1 to 25 of 46 SOAR Jobs in the UK

personal to all of us.” – Julie Sweet, Accenture CEO As a Security Automation Engineer: You will be responsible for developing and optimising Security Orchestration, Automation and Response (SOAR) toolsets. The Security Automation Engineer (SOAR) will drive the maturation of Accenture’s Security Operation Centre (SOC) offerings, integrating security technologies and … security operations or network/infrastructure engineering. We are looking for the following skills and experience: Hands-on experience of developing playbooks with Security Orchestration, Automation and Response (SOAR) platforms, such as Palo Alto XSOAR, Splunk Phantom, Google SecOps SOAR, Microsoft Sentinel (Azure Logic Apps). Knowledge of interacting with ...

Essential but a Bonus) Terraform/Ansible (desirable, not required) Cloud security exposure (Azure, AWS, GCP) Threat intel platform experience Experience tuning SIEM/SOAR playbooks CI/CD pipeline security (GitHub Actions, Jenkins, GitLab) Digital forensics knowledge Certifications: Security+, CySA+, GCIH, GCIA, CISSP, CISM, OSCP, CCSP ...

Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic investigations. Infrastructure Hardening: Enforce secure baselines across virtualized environments (VMware/ ...

developing and maintaining IT/OT vulnerability management programs and processes. This role performs and leads important tasks specialized at threat hunting, SIEM/SOAR, Network Security and other operational security tasks such as performance and availability monitoring, log monitoring, security incident detection and response, security event reporting, and content ...

Center (MSSP) to ensure high‐fidelity alerting and low Mean Time to Resolve (MTTR). Tooling Optimization : Own the security stack (SIEM, EDR, XDR, SOAR). Ensure tools are integrated, automated, and providing maximum ROI rather than just generating “noise.” Automation : Drive a “Detection as Code” philosophy to automate repetitive ...

with NCC Group to enhance Splunk dashboards, alerts, and detections Act as the technical escalation point for high-severity security incidents Develop automation and SOAR workflows to improve response effectiveness Conduct proactive threat hunting activities Mentor and upskill the internal security team across tools and threat analysis Skills & Experience Required ...

models. Incident Response: Act as the technical escalation point for high-priority incidents, utilizing EDR and SIEM tools for rapid containment. Automation & Hunting: Develop SOAR workflows to improve response times and proactively hunt for undetected malicious activity. Upskilling: Directly train the existing team in CrowdStrike, Splunk, and advanced security analysis. ...

models. Incident Response: Act as the technical escalation point for high-priority incidents, utilizing EDR and SIEM tools for rapid containment. Automation & Hunting: Develop SOAR workflows to improve response times and proactively hunt for undetected malicious activity. Upskilling: Directly train the existing team in CrowdStrike, Splunk, and advanced security analysis. ...

deployment, configuration, and optimisation Design and enhance Splunk SIEM dashboards, alerts, and data models Act as an escalation point for major cyber incidents Develop SOAR automation workflows to improve response times Conduct proactive threat hunting using advanced queries Work closely with SOC partner to optimise security operations Provide training and ...

models Act as a senior escalation point for high-priority security incidents, supporting containment and remediation using EDR and SIEM tooling Develop and implement SOAR automation workflows to streamline detection and response processes Conduct proactive threat hunting activities using advanced queries and behavioural analytics Support capability uplift by training and ...

related services. Integrate security into DevOps pipelines, CI/CD, infrastructure-as-code, and container workflows. Automate threat detection and response using Microsoft Sentinel SOAR, custom playbooks, and telemetry pipelines. Platform Security Oversight Own and optimise endpoint security through Intune, ensuring device compliance and integration with Zero Trust. Harden ...

and automates cross-domain workflows. SIR: Focuses on cyberattack life cycle management-identification, containment, eradication, recovery, and lessons learned. * Integrations: SecOps: Integrates with SIEM, SOAR, vulnerability scanners, and ITSM for a unified security posture. SIR: Integrates with threat detection tools (eg, Splunk, CrowdStrike) to ingest alerts and trigger incident workflows3. ...

Response: Act as escalation point for high-priority incidents, driving rapid containment Threat Hunting: Proactively identify hidden threats using advanced queries and telemetry Automation (SOAR): Build workflows to streamline response and reduce manual effort Capability Building: Upskill internal teams across CrowdStrike, Splunk, and security analysis Required Experience 5+ years ...

incidents in a mid to large enterprise or MSSP environment. Strong understanding of attack methodologies, malware behaviour, and adversary TTPs. Experience with SIEM, EDR, SOAR, threat intel platforms, and forensic tools. Deep knowledge of IR frameworks: Ability to make clear decisions under pressure and command multi disciplinary response teams. Excellent ...

working directly with security tooling in live environments Cloud security (Microsoft 365, Azure, AWS) Strong technical exposure to security tooling, such as: SIEM/SOAR, EDR/XDR, vulnerability scanners, patch management, CASB, DLP Desirable experience: Microsoft Defender, Purview and M365 E5 security capabilities Privileged Access Management (PAM) tooling Background ...

Previous experience in a SOC or security operations role Strong knowledge of cyber attack techniques and defence strategies Experience with SIEM, EDR, XDR, and SOAR platforms Networking fundamentals including firewalls and protocols Strong analytical and problem-solving ability Certifications (Desirable) Microsoft SC-200 CompTIA Security+ Blue Team Labs Level ...

Previous experience in a SOC or security operations role Strong knowledge of cyber attack techniques and defence strategies Experience with SIEM, EDR, XDR, and SOAR platforms Networking fundamentals including firewalls and protocols Strong analytical and problem-solving ability Certifications (Desirable) Microsoft SC-200 CompTIA Security+ Blue Team Labs Level ...

design and enhance Splunk dashboards, alerts, and data models Act as escalation point for high-severity incidents, driving rapid detection and response Develop SOAR workflows to automate and streamline security operations Conduct proactive threat hunting to identify hidden risks Upskill internal teams in CrowdStrike, Splunk, and security analysis best practices ...

design and enhance Splunk dashboards, alerts, and data models Act as escalation point for high-severity incidents, driving rapid detection and response Develop SOAR workflows to automate and streamline security operations Conduct proactive threat hunting to identify hidden risks Upskill internal teams in CrowdStrike, Splunk, and security analysis best practices ...

CISM, AWS Security Specialty or ISO 27001 Lead Implementer. Experience with WAF and bot management in a production e-commerce context. Familiarity with SIEM, SOAR or security automation tooling. Exposure to ISO 27001 implementation or SOC 2 readiness programmes. Experience with multi-cloud security across Azure and GCP. Background ...

needed. Skills & Experience Required: 3+ years of experience as a SOC/Security Engineer within a cloud environment Experience with a range of SIEM, SOAR and vulnerability management tools Experience advising on security best practices and developing SOC playbooks Networking and infrastructure experience, including with Firewalls and IDS/ ...

Security Alerts, Security Incident Management, SIEM, Defender, Cofense, Azure, Email Security, Conditional Access Policies, User Authentication, EDR, Playbooks Security Assessment, Vulnerability Analysis, Risk Analysis, SOAR Type: Contract, Daily Rate Pay Rate: £350 - £380 per day (Inside IR35) Location: Remote (UK Only) Start: ASAP/Urgent Duration: 6+ Months Cyber Security ...

such as ISO 27001, NIST, and CIS controls Optimise solutions post-deployment (performance tuning, alert optimisation, capacity planning) Integrate security tooling with SIEM/SOAR, ITSM, and automation platforms Mentor junior engineers and contribute to team capability development Support pre-sales activities including solution design, customer engagement, and documentation (SoWs ...

follows and complies with IT and Information Security policies and regulatory standards. Help configure and keep current the integration of IAM technologies with SIEM, SOAR, Service Desk and other tools. Work closely with relevant vendors to ensure optimised use of the supplied technologies and professional services. Serve as an escalation ...

technical escalation point for high-priority security incidents, utilizing EDR and SIEM tools for rapid containment. Automation: Develop "SOAR" workflows (Security Orchestration, Automation, and Response) to reduce manual intervention and improve response times. Threat Hunting: Proactively search for undetected malicious activity using specialized queries. Training . Build up the Crowdstrike ...