Job Description

At spotit, our SOC is built on expertise, collaboration, and continuous improvement. As a SOC Security Engineer, you will play a key role in maintaining, improving, and standardizing the security environments of our SOC customers.

You work closely with our analysts and customers to ensure their environments are optimized for effective detection and response. From onboarding new clients to improving existing setups, you help design efficient architectures and ensure the right security data is collected, processed, and analyzed.

Your mission: make our SOC environments smarter, more efficient, and ready to detect what truly matters.

What will you do?

• Maintain, improve, and standardize security environments across our SOC customers

• Support and guide new customer onboarding into our SOC services

• Work extensively with the Microsoft security ecosystem (Sentinel, Defender XDR, Entra ID)

• Help determine which security data should be collected, filtered, and retained to optimize detection and cost efficiency

• Collaborate with customers to ensure their security architecture aligns with SOC best practices

• Improve data pipelines and data quality to strengthen detection capabilities

• Research and evaluate new technologies and architectures for more efficient security data management

• Contribute to vulnerability management processes and tooling

• Support analysts by improving the quality and reliability of the SOC platform

A day in the life of a SOC Security Engineer

Your morning starts with a customer onboarding session. Together with the client’s IT team, you review how their Microsoft environment integrates with the SOC platform and ensure the right logs and signals are flowing into Microsoft Sentinel.

Later in the day, you analyze data ingestion patterns and discover opportunities to filter unnecessary log streams. By fine-tuning data collection, you help reduce noise while preserving valuable security insights.

In the afternoon, you collaborate with SOC analysts to improve detection rules and discuss how threat intelligence could be operationalized more effectively. You end your day documenting improvements that will help standardize configurations across multiple customer environments.

Your profile

Must haves

• Strong knowledge of the Microsoft security ecosystem (Sentinel, Defender XDR, Entra ID)

• Experience working in a SOC environment, preferably within an MSSP

• Interest in data engineering concepts and security data pipelines

• Experience with vulnerability management platforms

• Comfortable communicating with customers and technical stakeholders

• Fluent in Dutch and English

Nice to have

• Experience with the Elastic Stack

• Experience with CSIRT interventions

• Experience operationalizing threat intelligence

• Knowledge of Terraform

You are analytical, curious, and always looking for ways to improve. You enjoy collaborating with both technical teams and customers, and you thrive in an environment where innovation and learning are encouraged.

“What I like most about working in the SOC at spotit is that we’re constantly improving how security works for our customers. We’re not just reacting to incidents. We’re building smarter environments that help detect threats earlier and more efficiently.”
— Bob, SOC Practice Lead

Our offer

Match made in heaven? We reward that!

• Competitive salary: enhanced with numerous benefits.

• Company car with charging pass: so you’re covered on the road.

• Hybrid work environment: avoid traffic jams.

• Continuous learning opportunities: a wide range of training options to keep you growing.

• Legendary team-building activities: quarterly fun events that have become the stuff of spotit legends.

• A passionate team of experts: ready to share their knowledge and passion for what they do best.