6 of 6 SOAR Jobs in the North of England

framework Knowledge of network security, Firewalls, VPNs, endpoint security and malware analysis Experience with threat hunting and detection engineering Desirable Experience with SOAR platforms and security automation Scripting experience using PowerShell or Python Cloud security monitoring experience ( Azure preferred ) Relevant certifications such as CySA+, GIAC, GCIH, GCFA or Microsoft ...

working directly with security tooling in live environments Cloud security (Microsoft 365, Azure, AWS) Strong technical exposure to security tooling, such as: SIEM/SOAR, EDR/XDR, vulnerability scanners, patch management, CASB, DLP Good firewall experience Solid understanding of networking fundamentals (TCP/IP, firewall policies, VPNs) Desirable experience ...

remediation, validating fixes, and assisting with reporting. * Develop and maintain playbooks, runbooks, and procedural documentation. Required Skills: * Microsoft Defender XDR * Microsoft Sentinel (SIEM/SOAR) * Privacy Management Solutions (e.g. Purview, OneTrust) * Understanding of key cybersecurity and privacy concepts, such as Threat detection and analysis, Incident response lifecycle, Vulnerability and exposure ...

hybrid environments Oversee patching, upgrades, and platform performance Drive platform improvements and engineering enhancements Support detection engineering, tuning, and platform optimisation Lead automation and SOAR initiatives to improve efficiency Collaborate with SOC providers on SIEM governance and data ingestion Ensure platforms meet regulatory and compliance requirements Maintain engineering documentation, standards ...

Support – Assist with demos, scoping, and proof-of-value activities where required. Core Duties Automation Design & Development Build and maintain workflows across SIEM, EDR, and SOAR platforms Develop reusable scripts, templates, and components Ensure solutions support secure, multi-tenant environments Integration & Response Automation Orchestrate containment, enrichment, and remediation actions Integrate … cloud security, identity, and event-driven automation Strong communication and analytical skills Security clearance (NPPV and/or SC) may be required. Technical Knowledge Security orchestration and automation principles Scripting and integration patterns (APIs, webhooks) SOC detection and response workflows Threat intelligence integration and use case design Cloud and identity ...

guidance and updates Tune detection tools and monitoring systems to reduce false positives and improve accuracy Create and maintain SOC playbooks to support automation and response efficiency Document incidents, investigations, and lessons learned Provide technical guidance and support to Tier 1 analysts The SOC operates 24 hours … security operations environment Strong understanding of cyber threats, attack techniques, and defensive strategies Hands-on experience with SIEM, EDR, XDR, or SOAR security platforms Knowledge of networking fundamentals, including protocols and firewall technologies Experience investigating and responding to security incidents Strong analytical and problem-solving skills with excellent attention ...