data may be stored outside of your employment country dependent on our operation structure.

Your application of this role will constitute your consent on this paragraph.

Diversity and Inclusion at LRQA:

We are on a mission to be the place where we all want to work and we are passionate about embracing different perspectives because we understand the value this brings to our business, our clients and each other. We are all about creating a safer and more sustainable future and our inclusive culture is right at the heart of our business.

Together our employees make our communities better and we want you to be part of our diverse team

LRQA is a leading global assurance provider. The integrity and expertise we bring to our partnership with clients support their journey to a safer, more secure and more sustainable future. (Group entities).