24 of 24 SOAR Jobs in the South East

and attack preparedness. Manage and maintain the suite of Cyber Security tools and platforms to enable effective prevention and detection of cyber threats. Drive security orchestration, automation, and response (SOAR) solutions for systems and operational playbooks to enable efficient discovery of security events and response actions. Produce relevant and accurate … CAF) and ISA/IEC 62443, ISO/IEC 27001/27002, GDPR. Working knowledge of security technologies including but not limited to SIEM, SOAR, EDR, AV, IDS/IPS, NAC, AD, DLP, Web Filtering, Email Filtering, Behavioural Analytics. Knowledge of adversarial tactics, techniques, procedures (TTPs) and industry … standard frameworks (Mitre ATT&CK). Practical experience of incident response governance (lifecycles, frameworks, incident handling, etc.) and developing incident response playbooks/processes, Security Orchestration, Automation and Response (SOAR), running red-team exercises and tabletop crisis war games. Working knowledge of SIEM and SOAR solutions, Identity and Access Management More ❯

software delivery lifecycle. A key part of this position will also involve mentoring an internal engineer, developing structured security policies, and managing Sentinel, Defender and SOAR solutions for automated threat response. Additionally, the role requires liaising with third-party support partners to coordinate security solutions, manage incidents, and enhance overall … stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration … for post-contract continuity. Required Strong expertise in Azure cloud security, Microsoft Defender, and Microsoft Sentinel. Proven experience in SOAR technologies for security automation and response orchestration. Hands-on experience with penetration testing, vulnerability assessments, and security scanning. Experience implementing and managing WAF, IPS, and DNS security solutions. Extensive experience More ❯

You'll Bring 5+ years in cybersecurity operations, with at least 2 years in a leadership role Strong hands-on knowledge of SIEM, EDR, SOAR, IDS/IPS, Firewalls, and cloud security Deep understanding of MITRE ATT&CK, NIST, ISO 27001, CIS frameworks Proven experience in incident response, threat intelligence More ❯

You’ll Bring 5+ years in cybersecurity operations, with at least 2 years in a leadership role Strong hands-on knowledge of SIEM, EDR, SOAR, IDS/IPS, firewalls, and cloud security Deep understanding of MITRE ATT&CK, NIST, ISO 27001, CIS frameworks Proven experience in incident response, threat intelligence More ❯

Looking For 5+ years’ experience in a SOC or cybersecurity operations role, including 2+ years in a leadership position . Strong understanding of SIEM, SOAR, EDR, IDS/IPS, and firewall technologies. Experience in incident response, threat intelligence, and forensic analysis . Proficiency in security frameworks like MITRE ATT&CK More ❯

Looking For 5+ years’ experience in a SOC or cybersecurity operations role, including 2+ years in a leadership position . Strong understanding of SIEM, SOAR, EDR, IDS/IPS, and firewall technologies. Experience in incident response, threat intelligence, and forensic analysis . Proficiency in security frameworks like MITRE ATT&CK More ❯

effective security operations processes, ensuring continuous improvement across security tools and services. • Support an effective security operations environment using tools such as Microsoft Sentinel, SOAR, EDR/XDR, and PAM. • Achieve reductions in repetitive alerts and improve the time taken to investigate and resolve incidents. Proactive Risk Remediation: • Identify, analyse More ❯

within the Azure ecosystem, and be proficient in using Microsoft Sentinel as a SIEM (Security Information and Event Management) and SOAR (Security Orchestration, Automation, and Response) tool. Additionally, expertise in Microsoft Defender for Endpoint, Microsoft Defender for Cloud, and experience as a SOC (Security Operations Center) Analyst is essential. Additional More ❯

be responsible for detecting, responding and mitigating cyber-attacks on our clients customers networks within their Security Operations Centres using a combination of our SOAR, Elastic and the Microsoft XDR ecosystem to deliver effective and appropriate defences for our client. Previus experience with Sentinel 1 would be highly benefitial. This More ❯

cloud security services (Defender for Cloud, Azure Sentinel, Key Vault, APIM) Strong advocate of Zero Trust models and secure development practices Experienced in SIEM & SOAR, ideally with tools like Rapid7 Excellent communicator with the ability to influence at all levels Passionate about cloud innovation and continuous security improvement Microsoft Azure More ❯

cloud security services (Defender for Cloud, Azure Sentinel, Key Vault, APIM) Strong advocate of Zero Trust models and secure development practices Experienced in SIEM & SOAR, ideally with tools like Rapid7 Excellent communicator with the ability to influence at all levels Passionate about cloud innovation and continuous security improvement Microsoft Azure More ❯

partners and customers. Familiarity with current security technologies including one or more of the following: Next-Generation Anti-virus, Endpoint Detection and Response (EDR), Security Orchestration, Automation, and Response (SOAR), Security Information and Event Management (SIEM, particularly Splunk and/or Splunk Cloud), firewalls, and other core security products. (e.g. More ❯

workshops, represent the project at key meetings such as the ADF, TDAs etc. • Represent the project across all technical discussions relating to Splunk, Onboarding, SOAR, Attack Analyzer etc. Essential: • An active SC Clearance is an essential requirement for this role, as a minimum you must be willing & eligible to undergo More ❯

SQS queues etc. Attend technical workshops and represent the project at key meetings. Represent the project across all technical discussions relating to Splunk, Onboarding, SOAR, Attack Analyzer etc. Essential: SIEM Engineering and Architecture skills, specifically in Splunk SaaS. Full end-to-end experience of the delivery lifecycle for improvements to More ❯

helping customers get the most out of the platform’s capabilities. If you’ve got solid knowledge of the cyber ecosystem (think SIEM, EDR, SOAR, AD, firewalls, etc.) and a knack for digging into insider threat scenarios, read on. What you’ll be doing: Leading threat detection and response projects More ❯

and regulations to support the organisational objectives The experience and skills you need Proficiency in security domains, tools and technologies such as DLP, SIEM, SOAR and Vulnerability Management Good working knowledge of network security, firewalls, threat management, endpoint detection and response Ability to identify, assess, and mitigate security risks and More ❯

procedures. Requirements: 7+ years in SOC leadership roles. Proven experience designing and operating Security Operations Centers. Hands-on experience with SIEM platforms Expertise implementing SOAR and Threat Intelligence solutions. More ❯

objectives Skills and experience we are looking for in our Information Security Officer: Proficiency in security domains, tools and technologies such as DLP, SIEM, SOAR and Vulnerability Management Good working knowledge of network security, firewalls, threat management, endpoint detection and response Ability to identify, assess, and mitigate security risks and More ❯

objectives Skills and experience we are looking for in our Information Security Officer: Proficiency in security domains, tools and technologies such as DLP, SIEM, SOAR and Vulnerability Management Good working knowledge of network security, firewalls, threat management, endpoint detection and response Ability to identify, assess, and mitigate security risks and More ❯

risk management Information and security operational incident management Direct management and development of 24 7 SOC Team Incident investigation including root cause analysis, SIEM, SOAR, EDR Act as security incident manager for major security incidents (internal and external) Security assurance activities Quality & Compliance Maintain Cyber Essentials accreditations Maintain internal and More ❯

within an MSP environment, with a strong understanding of managed security services. Technical Expertise: Hands-on experience with security technologies such as SIEM, EDR, SOAR, vulnerability and exposure management tooling, threat intelligence, and data security solutions. Pre-Sales & Consulting Experience: Proven experience in a pre-sales, solution consulting, or technical More ❯

Refine and tune SIEM tools to reduce false positives and detect more sophisticated threats, ensuring optimal alert configurations. Automating Response Actions: Develop and improve SOAR playbooks to automate repetitive tasks and enhance the incident response process. Collaboration: Work closely with onshore teams to fine-tune alert volumes and contribute ideas … Defender, FireEye), IDS/IPS, firewalls, proxies, web application firewalls, and anti-virus technologies. Strong knowledge of Linux and Windows operating systems. Familiarity with SOAR technologies (e.g., IBM Resilient, Splunk Phantom, SIEMplify) and cloud platforms (e.g., AWS, Azure, O365). Experience investigating intrusions in Linux and cloud environments. Proficiency in More ❯

OT monitoring solutions. Build OT-specific detection and response capabilities, including custom playbooks. Technology Implementation Oversee global deployment of SIEM (e.g., Splunk, Graylog, Wazuh), SOAR, EDR, and Threat Intel platforms. Vendor & Team Management Act as the primary contact for the outsourced SOC provider; manage SLAs and vendor performance. Build and … NIST, ISO, GDPR). Stay ahead of evolving cyber threats and trends. Ideal Candidate Strong Linux and open-source experience. Technical expertise with SIEM, SOAR, EDR, and OT protocols Familiar with SCADA/ICS environments and MITRE ATT&CK framework. Skilled in incident response, threat hunting, SLA management, and executive More ❯

in creation and maintenance of security processes, playbooks, and documentation to standardise SOC operations. Design and implement automation workflows and integrations using Logic Apps, SOAR platforms, and scripting to enhance SOC efficiency. Assist in the monitoring and investigation of security alerts when required, supporting the SOC team. Contribute to the … security monitoring. Experience in developing KQL queries, custom detection rules. Familiarity with automation and integration tools such as Logic Apps, Power Automate, or other SOAR platforms. Knowledge of cloud security, particularly Azure, AWS, and Google Cloud. Excellent documentation skills and process-building capabilities. Great communication skills and ability to work More ❯