14 of 14 SOAR Jobs in the South East

experience in cybersecurity or information security roles Strong understanding of network protocols, operating systems and enterprise security technologies Experience implementing and managing SIEM and SOAR platforms Knowledge of cybersecurity frameworks such as NIST, ISO27001, CIS benchmarks and Cyber Essentials Experience with threat intelligence frameworks such as MITRE ATT&CK and ...

enabling telemetry, and making technical changes where required Deploy and tune detection rules, improving alert quality and reducing false positives Support automation initiatives (e.g. SOAR, LogicApps) to drive operational efficiency Collaborate with SOC providers and internal teams on platform performance, log ingestion, and ongoing improvements Maintain clear documentation and operate ...

segmentation VPN technologies Network monitoring and performance management Cloud networking and hybrid environments IDS/IPS technologies Secure network architecture principles Knowledge of SIEM, SOAR, endpoint security, vulnerability management, and threat intelligence platforms. Understanding of modern cyber threats, attack techniques, and defensive security controls. Desirable Qualifications ISO 27001 Lead Implementer ...

segmentation VPN technologies Network monitoring and performance management Cloud networking and hybrid environments IDS/IPS technologies Secure network architecture principles Knowledge of SIEM, SOAR, endpoint security, vulnerability management, and threat intelligence platforms. Understanding of modern cyber threats, attack techniques, and defensive security controls. Desirable Qualifications ISO 27001 Lead Implementer ...

enrichment, and define standardised and automated containment workflows. Develop and manage operational procedures and reporting methodology. Manage and oversee security technology platforms (e.g. SIEM, SOAR, EDR, and email security). Monitor ongoing control performance and coordinate remediation where gaps are found. Automate operation procedures and reporting processes and integrate outputs ...

developing and maintaining IT/OT vulnerability management programs and processes. This role performs and leads important tasks specialized at threat hunting, SIEM/SOAR, Network Security and other operational security tasks such as performance and availability monitoring, log monitoring, security incident detection and response, security event reporting, and content ...

generalist cyber security role. Key Responsibilities Administer and optimise Microsoft Sentinel (or equivalent SIEM), including log ingestion, parsing, normalisation, and retention. Develop and maintain SOAR workflows and automation using Azure Logic Apps, Python, PowerShell, Bash, and KQL. Onboard and manage security telemetry from a range of data sources. Design, implement … procedures. Skills & Experience Experience engineering and supporting SIEM platforms, ideally Microsoft Sentinel. Strong scripting and automation skills (Python, PowerShell, Bash, KQL). Experience with SOAR technologies and security automation. Knowledge of detection engineering and threat hunting. Strong understanding of Windows and Linux logging. Good networking knowledge including TCP/ ...

content lifecycle: design, test, deploy, monitor, tune and retire, using version control and rollback processes. Automate workflows and platform configurations using CI/CD, SOAR, scripting and Infrastructure as Code tools such as Terraform and Ansible. Ensure platform performance, stability and resilience through capacity planning, high availability, disaster recovery and ...

role - current active DV clearance is essential +Inside IR35 +£575 - £630 a day +Corsham/Portsmouth Key Skills: ISO27001 DV Cleareance SIEM/SOAR - Elastic, Trend Micro, Tripwire, Tanium, Clearswift and SolarWinds . We are seeking an experienced Senior SOC Analyst to join a high-performing Cyber Security Operations … security incidents and emerging threats. Conduct forensic investigations and malware analysis, producing actionable intelligence and Indicators of Compromise (IoCs). Tune and enhance SIEM, SOAR, EDR, DLP, email security and intrusion detection technologies. Analyse attacker tactics, techniques and procedures (TTPs) using frameworks such as MITRE ATT&CK. Produce dashboards, reports ...

develop our cyber offering. What Youll Be Doing Analysing security alerts and detections from SOC tools, including SIEM Working with automation and playbooks using SOAR tools Implementing mitigation and remediation activities following cyber incidents Supporting the efficiency and effectiveness of SOC operations Contributing to the development of Rocs cyber products ...

Excellent communication and stakeholder management skills Ability to work independently while contributing to a wider technical team Desirable Experience CrowdStrike certifications Exposure to SIEM, SOAR, XDR or MDR environments Experience with Microsoft Defender, Sentinel, Splunk, Exabeam or similar technologies Background working within a consultancy, MSSP, security vendor or professional services ...

Response: Act as a technical escalation point for high-priority security incidents, employing EDR and SIEM tools for swift containment. Automate Security Processes: Develop Security Orchestration, Automation, and Response (SOAR) workflows to minimise manual intervention and enhance response efficiency. Conduct Threat Hunting: Utilise specialised queries to proactively identify undetected malicious ...

infrastructure. Familiarity with frameworks such as MITRE ATT&CK. Ability to analyse threats and translate them into detection capability. Nice to have: Experience with SOAR (Logic Apps/Splunk SOAR). Detection-as-code or CI/CD pipeline experience. Scripting in PowerShell, Python or similar. Experience with Git-based ...

engineering, cloud security, incident response, vulnerability management, and security architecture.Key Responsibilities Design, implement, and improve security controls across cloud and enterprise infrastructure Enhance SIEM, SOAR, and EDR/XDR capabilities including alerting, tuning, and integrations Build intelligent detection and response workflows Develop automation solutions using scripting and AI-assisted tooling … Monitor emerging threats and recommend improvements to security posture Technical EnvironmentThe team works across a modern cloud-first stack with exposure to: SIEM/SOAR platforms EDR/XDR tooling AWS cloud environments Identity & Access Management Vulnerability Management Security Automation & Scripting CSPM tooling AI-assisted security operations What ...