17 of 17 SOAR Jobs in London

Essential but a Bonus) Terraform/Ansible (desirable, not required) Cloud security exposure (Azure, AWS, GCP) Threat intel platform experience Experience tuning SIEM/SOAR playbooks CI/CD pipeline security (GitHub Actions, Jenkins, GitLab) Digital forensics knowledge Certifications: Security+, CySA+, GCIH, GCIA, CISSP, CISM, OSCP, CCSP ...

Bring... 5-8 years’ experience in a security operations, incident response, or detection engineering role Strong familiarity with security monitoring platforms such as SIEM, SOAR, and threat intelligence tooling Experience writing or tuning detection logic, ideally using KQL or similar query languages Practical exposure to threat hunting and analysing security ...

Demonstrable experience with IP-based networks, WAN technologies, Windows/Linux environments, and virtual server technologies. Modern Solutions: First-hand experience with SIEM solutions, SOAR workflows, and EDR technologies like Microsoft Defender. ...

ServiceNow SecOps modules including Security Incident Response, Vulnerability Response, Threat Intelligence, and Configuration Compliance. Lead integration of ServiceNow with key cybersecurity tools: SIEM, SOAR, EDR, CMDB, threat intelligence platforms, and OT/ICS systems. Collaborate across cybersecurity, IT, engineering, and energy operations to define secure workflows and automation for vulnerability ...

follows and complies with IT and Information Security policies and regulatory standards. Help configure and keep current the integration of IAM technologies with SIEM, SOAR, Service Desk and other tools. Work closely with relevant vendors to ensure optimised use of the supplied technologies and professional services. Serve as an escalation ...

Integrate security controls into Terraform and other IaC workflows Champion shift-left practicesenabling developers to self-remediate issues during build and coding stages Build SOAR playbooks to automate response and remediation workflows Experience Requirements 3+ years in Cybersecurity and CNAP-focused roles Deep AWS security expertise: IAM, Organizations, SCPs, cloud ...

responsibilities include managing MaiServers, Firewalls and Microsoft Gateways. You will be involved in Managing WAF/DDoS, web/email security gateways, SIEM/SOAR/EDR (alert response), firewalls, MFA/SSO, MDM/MAM, vulnerability scans/remediation, security certificates, IDS/IPS, PAM, and deliver security awareness ...

Centres (SOC), including leadership or managerial responsibilities. Strong technical knowledge of SIEM platforms such as LogRhythm, Splunk, Microsoft Sentinel, or similar. Experience working with SOAR, EDR/XDR, and threat detection technologies. Strong understanding of incident response frameworks and cybersecurity best practices. Experience managing security incidents, investigations, and response coordination. ...

security operations. Develop, optimise, and tune KQL queries for detection engineering and threat hunting. Review and enhance security configurations across cloud and SIEM/SOAR platforms. Manage engagements through architecture, deployment, tuning, documentation, and customer enablement. Identify security gaps and recommend improvements across logging, identity, endpoint hardening, cloud posture, and … misconfigurations and optimisation of security deployments. Leverage scripting, APIs, and automation to streamline repeatable tasks. Integrate firewalls, EDR platforms, logging pipelines, and SIEM/SOAR tooling. Customer & Collaboration Act as a trusted technical advisor to security and engineering stakeholders. Communicate complex technical concepts clearly to both technical and non-technical ...

documents for security solutions. Strong understanding of Security Operations/SOCs. Hyperscaler experience (AWS, Azure, GCP); Professional Cloud Architect cert preferred. SIEM/SOAR tooling (e.g., Google SecOps/Chronicle). EDR/XDR/NDR experience (e.g., Crowdstrike , Corelight, Microsoft Defender XDR). What's on Offer Permanent ...

define and measure control effectiveness Required Skills & Experience Certifications: AZ-500, SC-200, SC-900, CompTIA Security+, CISSP, GCIA, GCIH, GCFA, CCSP Experience with SOAR playbooks, YARA rules, STIX, and YAML Participation in red/purple team exercises. Please apply within for further details - Alex Reeder Harvey Nash 3+ years … Proxy, and SEG tools Desirable Qualifications Certifications: AZ-500, SC-200, SC-900, CompTIA Security+, CISSP, GCIA, GCIH, GCFA, CCSP Experience with SOAR playbooks, YARA rules, STIX, and YAML Participation in red/purple team exercises. Please apply within for further details - Alex Reeder Harvey Nash To From Record ...

develop their cyber security operations capability. The role will oversee SOC operations, threat detection, and incident response, while driving improvements across security monitoring, automation, and response processes. Key experience required: Strong experience in cyber security operations Strong experience of leading or mentoring SOC teams Strong knowledge of incident response and … threat detection Experience with SIEM platforms such as LogRhythm, Splunk, or Microsoft Sentinel Familiarity with SOAR platforms, EDR/XDR tools (eg CrowdStrike, Defender, SentinelOne) and cloud security monitoring across Azure, AWS, or GCP Understanding of frameworks such as National Institute of Standards and Technology guidance, International Organization for Standardization ...

develop their cyber security operations capability. The role will oversee SOC operations, threat detection, and incident response, while driving improvements across security monitoring, automation, and response processes. Key experience required: Strong experience in cyber security operations Strong experience of leading or mentoring SOC teams Strong knowledge of incident response and … threat detection Experience with SIEM platforms such as LogRhythm, Splunk, or Microsoft Sentinel Familiarity with SOAR platforms, EDR/XDR tools (eg CrowdStrike, Defender, SentinelOne) and cloud security monitoring across Azure, AWS, or GCP Understanding of frameworks such as National Institute of Standards and Technology guidance, International Organization for Standardization ...

cause analysis, and implement lessons learned Maintain and enhance incident response playbooks aligned to industry frameworks Security Technology Oversight Provide operational oversight for SIEM, SOAR and EDR technologies Work with detection engineering teams to improve use cases and correlation rules Support onboarding of log sources and optimisation of detection capabilities … Skills Required 10+ years experience in cybersecurity operations 3+ years in SOC leadership/SOC management roles Strong hands-on knowledge of SIEM, SOAR and EDR technologies Experience with tools such as LogRhythm, Splunk, Microsoft Sentinel, Securonix Understanding of incident response frameworks and SOC operating models Experience working in enterprise ...

Incident Response (SIR), Vulnerability Response (VR), Threat Intelligence, and Configuration Compliance . Design and deliver integrations between ServiceNow and cybersecurity tools such as SIEM, SOAR, EDR platforms, threat intelligence feeds, and CMDB. Collaborate with cybersecurity, IT operations, and engineering teams to design secure workflows for incident response, vulnerability management, and … ServiceNow workflows, scripting, CMDB, Discovery, and integrations (REST/SOAP, MID Server) . Experience integrating ServiceNow with third-party cybersecurity platforms such as SIEM, SOAR, and endpoint security tools. Strong stakeholder engagement skills with the ability to work across security leadership, IT teams, and enterprise architects . Familiarity with security ...

requirements Create and refine SIEM correlation rules, dashboards, and reports to enhance proactive threat detection and monitoring Build, deploy, and maintain automated playbooks across SOAR and related security platforms Integrate threat intelligence sources, security tools, and custom logic into automated workflows Continuously tune and optimise SIEM rules and SOAR playbooks … improve detection accuracy and reduce false positives Integrate internal and third-party systems with SIEM and SOAR platforms using APIs and custom connectors Support ongoing sprint activities, daily progress updates, and ad-hoc engineering tasks to improve SOC service delivery Contribute to post-incident reviews by developing new detections and ...

Role: SOC -Security Platform Engineer Location: London Salary: Competitive salary and package dependent on experience Career Level: Specialist Please Note: Any offer of employment is subject to satisfactory BPSS and the candidate being granted a ...