24 of 24 SOAR Jobs in England

and remediation actions in coordination with senior engineers and incident response leads. Develop and refine detection content, queries and automated workflows within SIEM/SOAR tooling. Provide customers with clear incident summaries, technical explanations and remediation guidance. Identify emerging threats and document relevant tactics, techniques, and procedures. Support structured threat ...

Runbook development Working knowledge of detection engineering, false positive improvements Capability to tune SIEM rules or create custom detections Scripted automation experience e.g. Python, SOAR, PowerShell Threat modelling and Hunting methodologies ...

Runbook development Working knowledge of detection engineering, false positive improvements Capability to tune SIEM rules or create custom detections Scripted automation experience e.g. Python, SOAR, PowerShell Threat modelling and Hunting methodologies ...

security configuration. Experience of security automation. Knowledge of information security concepts and technologies such as IDS, email gateways and desktop security products, SIEM and SOAR platforms, web application firewalls and vulnerability management tools. Experience of SIEM toolsets including the ELK stack essential. Software development abilities at a senior developer level. ...

follows and complies with IT and Information Security policies and regulatory standards. Help configure and keep current the integration of IAM technologies with SIEM, SOAR, Service Desk and other tools. Work closely with relevant vendors to ensure optimised use of the supplied technologies and professional services. Serve as an escalation ...

and Terraform Technologies AWS, GCP, Azure and private Data Centers Kubernetes, Helm, Flux Distributed systems, mostly Golang based with CockroachDB and NATS SIEM/SOAR, EDR, CNAPP, and a suite of open source tools with custom integrations This is a fully remote role, please email your CV to apply ...

. • Experience implementing zero-trust architectures and identity-driven security models. • Knowledge of monitoring platforms such as Azure Monitor, Sentinel, or enterprise SIEM/SOAR tools. • Experience with backup, DR, and business continuity solutions. • Certification in Microsoft, Azure, or ITIL. Personal Attributes • Clear communicator with the ability to translate technical ...

rules, designing segmentation at multiple layers (macro/meso/micro), and integrating identity based controls. Strong background in logging/monitoring, SIEM/SOAR integration, and building operational metrics. Proficiency with capacity planning, performance tuning, and platform visibility tooling. Excellent documentation skills; able to produce architecture artefacts, standards, and ...

Integrate security controls into Terraform and other IaC workflows Champion shift-left practicesenabling developers to self-remediate issues during build and coding stages Build SOAR playbooks to automate response and remediation workflows Experience Requirements 3+ years in Cybersecurity and CNAP-focused roles Deep AWS security expertise: IAM, Organizations, SCPs, cloud ...

security controls into Terraform and other IaC workflows Champion shift-left practices—enabling developers to self-remediate issues during build and coding stages Build SOAR playbooks to automate response and remediation workflows Experience Requirements 3+ years in Cybersecurity and CNAP-focused roles Deep AWS security expertise: IAM, Organizations, SCPs, cloud ...

define and measure control effectiveness Required Skills & Experience Certifications: AZ-500, SC-200, SC-900, CompTIA Security+, CISSP, GCIA, GCIH, GCFA, CCSP Experience with SOAR playbooks, YARA rules, STIX, and YAML Participation in red/purple team exercises. Please apply within for further details - Alex Reeder Harvey Nash 3+ years … Proxy, and SEG tools Desirable Qualifications Certifications: AZ-500, SC-200, SC-900, CompTIA Security+, CISSP, GCIA, GCIH, GCFA, CCSP Experience with SOAR playbooks, YARA rules, STIX, and YAML Participation in red/purple team exercises. Please apply within for further details - Alex Reeder Harvey Nash To From Record ...

CSPM, and CWP. Automation & Integration : Using Sentinel Graph, Microsoft Graph Security API, playbooks, Logic Apps, Power Automate. Threat Management : SIEM for detection, response, hunting; SOAR workflow design; KQL queries, custom rules, UEBA. Identity & Access Security : Entra ID, Conditional Access, Identity Protection, PIM. Email Security : Microsoft Defender for O365, Darktrace … detection and response. Understanding of compliance standards (ISO 27001, NIST CSF, GDPR, SOC 2). Familiarity with third-party integrations (e.g., Threat Intelligence Platforms, SOAR tools, Security APIs). Certifications (Preferred): Microsoft SC-100, AZ-500, SC-200, SC-300. CISSP, CCSP. Benefits - GB: Enjoy a benefits package designed ...

Microsoft Security (Defender, Sentinel, Purview, Entra) and integrate Qualys vulnerability management for continuous threat detection and remediation. Automate & Innovate: Lead the charge on automation (SOAR, IaC, workflow automation) and embed Gen AI into security operations, threat intelligence, and reporting. Set Standards: Develop and enforce security architecture standards, governance, and best … would also be of interest: Certifications in automation/cloud (Azure Solutions Architect, Terraform, GIAC), vulnerability management (Qualys, ISO 27001, NIST). Experience with SOAR, SIEM, XDR, and cloud-native security (especially Azure). Pre-sales or solution architecture exposure. What can we offer you? Through ...

members of the team to protect the client's systems against cyber threats. Lead in the identification and the creation, maintenance and troubleshooting of SOAR playbooks, automations and enrichments. Apply critical thinking to solve unique problems in the information security space. Enhancing the processes around interacting with large datasets … framework. Good knowledge of enterprise computing technologies. Skills Understanding of enterprise networking and computing Knowledge of Python 3 programming language Demonstrable experience in using SOAR tooling and its application Application of data science against large datasets involving unstructured data and designing data models Knowledge of using SIEM platforms to identify ...

identity and access, network, system, data, application, cloud and multiple product types. Proficiency in data analysis and scripting languages (e.g., PowerShell, Python). Strong Security Orchestration, Automation and Response (SOAR) knowledge. Team leadership experience with great collaboration and stakeholder management skills ...

understanding of how warehouses operate and how security needs to align with operational processes. Key focus areas: Lead senior-level Incident Response (SIEM/SOAR) Act as escalation point for complex incidents Shape OT-aligned security controls and playbooks Collaborate closely with warehouse and logistics teams Drive preventative security and ...

Technical Experience Proven experience as a Security SME/Security Architect in complex enterprise environments Deep hands-on expertise with: Microsoft Sentinel (SIEM/SOAR) Microsoft Defender for Endpoint & Servers Microsoft Defender for Identity Microsoft Defender for Cloud Apps (CASB) Microsoft Defender for Office 365 Strong understanding of: Identity-centric ...

Operations Centre (SOC). This role is perfect for someone who thrives on solving complex technical challenges, enjoys working with tools like Splunk and SOAR, and wants to contribute to a mission that truly matters. Salary : Circa £50,000 – £60,000 depending on experience Dynamic (hybrid) working :2 days … subject matter expert (SME) for Splunk across all cyber security and observability use cases. Lead SOC automation initiatives using scripting and SOAR tools, optimising processes through AI and ML technologies. Support alert tuning, connectivity, and visibility across monitored networks and infrastructure. Maintain and document SOC integrations, ensuring accurate configuration and ...

Operations Centre (SOC). This role is perfect for someone who thrives on solving complex technical challenges, enjoys working with tools like Splunk and SOAR, and wants to contribute to a mission that truly matters. Salary : Circa £50,000 - £60,000 depending on experience Dynamic (hybrid) working :2 days … subject matter expert (SME) for Splunk across all cyber security and observability use cases. Lead SOC automation initiatives using scripting and SOAR tools, optimising processes through AI and ML technologies. Support alert tuning, connectivity, and visibility across monitored networks and infrastructure. Maintain and document SOC integrations, ensuring accurate configuration and ...

Operations Centre (SOC). This role is perfect for someone who thrives on solving complex technical challenges, enjoys working with tools like Splunk and SOAR, and wants to contribute to a mission that truly matters. Salary : Circa £50,000 - £60,000 depending on experience Dynamic (hybrid) working :2 days … subject matter expert (SME) for Splunk across all cyber security and observability use cases. Lead SOC automation initiatives using scripting and SOAR tools, optimising processes through AI and ML technologies. Support alert tuning, connectivity, and visibility across monitored networks and infrastructure. Maintain and document SOC integrations, ensuring accurate configuration and ...

technical scoping, bid responses, service demonstrations, and stakeholder presentations Essential Duties Security Platform Deployment & Optimisation Deploy, configure, and tune SOC technologies across SIEM, EDR, SOAR, and log pipeline tooling Develop and maintain documentation to support repeatable, high-quality delivery Customer Engagement & Delivery Lead the implementation of engineering workstreams, balancing customer … choices and balances customer needs with service feasibility Critical Competencies – Technical Fit Security Tooling & Architecture – Deep understanding of SOC-aligned technologies across SIEM, EDR, SOAR, log pipelines, and detection tooling. Telemetry and Log Management – Ability to design and deliver scalable architectures for data ingestion, correlation, and automation Networking & Infrastructure – Strong ...

leading the build, configuration, and integration across a vast environment. Your expertise will be crucial in defining security requirements, integrating with SIEM/SOAR platforms like Splunk, and ensuring successful deployment to Windows and RHEL endpoints. SentinelOne Architect/SME Essential Skills: Proven experience designing and deploying SentinelOne specifically within … produce high-quality HLDs and LLDs Hands-on experience with on-premises infrastructure, including virtualisation, networking, and storage Experience integrating SentinelOne with SIEM/SOAR solutions Experience deploying to both Windows and RHEL endpoints Eligibility for SC Security Clearance To be considered: Please either apply through this advert or emailing ...

looking to recruit an experienced Microsoft Cyber Security Analyst who has a wealth of practical experience with Sentinel, Defender and SOAR Automation with a good understanding of applying Cyber Security tools in a Microsoft based Cloud infrastructure. In this role you will be a key member of the team responsible … clients digital infrastructure. As the Microsoft Cyber Security Analyst you will responsible for the implementation, configuration and optimisation of Microsoft Sentinel, Microsoft Defender and SOAR Playbook automation and deployment. You will also need to be proficient in the use of KQL. In this role you will be the Microsoft Cyber ...

looking to recruit an experienced Microsoft Cyber Security Analyst who has a wealth of practical experience with Sentinel, Defender and SOAR Automation with a good understanding of applying Cyber Security tools in a Microsoft based Cloud infrastructure. In this role you will be a key member of the team responsible … clients digital infrastructure. As the Microsoft Cyber Security Analyst you will responsible for the implementation, configuration and optimisation of Microsoft Sentinel, Microsoft Defender and SOAR Playbook automation and deployment. You will also need to be proficient in the use of KQL. In this role you will be the Microsoft Cyber ...