1 to 25 of 60 SOAR Jobs in the North of England

AWS). Knowledge of network protocols, threat actors, and attack vectors. Ability to analyse complex data and deliver actionable insights. Familiarity with scripting (Python or similar) and security automation (SOAR). Understanding of threat intelligence and its operational use. Experience in software engineering or penetration testing. Exposure to Splunk ES and development of custom content. Knowledge of security process development More ❯

strategies to control costs without compromising visibility or detection capabilities. Automation & Response - Design and implement automated response workflows using Sentinel playbooks (Logic Apps). - Enhance response efficiency by developing SOAR integrations across security tooling. Documentation & Reporting - Produce comprehensive incident reports and root cause analyses. - Maintain technical documentation for use cases, configurations, response procedures, and data source onboarding. - Generate regular dashboards More ❯

Skilled in implementing information protection tools, key and secrets management, data loss prevention, and protective marking and classification capabilities. Cyber Security Operations: Proficient in incident response, vulnerability management, SIEM, SOAR, threat modeling, threat hunting, intelligence, data analytics, and anti-phishing methodologies. Infrastructure and Endpoint Security: Experience with endpoint security control technologies (EDR, EPP, UEBA, baseline configurations) including the Microsoft stack More ❯

cyber security focused role - Ideally 1- 2 years working as an engineer. Knowledge of security tools and technologies (e.g., SIEM, IDS/IPS, EDR/XDR, Email protection, DLP, SOAR, Cloud Security etc.) Knowledge of Cyber Security domains (e.g., Identity and access Management, Network Security, Incident Response etc) Desirable skills Ideally you will come from an Infrastructure engineering background. Relevant … Knowledge of Security best practices and regulatory compliance frameworks (e.g., NIST, ISO27001, PCI-DSS etc) Knowledge of the following security products are ideal: ? SEIM (Rapid7 IDR, MS Sentinel, SPLUNK) ? SOAR (Rapid7 ICON, MS Sentinel) ? Endpoint Detection and Response (Microsoft Defender) ? Email Security (Proofpoint, Mimecast) ? Vulnerability Management (Rapid7 IVM, Nessus, Tenable) Proficiency with scripting and automation (e.g., Powershell, Python) Understanding of More ❯

perform in-depth root cause analysis. Support use case tuning through auditing and approval, alongside developing new detection content including machine learning analytics and Security Automation Orchestration and Response (SOAR). What are we looking for? Ability to work independently to deliver personal and team objectives, liaising with relevant teams. Able to work under pressure and make judgment calls based More ❯

of network and host-based telemetry relevant for threat detection Desirable . Azure certifications (SC-200, AZ-500, MS-500) . Experience with LogRhythm SIEM Platform . Knowledge of SOAR tools and automation (Logic Apps, Sentinel Playbooks) Please be aware that this role can only be worked within the UK and not Overseas. Sellafield Ltd is committed to eliminating discrimination More ❯

investigation and resolution of high-severity security incidents Conduct proactive threat hunting using Microsoft Sentinel and the Defender suite Develop and fine-tune analytic rules, detection use-cases, and SOAR playbooks Monitor and optimise license consumption across Microsoft security tools Manage log onboarding/offboarding processes across varied sources and environments Drive SOC maturity initiatives, identifying and implementing process improvements … the MITRE ATT&CK framework and threat modeling Solid understanding of Windows, Linux, networking, and endpoint security Skilled in threat intelligence, digital forensics, and advanced incident handling Experience with SOAR platforms and security automation Excellent written and verbal communication skills Nice to Have Experience in the retail or FMCG sector supporting large-scale SOC environments Background in major incident response More ❯

Threat hunting & IR experience in Windows and/or Linux environments, cloud/hybrid environments Proficient in SIEM and log management configuration and analysis Experience with Security Orchestration Automation and Response tools Experience/familiarity with Cyber Intelligence, Threat Operations, Penetration Testing, Red Teaming, Incident Response and Threat Hunting methodologies Experience with intrusion detection systems and intrusion prevention systems Familiarity More ❯

and procedures (TTPs) used in detected attacks, from start to finish. Capture and feed attack chain details into detection capabilities. Ensure monitoring effectiveness by creating and updating SIEM/SOAR playbooks, adapting to evolving attacker TTPs. Use Intrusion Analysis skills to contribute to new detection techniques and research industry capabilities. Communicate with government or commercial security operations centers for root More ❯

Incident Investigation – Analyse security incidents, conduct forensic investigations, and support remediation efforts. Vulnerability Management – Identify, assess, and report on security risks, ensuring proactive mitigation strategies. Security Automation & Intelligence – Leverage SOAR platforms and threat intelligence tools to enhance detection capabilities and streamline responses. Collaboration & Communication – Work closely and collaborate with senior analysts and clients to keep security operations running smoothly. The More ❯

details of detected attacks (successful and failed) and feeding them back into detection capability. · Responsible for ensuring monitoring effectiveness and efficiency via the creation and updating of SIEM/SOAR playbooks, in line with changing attacker techniques tactics and procedures (TTP’s) · Use Intrusion Analysis skills and experience to provide input to new detection techniques and research new detection capabilities More ❯

to clients, helping to optimize their use of our client’s services. Key Experience Required: Solid grasp of Security Operations Centre (SOC) environments, including practical use of SIEM and SOAR tools for identifying and responding to cyber threats. Possession of Microsoft Security certifications or equivalent professional experience demonstrating deep technical capability. A keen interest in current cybersecurity developments, with awareness More ❯

to clients, helping to optimize their use of our client’s services. Key Experience Required: Solid grasp of Security Operations Centre (SOC) environments, including practical use of SIEM and SOAR tools for identifying and responding to cyber threats. Possession of Microsoft Security certifications or equivalent professional experience demonstrating deep technical capability. A keen interest in current cybersecurity developments, with awareness More ❯

to clients, helping to optimize their use of our client’s services. Key Experience Required: Solid grasp of Security Operations Centre (SOC) environments, including practical use of SIEM and SOAR tools for identifying and responding to cyber threats. Possession of Microsoft Security certifications or equivalent professional experience demonstrating deep technical capability. A keen interest in current cybersecurity developments, with awareness More ❯

investigation and resolution of high-severity security incidents Conduct proactive threat hunting using Microsoft Sentinel and the Defender suite Develop and fine-tune analytic rules, detection use-cases, and SOAR playbooks Monitor and optimise license consumption across Microsoft security tools Manage log onboarding/offboarding processes across varied sources and environments Drive SOC maturity initiatives, identifying and implementing process improvements … the MITRE ATT&CK framework and threat modeling Solid understanding of Windows, Linux, networking, and endpoint security Skilled in threat intelligence, digital forensics, and advanced incident handling Experience with SOAR platforms and security automation Excellent written and verbal communication skills Nice to Have Experience in the retail or FMCG sector supporting large-scale SOC environments Background in major incident response More ❯

aligned with MITRE ATT&CK framework Solid understanding of Windows and Linux systems, networking, and endpoint security Skilled in digital forensics, threat intelligence, and advanced incident handling Familiarity with SOAR platforms and automated workflows Excellent written and verbal communication Nice to Have: Experience supporting SOC environments in the retail or FMCG sector Background in major incident response and recovery Esther More ❯

aligned with MITRE ATT&CK framework Solid understanding of Windows and Linux systems, networking, and endpoint security Skilled in digital forensics, threat intelligence, and advanced incident handling Familiarity with SOAR platforms and automated workflows Nice to Have: Experience supporting SOC environments in the retail or FMCG sector Background in major incident response and recovery #J-18808-Ljbffr More ❯

aligned with MITRE ATT&CK framework Solid understanding of Windows and Linux systems, networking, and endpoint security Skilled in digital forensics, threat intelligence, and advanced incident handling Familiarity with SOAR platforms and automated workflows Nice to Have: Experience supporting SOC environments in the retail or FMCG sector Background in major incident response and recovery #J-18808-Ljbffr More ❯

and vulnerability management Detailed knowledge or experience of application or network based penetration testing tools and methodologies Experience of incident response and/or security incident event management solutions, SOAR, UEBA What We'll Do For You! About QA At QA, we believe the future belongs to organisations that are able to learn, master and apply new skills at pace More ❯

vendors regarding security incidents and recommendations. Develop and improve SOC processes and designing training programs. Provide guidance on effective cyber defenses and actionable, cost-effective solutions. Focus on utilizing SOAR platforms to automate and improve security processes, incident response, and threat detection. Develop and implement plans to mitigate identified risks, including security controls and countermeasures. Your Profile: Essential knowledge/ More ❯

sources, techniques, tactics, and procedures (TTPs), and assess attack extent. Capture and feed back attack chain details into detection capabilities. Ensure monitoring effectiveness by creating and updating SIEM/SOAR playbooks aligned with attacker TTPs. Use intrusion analysis skills to contribute to new detection techniques and research industry capabilities. Communicate with government or commercial security operation centers for root-cause More ❯

Incident Investigation – Analyse security incidents, conduct forensic investigations, and support remediation efforts. Vulnerability Management – Identify, assess, and report on security risks, ensuring proactive mitigation strategies. Security Automation & Intelligence – Leverage SOAR platforms and threat intelligence tools to enhance detection capabilities and streamline responses. Collaboration & Communication – Work closely and collaborate with senior analysts and clients to keep security operations running smoothly. The More ❯

Incident Investigation: Analyze security incidents, conduct forensic investigations, and support remediation efforts. Vulnerability Management: Identify, assess, and report on security risks, ensuring proactive mitigation strategies. Security Automation & Intelligence: Leverage SOAR platforms and threat intelligence tools to enhance detection capabilities and streamline responses. Collaboration & Communication: Work closely with senior analysts and clients to maintain smooth security operations. The Ideal Profile: Experience More ❯

Incident Investigation: Analyse security incidents, conduct forensic investigations, and support remediation efforts. Vulnerability Management: Identify, assess, and report on security risks, ensuring proactive mitigation strategies. Security Automation & Intelligence: Leverage SOAR platforms and threat intelligence tools to enhance detection capabilities and streamline responses. Collaboration & Communication: Work closely with senior analysts and clients to keep security operations running smoothly. The Ideal Profile More ❯

attack sources, techniques, tactics, and procedures (TTPs), and assess attack scope. Document attack chain details and update detection capabilities accordingly. Maintain monitoring effectiveness by creating and updating SIEM/SOAR playbooks, adapting to evolving TTPs. Use intrusion analysis skills to contribute to new detection techniques and research industry capabilities. Coordinate with government or commercial security operation centers for root cause More ❯